RE: Repost of CompuServe Position on Passphrases

>From: 	Phil Karlton[]
>Another problem with using passwords is that it almost invariably allows
>the administrator of the authentication authority to impersonate any
>registered user. It makes accountability highly dubious.

There is no question that there are strong arguments against using
shared-key authentication, as opposed to the public-key variety.  The
question is whether there are arguments *for* using shared-key
authentication.  If there are legitimate arguments in its favor (and I
believe John Macko and others have presented some), then there will
inevitably be particular circumstances in which those arguments will win
out against the drawbacks mentioned by Phil and others.  Since we are
supposed to be developing a general purpose protocol, we should do our
best to accommodate those circumstances.

Once again, the addition of the shared-key authentication feature to TLS
does absolutely *nothing* to anyone who doesn't want to use it,
implement it or support it.  No one I know of is suggesting that it
would be in any way improper to refuse to support this feature in one's
software, machine, installation, enterprise or Web site.  It would be
there for those who (in Phil's opinion are foolish enough to) want to
use it in concert with others in the same frame of mind.  So what on
earth is the big deal?

>				Daniel Simon
>				Cryptographer, Microsoft Corp.

Received on Thursday, 25 July 1996 21:43:25 UTC