Re: Symptoms vs. Causes

To: Christian Huitema <huitema at windows.microsoft.com>
Subject: Re: Symptoms vs. Causes
From: Hannes Tschofenig <Hannes.Tschofenig at gmx.net>
Date: Wed, 12 Sep 2007 10:00:46 +0200
Cc: ietf at ietf.org
In-reply-to: <70C6EFCDFC8AAD418EF7063CD132D06405B0310A@WIN-MSG-21.wingroup.windeploy.ntdev.microsoft.com>
List-help: <mailto:ietf-request@ietf.org?subject=help>
List-id: IETF-Discussion <ietf.ietf.org>
List-post: <mailto:ietf@ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
References: <tsl4pi13ptg.fsf@mit.edu><Pine.LNX.4.33.0709111345110.3313-100000@egate.xpasc.com> <20070911234949.523D433C21@delta.rtfm.com> <70C6EFCDFC8AAD418EF7063CD132D06405B0310A@WIN-MSG-21.wingroup.windeploy.ntdev.microsoft.com>
User-agent: Thunderbird 2.0.0.6 (Windows/20070728)

The entire issue depends to some extend also on the communication model you have in mind.

If you consider an approach that is closer to SAML or OpenID then the end host interacts with the identity provider directly. If you, however, focus on something that is close to the AAA model then the end host interacts with the service provider (who then relays the information it gets to the identity provider, i.e., AAA server).

In the latter case the mentioned dictionary attack is more important since you obviously don't want to give your username/password away to an arbitrary entity. Still, there are obviously a number of solutions available to provide protection.

Ciao
Hannes

Christian Huitema wrote:

There are a large number of protocol designs--even existing
protocols--which are compatible with the general paradigm of "user U
proves possession of password P to server A without giving A a
credential which can be used to impersonate U to server B".
HTTP Digest, TLS-PSK, SRP, and PwdHash all come to mind. The
difficult parts are:
(1) putting a sensible UI on it--including one that isn't easily spoofed (see the extensive literature on how hard it is to build a secure UI. (2) Getting everyone to agree on one protocol.
Please add:
(3) The chosen solution is immune to dictionary attacks.
-- Christian Huitema
_______________________________________________ Ietf mailing list Ietf at ietf.org https://www1.ietf.org/mailman/listinfo/ietf

_______________________________________________
Ietf mailing list
Ietf at ietf.org
https://www1.ietf.org/mailman/listinfo/ietf

References:
- Re: Symptoms vs. Causes
  - From: Sam Hartman
- Re: Symptoms vs. Causes
  - From: David Morris
- Re: Symptoms vs. Causes
  - From: Eric Rescorla
- RE: Symptoms vs. Causes
  - From: Christian Huitema

Prev by Date: Re: Symptoms vs. Causes
Next by Date: RE: Symptoms vs. Causes
Previous by thread: RE: Symptoms vs. Causes
Next by thread: Re: Symptoms vs. Causes
Index(es):
- Date
- Thread

Note Well: Messages sent to this mailing list are the opinions of the senders and do not imply endorsement by the IETF.

Re: Symptoms vs. Causes

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.