[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: RFC2256: userPassword

To: Paul Leach <paulle@microsoft.com>
Subject: RE: RFC2256: userPassword
From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.Org>
Date: Tue, 29 Jun 1999 11:29:14 -0700
Cc: ietf-ldapext@netscape.com
In-reply-to: <CB6657D3A5E0D111A97700805FFE65870B48E3F1@RED-MSG-51>
Resent-date: Tue, 29 Jun 1999 11:38:05 -0700 (PDT)
Resent-from: ietf-ldapext@netscape.com
Resent-message-id: <"132SpC.A.o1C.AKRe3"@glacier>
Resent-sender: ietf-ldapext-request@netscape.com

At 10:38 AM 6/29/99 -0700, Paul Leach wrote:
>Having world readable hashed passwords is almost as bad as having plaintext
>ones.

I never implied that such userPassword should be "world" readable.
I do believe access to userPassword, regardless of syntax, should
be restricted (by ACL).

However, I do believe storing cleartext passwords is evil and should
be avoided. 
	1) ACLs are often poorly written
	2) replication may require copying of userPassword
	3) directories can be exported... now you have cleartext
	passwords your LDIF
	4) database files are likely not encrypted... I cringe
	at the thought of cleartext passwords being stored on
	network accessible filesystems, on disks, and on backups

Use of hashes, especially proven one-way salted digital
hashes, provided a great deal of protect over cleartext.
A cracker confronted with a hashed password is likely to
use other mechanisms (such as flaws in the server's host
operating system) to obtain illicit access.

I would recommend that hashed password syntax recommend use
of a salted MD5, SHA1, or equivalent strong (and proven)
one-way hash.

Kurt

>In many authentication protocols, the hashed password is plaintext
>equivalent (i.e., lets you authenticated as the user whose password hash you
>have). In many other cases, checking the hash of 100,000 easy-to-remember
>variants of a few million "dictionary" words to see if they match a
>particular hashed password can be done in a few days by one computer. (1
>million checks per second is not infeasible.)
>
>-----Original Message-----
>From: Kurt D. Zeilenga [mailto:Kurt@OpenLDAP.Org]
>Sent: Tuesday, June 29, 1999 8:32 AM
>To: ietf-ldapext@netscape.com
>Subject: RFC2256: userPassword
>
>
>RFC2256 5.36 userPassword says "Passwords are stored using an
>Octet String syntax and are not encrypted."  However, it's
>common practice to store "encrypted" passwords in userPassword
>using a mechanism derived from RFC2307 (ie: userPassword: {method}hash).
>
>For security considerations, I believe it unwise to ever maintain
>a cleartext userPassword.  I believe RFC2256 should be updated to
>read:
>
>  Passwords are stored using an Octet String syntax and SHOULD be
>  encrypted.  ...
>
>It would also be wise to standardize the syntax for encrypted
>userPassword representation (ie: replace Octet String with an
>appropriate syntax).
>
>Kurt
>
>

References:
- RE: RFC2256: userPassword
  - From: Paul Leach <paulle@microsoft.com>

Prev by Date: RE: RFC2256: userPassword
Next by Date: Re: RFC2256: userPassword
Index(es):
- Chronological
- Thread