[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Revisited: effect of Start TLS on authentication state

To: "Roger Harrison" <RHARRISON@novell.com>
Subject: Re: Revisited: effect of Start TLS on authentication state
From: Hallvard B Furuseth <h.b.furuseth@usit.uio.no>
Date: Sun, 7 Dec 2003 21:28:05 +0100
Cc: ietf-ldapbis@OpenLDAP.org
In-reply-to: <sfd1ceb5.034@prv-mail20.provo.novell.com>
References: <sfd1ceb5.034@prv-mail20.provo.novell.com>

Roger Harrison writes:
> Hallvard B Furuseth <h.b.furuseth@usit.uio.no> 12/6/2003 1:38:15 AM
>>>>
> 
>> Roger Harrison writes:
>>> After TLS Establishment (proposed replacement for current authmeth
>>> section 4.2.1):
>>> 
>>> The decision to keep or invalidate the established authentication
>>> and authorization identities in place after TLS is negotiated is a
>>> matter of local server policy.
>> 
>> I think that's too weak. Since keeping the current identities is a
>> security problem, servers SHOULD by default not do that. Also,
>> Security Considerations should mention why it is a problem, and this
>> section should refer to Security Considerations. Or maybe the problem
>> should be described in this section, since the draft is all about
>> security anyway.
>  
> Could you give me some words that explain the security considerations
> for this as you see them, and I'll edit them in? The same goes for
> anyone else in the WG who has thoughts on this subject.

I know of two security problems with using a bind identity from before
Start TLS:

- An attacker can insert a Bind Request prior to the Start TLS request
  so that the LDAP association will be bound with another ID than the
  client intends.

- Using a bind ID from prior to the Start TLS encourages clients to
  bind before instead of after Start TLS, which gives weaker security
  for the credentials - in particular if plain passwords are enabled
  (even though they should not be, before Start TLS).
  
>> Also, with the "until..." addition above, the following becomes
>> unnecessary:
> 
> This was actually unnecessary in my original wording (hence the "per
> [Protocol]" comment, but I felt that it was good to be explicit about
> what the situation. Until I thought about this a bit, it wasn't clear
> to me that this was the proper way for the server to communicate its
> intent to the client, and I thought it wouldn't hurt to spell it out.

Maybe.  I think Authmeth already containts too much redundancy.  See
message http://www.OpenLDAP.org/lists/ietf-ldapbis/200310/msg00035.html
(authmeth-07 issues).

-- 
Hallvard

Prev by Date: Re: Revisited: effect of Start TLS on authentication state
Next by Date: Re: Revisited: effect of Start TLS on authentication state
Index(es):
- Chronological
- Thread