- From: <noah_mendelsohn@us.ibm.com>
- Date: Tue, 7 Oct 2008 13:50:57 -0400
- To: Jonathan Rees <jar@creativecommons.org>
- Cc: David Orchard <orchard@pacificspirit.com>, "www-tag@w3.org" <www-tag@w3.org>
Jonathan Rees suggests: > "Good practice: Clear text passwords are a serious security risk. > Transmit passwords in the clear only in applications that do not > require any assurance of security." I'm sympathetic to your attempt to come up with something, but I think this misses an important nuance that is mentioned in the draft minutes of our meetings. As I understand it, one concern is with the risk that novices will use the same password for multiple applications. So, you deploy the "birthday party registration application" for your child, and decide that pwds in the clear are just fine for that. Unbeknownst to you, those registering for the birthday party use the same password as for their bank account. Nefarious network sniffers pick up the pwd from the birthday login, and use it to empty the bank account. I believe we were told by the security "experts" that this sort of thing was an important concern for them, and one of the reasons they wanted to prohibit pwds in the clear entirely. Perhaps: "Good practice: Clear text passwords are a serious security risk. Transmit passwords in the clear only in applications that do not require any assurance of security, and when users are aware of the risks." Noah -------------------------------------- Noah Mendelsohn IBM Corporation One Rogers Street Cambridge, MA 02142 1-617-693-4036 --------------------------------------
Received on Tuesday, 7 October 2008 17:50:10 UTC