- From: Jeff Williams <jwkckid1@ix.netcom.com>
- Date: Fri, 11 Oct 1996 20:55:35 -0500
- To: marcvh@aventail.com (Marc VanHeyningen)
- Cc: ietf-tls@w3.org
At 03:50 PM 10/11/96 -0700, you wrote: >Eric Murray sed: >> Marc VanHeyningen writes: >> > In other words, you're doing password authentication by just sending >> > the password encrypted, which Tom and I (and I suspect most other >> > people here) agree is not a very good way to do it. >> >> Why not? > >Lots of reasons; I'll mention a few. > >Because ciphers can be broken. Because some people believe it's >unhygenic to have the security of authentication be dependent upon >the security of bulk encryption. Ok, but that is still not a really strong argument. I do see your point however. > >There are also simple usability concerns. Users occasionally get >mixed up and, while using service A, accidentally type their >password for service B. If you do things your way, you have just >given service A your password for service B, which is not >necessarily information you wanted him to have. If you use a >challenge-based method, you have given him one specific >response to one specific challenge, which is of little if any >value as a tool for impersonating you in the future. I would agree that this could be a problem. But if you have the ability to change your password that negates most of the problem here. > >Persistent shared secrets shouldn't ever be sent in a reversibly >encrypted form unless there's no alternative. Sorry, I don't believe in absolutes. At present I would agree if possible you are correct. > Reguards, Jeffrey A. Williams SR.Internet Network Eng. CEO., IEG., INC., Representing PDS .Ltd. Web: http://www.pds-link.com Phone: 214-793-7445 (Direct Line) Director of Network Eng. and Development IEG. INC.
Received on Friday, 11 October 1996 22:19:46 UTC