[Date Prev][Date Next]
unprotected fields security consideration (Was: REVISED protocol review notes [LONG])
The first sentence of my suggestion should read "do not provide",
not "do provide". --Kurt
At 02:48 PM 10/7/2003, Kurt Zeilenga wrote:
>> When used with SASL, it should be noted that the name field of the
>> BindRequest is not protected against modification. Thus if the
>> distinguished name of the client (an LDAPDN) is agreed through the
>> negotiation of the credentials, it takes precedence over any value in
>> the unprotected name field.
>This needs to be expanded to other unprotected fields.
> It should be noted that SASL authentication exchanges do
> provide data confidential nor integrity protection for the
> version or name fields of the bind request nor the resultCode,
> errorMessage, or referral fields of the bind response nor
> of any information contained in controls attached to bind
> request or responses. Thus information contained in these
> fields SHOULD NOT be relied on unless otherwise protected
> (such as by establishing protections at the transport layer).
>We should discuss the precedence bit as part of our [authmeth] review.