- From: Dirk-Willem van Gulik <dirkx@webweaving.org>
- Date: Wed, 17 Oct 2001 04:50:11 +0200 (CEST)
- To: Lisa Dusseault <lisa@xythos.com>
- cc: Dylan Barrell <dbarrell@opentext.com>, WebDAV <w3c-dist-auth@w3.org>
Actually beasts like apache do not store A1 but a Hash(A1) which is not as bad as storing A1. Some other web servers do store A1. It is an implementation choise. Dw On Tue, 16 Oct 2001, Lisa Dusseault wrote: > I agree that storing A1 is little better than storing the password. I just > disagree with your nonce issue and conclusion. > > If you plan to support transport layer security, how do you intend to get > the password from the client? Using Basic auth within a TLS-secured > communication can be very secure indeed. > > lisa > > > -----Original Message----- > > From: Dylan Barrell [mailto:dbarrell@opentext.com] > > Sent: Tuesday, October 16, 2001 2:44 PM > > To: Lisa Dusseault > > Cc: WebDAV > > Subject: RE: Digest Authentication > > > > > > Lisa, > > > > But the passwd is a portion of A1. So how is storing this different from > > storing the password? > > > > I am saying that neither basic nor digest is good enough - and so there is > > no added benefit of implementing digest when the real solution is > > transport > > layer security or some other authentication mechanism like kerberos. > > > > --Dylan > > > > > -----Original Message----- > > > From: Lisa Dusseault [mailto:lisa@xythos.com] > > > Sent: Tuesday, October 16, 2001 4:38 PM > > > To: Dylan Barrell > > > Cc: WebDAV > > > Subject: RE: Digest Authentication > > > > > > > > > Dylan, > > > > > > I'm not sure I understand your nonce issue. You do not need to store > > > the password on disk in the clear. In order to compute (or verify) the > > > the client's authenticator you need to have the value H(A1). For the > > > MD5 authentication scheme A1 is: > > > > > > A1 = unq(username-value) ":" unq(realm-value) ":" passwd > > > > > > (see RFC 2617 S 3.2.2.2). > > > > > > This is a fixed value for any user so it can be stored on disk > > > directly. > > > > > > There's no need to use a fixed nonce in order to use a fixed H(A1) > > > since the nonce is not an input to A1. > > > > > > Perhaps what you're referring to here is that compromise of H(A1) > > > on a given server allows the attacker to impersonate the user to > > > that server. However, this is not the same as compromise of the > > > password since it does not permit the attacker to impersonate the > > > user to any other server, even if the user has used the same password > > > on that user. > > > > > > Admittedly, this problem does not exist with basic auth. However, > > > most people consider sniffing a more serious threat than password > > > file theft, which is why DAV so strongly "encourages" digest. > > > > > > What threat model are you concerned with here? Would you be > > > implementing BASIC if you don't implement DIGEST, or is neither > > > good enough? What would be good enough? > > > > > > Lisa > > > > > > > -----Original Message----- > > > > From: w3c-dist-auth-request@w3.org > > > > [mailto:w3c-dist-auth-request@w3.org]On Behalf Of Dylan Barrell > > > > Sent: Tuesday, October 16, 2001 11:37 AM > > > > To: Dirk-Willem van Gulik > > > > Cc: WebDAV > > > > Subject: RE: Digest Authentication > > > > > > > > > > > > We did think of this solution, but that means that we always have > > > > to use the > > > > same nonce value and we end up getting no security improvement > > > over basic > > > > authentication - so the argument that it is more secure than > > > > basic is bogus > > > > if you do this. > > > > > > > > --Dylan > > > > > > > > > -----Original Message----- > > > > > From: Dirk-Willem van Gulik [mailto:dirkx@webweaving.org] > > > > > Sent: Tuesday, October 16, 2001 2:02 PM > > > > > To: Dylan Barrell > > > > > Cc: WebDAV > > > > > Subject: Re: Digest Authentication > > > > > > > > > > > > > > > > > > > > > > > > > On Tue, 16 Oct 2001, Dylan Barrell wrote: > > > > > > > > > > > Digest Authentication requires that a server store its > > > > > passwords in such a > > > > > > way that they be available in clear text format. > > > > > > > > > > Actually though your implementation -could- store the password > > > > on disk as > > > > > plain text - most do not; and it is technically not > > required. Some bad > > > > > implementations do store it plain - but (for example) the apache web > > > > > server stores the password as a hash (md5 or crypt) on the > > > server side. > > > > > > > > > > See http://cvs.apache.org -> apache-1.3 -> > > src/support/htpasswd.c and > > > > > src/support/htdigest.c to get an idea of the code). > > > > > > > > > > So it is not a requirement - just an implementation choise. > > > > > > > > > > It is true that with normal basic auth the password goes over > > > > the wire in > > > > > the clear; but with digest auth this is not the case. > > > > > > > > > > Dw >
Received on Tuesday, 16 October 2001 22:50:28 UTC