- From: Dan Simon <dansimon@microsoft.com>
- Date: Mon, 2 Dec 1996 11:33:52 -0800
- To: "'HUGO@watson.ibm.com'" <HUGO@watson.ibm.com>, "'ietf-tls@w3.org'" <ietf-tls@w3.org>
Hugo: We did at one point consider Bellovin-Merritt for shared-key authentication, but we decided that requiring server certification was not a big sacrifice in the contexts we had in mind, and yielded better security and fewer changes to existing infrastructure and code. (For example, Bellovin-Merritt would require clients to monitor for online brute-force attacks on the password.) Of course, if you want to propose an extension allowing for BM-style two-way shared-key-based authentication as an option in TLS, we'd have no objections to its inclusion. Daniel Simon Cryptographer, Microsoft Corp. (dansimon@microsoft.com) >---------- >From: HUGO@watson.ibm.com[SMTP:HUGO@watson.ibm.com] >Sent: Wednesday, November 27, 1996 8:24 AM >To: ietf-tls@w3.org >Subject: passwords > >I've seen a lot of traffic in this list discussing the use of >passwords, how necessary they are and how insecure, etc. etc. >I haven't seen any mention of the use of techniques like >Bellovin-Merrit's for preventing dictionary attacks. >Certainly, these techniques improve significantly on the >security of passwords (particularly, low-entropy ones). >BM solutions and related ones use public key techniques >which are already available in SSL. Did anyone considered using them? >Does anyone know of *any* real-world implementation of such >techniques (not necessarily related to SSL)? > >Thanks, > >Hugo > >
Received on Monday, 2 December 1996 14:34:23 UTC