Re: Closing on shared-key authentication from Tom Weinstein on 1996-10-10 (ietf-tls@w3.org from October to December 1996)

From: Tom Weinstein <tomw@netscape.com>
Date: Thu, 10 Oct 1996 12:30:57 -0700
To: Jeff Williams <jwkckid1@ix.netcom.com>
CC: ietf-tls@w3.org
Message-ID: <325D4EF1.63DE@netscape.com>

Jeff Williams wrote:
> 
>>- We aren't just trying to solve a problem for next quarter, we're
>>  trying to generate a security standard for the Internet that will
>>  stand the test of time.  I don't think we should be guided by
>>  short-lived customer requirements.
> 
>   True.  Some of these customer requirnments however will be long
> term and should be reviewed with that in mind.  I am an advocate
> of looking long term myself.  I also believe that some of the
> precieved short term customer requirnments do need attention however,
> otherwise we will have a hard time achieving the long term goals.

You are quite correct.  However, short term customer requirements for
password authentication can be met by using existing authentication
mechanisms in existing protocols.  There is no need to add a mechanism
to TLS when all existing protocols already have a password mechanims.

>>- The only security reason for including password auth in TLS is that
>>  it gains stronger security by having access to strong crypto in the
>>  export case.  I don't think we should include features this major
>>  based solely on brain-damaged US export regulations that will
>>  hopefully soon change.
> 
>   I hope you are right here, Tom.  I am not so sure that those
> regulations will change all that soon.  In the interum however it
> seems necessary to address password auth, for the short term.  I don't
> see how this should or would inpune TLS in any really meaningfull way,
> long term.

Even if you think we'll be limited to 40-bit for export forever, do you
really believe that any password scheme is going to provide better than
40 bits worth of security for authentication?  If you can remember a
password with 40 bits of entropy then you have a better memory than I
do.

As to the lifting of export restrictions, the White House is already
talking about raising the limit to 56 bits, and there is legislation
pending that would lift export restrictions altogether.  I feel very
strongly that an international standard should not be burdened with
major features with such substantial security implications for reasons
of local governmental policy.

-- 
You should only break rules of style if you can    | Tom Weinstein
coherently explain what you gain by so doing.      | tomw@netscape.com

Received on Thursday, 10 October 1996 15:30:55 UTC