- From: Ben Laurie <benl@google.com>
- Date: Fri, 7 Jan 2011 12:14:32 +0000
- To: Yaron Sheffer <yaronf.ietf@gmail.com>
- Cc: Robert Sayre <sayrer@gmail.com>, "Roy T. Fielding" <fielding@gbiv.com>, websec <websec@ietf.org>, "kitten@ietf.org" <kitten@ietf.org>, "http-auth@ietf.org" <http-auth@ietf.org>, "ietf-http-wg@w3.org Group" <ietf-http-wg@w3.org>
On 7 January 2011 08:24, Yaron Sheffer <yaronf.ietf@gmail.com> wrote: > [Culling down the mailing lists] > > Hi Ben, > > No, RFC 4279 should not be used with (a hash of) human-memorable passwords, > because it would be vulnerable to dictionary attacks. See > http://tools.ietf.org/html/rfc4279#section-7.2. SRP, EKE and similar schemes > should be used instead. Fair point, though there seem to be at least political barriers to using SRP, and EKE and friends have other issues. > > Thanks, > Yaron > > On 01/06/2011 05:31 PM, Ben Laurie wrote: > [...] > >> >> >> Two comments (one really being a response to Roy): >> >> 1. The IETF has fixed the problem, but no-one is using the fix - perhaps >> because it is not clear that it is the fix. I speak of RFC 4279, TLS >> pre-shared keys. These could be derived from a hash of the password and >> the site name, for example, and thus provide secure mutual >> authentication despite password reuse. >> > [...] >
Received on Friday, 7 January 2011 12:15:03 UTC