[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Auth Compromise (was Re: Authentication Methods for LDAP - last call)

To: ietf-ldapext@netscape.com
Subject: Re: Auth Compromise (was Re: Authentication Methods for LDAP - last call)
From: Jeff.Hodges@stanford.edu
Date: Wed, 05 Aug 1998 18:59:37 -0700
Cc: Jeff.Hodges@stanford.edu
In-reply-to: Your message of Wed, 05 Aug 1998 17:07:33 -0700
Resent-date: Wed, 05 Aug 1998 19:00:30 -0700 (PDT)
Resent-from: ietf-ldapext@netscape.com
Resent-message-id: <"_QLc1.0.Z21.xuGor"@glacier>
Resent-sender: ietf-ldapext-request@netscape.com

I personally think this proposal is a reasonable starting place from which to 
nail down a solution.

I think it is awfully late in the game to entertain changing from CRAM-MD5 to 
DAA (Digest Access Authentication, aka HTTP Digest). DAA would have to offer 
significantly greater security for roughly equal implementation (and 
deployment) cost for us to consider switching to it now. Personally, I'm going 
to look RFC 2069 over and get back to the list on my thoughts, but I'm 
certainly not a security-mechanism-and-digest-and-ciphersuite expert, and I 
don't know if any of us really are so maybe it's worth hearing from some about 
this.

I have a couple of comments on the proposed compromise text..

> here's a counter-proposal:
> 
>   CRAM-MD5 is MANDATORY-TO-IMPLEMENT for all LDAP servers.  This does not 
>   mean that CRAM-MD5 is appropriate to use in all cases.  However, when
>   CRAM-MD5 is disabled, an LDAP connection will be restricted to anonymous
>   access unless the client and server happen to have another 
>   authentication mechanism in common.  Because CRAM-MD5 is intended to be
>   the minimal acceptable authentication mechanism, LDAP servers SHOULD NOT
>   permit the use of simple bind over an unencrypted connection.  LDAP
>   clients and servers MUST have a configuration option to disable simple
>   bind over an unencrypted connection if they permit its use at all.
> 
>   Servers and clients SHOULD implement an authentication mechanism which
>   passes encrypted clear text passwords, such as the simple bind mechanism
                                         ^
                              over an encrypted connection

>   combined with TLS encryption.  This provides compatibility for existing
>   authentication databases such as Unix /etc/passwd.
> 
>   Servers and clients intended to operate in a large distributed
>   environment MUST implement an authentication mechanism capable of
                ^^^^
               SHOULD
>   distributed management such as the EXTERNAL SASL mechanism with TLS
>   client certificates, or the GSSAPI SASL mechanism with Kerberos V5.

In terms of the "SHOULD", we have no literal control over deployment 
intentions (the IETF isn't doing an implementation "branding" program, yet 
anyway), so I think it should be a SHOULD.


> I note that each of these three segments meets a different incompatible
> requirement for authentication mechanisms.  The first addresses the
> "simple, fast, but not clear text" requirement, the second addresses the
> "backwards compatible" requirement and the third addresses the "good 
> security & distributed management" requirement.

And these are the requirements as laid out in draft-newman-auth-mandatory-00.tx
t, yes?


Jeff

Prev by Date: RE: Authentication Methods for LDAP - last call (mandatory CRAM-M D5)
Next by Date: RE: Authentication Methods for LDAP - last call (mandatory CRAM-M D5)
Index(es):
- Chronological
- Thread