[Security] TLS Certificates Verification

Jonathan Dickinson jonathanD at k2.com
Wed Aug 20 05:22:16 CDT 2008


> -----Original Message-----
> From: security-bounces at xmpp.org [mailto:security-bounces at xmpp.org] On
> Behalf Of Dave Cridland
> Sent: Wednesday, August 20, 2008 12:06 PM
> To: XMPP Security
> Subject: Re: [Security] TLS Certificates Verification
>
> On Wed Aug 20 10:38:02 2008, Jonathan Dickinson wrote:
> > I don't know how secure that is though.
>
> You're:
>
> a) Forcing the client to store the account password locally in the
> clear. Neither SCRAM nor DIGEST-MD5 require this; they can store an
> opaque plaintext equivalent which limits the exposure of the actual
> password.

No I am not. This is for _lost key file retrieval_. This is a password the user would only use when they misplace the key and not every time they use the key. If SCRAM can consistently create the same key given a password verifier and a password I think we should use that instead.

>
> b) Allowing a server to obtain the private key, since if the private
> key is protected using the salt and password, and the server knows
> the salt, it's pretty trivial for the server to find the password -
> most probably because the user has explicitly told it the password at
> some point.

What through a dictionary attack? Against a salted hash?

The server can find the password for the encrypted pfk file all it wants, it will still need the passphrase for the pfk file itself. All this does is keep the file relatively safe over the wire.

But I am not certain of the security myself. Maybe SCRAM will do the trick.

>
> Dave.
> --
> Dave Cridland - mailto:dave at cridland.net - xmpp:dwd at dave.cridland.net
>   - acap://acap.dave.cridland.net/byowner/user/dwd/bookmarks/
>   - http://dave.cridland.net/
> Infotrope Polymer - ACAP, IMAP, ESMTP, and Lemonade


More information about the Security mailing list