Re: RFC2617, was: Straw-man charter for http-bis from lists@ingostruck.de on 2007-06-12 (ietf-http-wg@w3.org from April to June 2007)

From: <lists@ingostruck.de>
Date: Tue, 12 Jun 2007 09:18:21 +0000
To: Henrik Nordstrom <henrik@henriknordstrom.net>
Cc: "ietf-http-wg@w3.org Group" <ietf-http-wg@w3.org>
Message-Id: <200706120918.23355.lists@ingostruck.de>

On Monday 11 June 2007 22:53, Henrik Nordstrom wrote:
> Most people define server to be port specific. http and https uses
> different ports.
Ok, maybe another editorial thing to clarify within rfc2617,
but obviously most implementors share that view.

> > - move MD5-sess to a separate rfc or drop it
> Several got it right.
Maybe several server impls, but most UAs that I tested did not.
On the one hand this leads to a performance penalty for the server
side, because the server needs to calculate the correct digest and
then the broken digest if the correct one does not match.
On the other hand it renders what you call the "target of MD5-sess"
defective: the server *needs* to know H(A1) to calculate the broken
digest.

> How do you do MD5-sess with MD5 for the target of MD5-sess?
Only operate with H(A1) all the time. Only calculate H(A1) once
within the UA. At least for mozilla/firefox I know that the UA really
calculates H(A1) for every single request (!), which is simply waste.

> The target of MD5-sess is to allow Digest to operate without requiring
> the Digest server to have access to the static H(A1) (somewhat security
> sensitive).
No. At least that's not explicated in the spec.
The spec only says that MD5-sess has the following purposes
- allow for "efficient 3rd party authentication servers" (3.2.1)
- prevent that the server needs to know the user's plain text password
  "so that the web server would not need the actual password value" (3.2.2.2)

But it is pointed out, that the server does not need the plain text value
anyway (Note in 3.3, second paragraph).

Of course you are right, that -- if the UAs properly implemented it --
a web server would only need "the session key" passed over from a
"3rd party authentication server".

But the spec says that 
 "The specification of such a protocol is beyond the scope of this
  specification."
so why not just source out the "digest-session" stuff elsewhere
and then specify it properly there?

Kind regards

Ingo

Received on Tuesday, 12 June 2007 08:07:31 UTC