All,
During the IETF50 IPP WG meeting we had some discussions around some of the
security issues that have been discussed earlier on the IPP WG DL.
Here is TXT version of the slides shown for that discussion. They are a bit
short, but hopefully they provide enough information for those of you who
are interested in the subject. This discussion was led by Scott Lawrence.
Carl-Uno
---
Scott Lawrence
slawrence at virata.comlawrence at agranat.com
Main author of:
RFC 2617 - HTTP Authentication: Basic and Digest Access Authentication.
RFC 2817 - Upgrading to TLS Within HTTP/1.1
-----
HTTP Digest Authentication Misconceptions
Purposes of the Client Nonce (cnonce)
- Prevent Chosen-Plaintext Attack
Attacker spoofing server cannot choose all of the inputs to the
authentication
hash
Incidentally protects against sloppy nonce choices by server
- Mutual Authentication
The client can check the response digest to verify that the server
also knew
the shared secret.
------
HTTP Digest Authentication Misconceptions
Message Body Integrity Protection
- NOT algorithm = MD5-sess
MD5-sess modifies shared secret usage to permit third party
authentication
services;
has no effect on body integrity
- qop=auth-int
Provides body integrity protection by incorporating body hash into
authentication hash calculations
Note that you don't know the authentication status until the end
------
HTTP Digest Authentication Misconceptions
When Can A Server Challenge?
Any time it wants to.
Why Can A Server Challenge?
Any reason it wants to.
How Can A Server Distinguish Protection Domains?
Modify the realm?
-----
Carl-Uno Manros
Manager, Print Services
Xerox Architecture Center - Xerox Corporation
701 S. Aviation Blvd., El Segundo, CA, M/S: ESAE-231
Phone +1-310-333 8273, Fax +1-310-333 5514
Email: manros at cp10.es.xerox.com