[standards-jig] Re: [Foundation] Last Minute JEP 78 Concerns

Tijl Houtbeckers thoutbeckers at splendo.com
Tue May 27 19:23:44 UTC 2003


Dave Smith <dizzyd at jabber.org> wrote on 27-5-2003 21:18:25:
>
>-----BEGIN PGP SIGNED MESSAGE-----
>Hash: SHA1
>
>
>On Tuesday, May 27, 2003, at 12:47 America/Denver, Iain Shigeoka wrote:
>
>> On Tuesday, May 27, 2003, at 10:38 US/Pacific, Tijl Houtbeckers 
>> wrote: 
>>
>> My understanding is that the enhancement is a slight tweak on the 
>> existing digest algorithm to protect the user's password _outside_ 
>> the context of jabber. However, the arguments for SASL digest seems 
>> pretty sound. I haven't really looked at it yet but if it is 
>> implementable within restricted environments
>
>Bing, bing! Iain gets it! :)

I already pointed that out myself. I still doubt if it's wise to 
implement something that is actually only safe as long as noone else 
implements it too! Especially if you can easily make it more secure 
with another simple tweak, as I pointed out. 

>At any rate, while SASL would be a good way to go, the idea is that 
>our digest based scheme will always be available as a super simple 
>fallback authentication method, should a server choose to deploy it.  
>This tweak to the digest mechanism was done to ensure, as Iain said, 
>some amount of security  outside the context of Jabber.

The "amount" we win with this is very small. It doesn't protect your 
own jabber account, and if you use the same password for another jabber 
account it doesn't protect that either. On top of that, any other 
program that uses the same mechanism is vonurable too. Or is it part of 
the plan that all non-jabber developers will recognize what a bad idea 
it is and never implement it? 


-- 
Tijl Houtbeckers
Software Engineer @ Splendo
The Netherlands




More information about the Standards mailing list