- From: Tom Weinstein <tomw@netscape.com>
- Date: Fri, 11 Oct 1996 10:51:12 -0700
- To: Marc VanHeyningen <marcvh@aventail.com>
- CC: "'ietf-tls@w3.org'" <ietf-tls@w3.org>
Marc VanHeyningen wrote: > > > - The only security reason for including password auth in TLS is > > that it gains stronger security by having access to strong crypto > > in the export case. I don't think we should include features this > > major based solely on brain-damaged US export regulations that > > will hopefully soon change. > > Seems to me that's only if you assume the best way to secure password > auth is to just encrypt the password, as opposed to using other > more sophisticated methods. No, you should certainly do something more than just send the password encrypted. You should avoid sending the password at all, encrypted or otherwise. Some sort of challenge/response mechanism would be appropriate, but you are protected from eavesdroppers if you encrypt the data. > It also is true only if you're willing to accept authentication that > is dependent upon the security of the encryption; some people feel > this is undesrable for reasons having nothing to do with export > regulations. Do you suggest that the encryption (even 40-bit) is the weak link in this scheme? I don't think so. While there may be some advantages to be gained by moving the dependency up to the security of the key exchange from that of the bulk cipher, I don't think they outweigh the disadvantages. -- You should only break rules of style if you can | Tom Weinstein coherently explain what you gain by so doing. | tomw@netscape.com
Received on Friday, 11 October 1996 13:52:13 UTC