[Standards] [Fwd: I-D Action:draft-melnikov-digest-to-historic-00.txt]
ian.paterson at clientside.co.uk
Wed Sep 12 18:38:22 UTC 2007
Greg Hudson wrote:
> On Tue, 2007-09-11 at 19:51 +0100, Dave Cridland wrote:
>> If I ruled the world, I'd mandate TLS+SCRAM, and have a SHOULD for
>> TLS+YAP (the latter being plaintext-equiv on the server, but only a
>> single round-trip, so great for mobiles).
> You may be missing the most popular reason for sending plain-text
> passwords to the server (over TLS, one hopes): it's the only way for the
> server to check the password against an external verifier such as an
> LDAP server, AD controller, or Kerberos KDC. (GSSAPI krb5 auth is much
> better if you have an AD controller or Kerberos KDC, of course, but I
> don't hold out much hope for that being universally implemented in
I think Dave is well aware of that benefit. :-)
I agree that servers that support external verification should implement
SASL PLAIN. However, SASL PLAIN's support for external verification
comes at a very significant security cost (since some servers *will* be
compromised). IMHO, the spec should not sacrifice the security of users
of servers that could employ "internal" verification (by requiring
support only for SASL PLAIN).
How do people feel about the following rules:
1. Clients and servers MUST implement both DIGEST-MD5 and SASL PLAIN.
2. Each server installation MUST include either (but not both)
DIGEST-MD5 (when inner hash verification is available) or SASL PLAIN
(when only external verification is available) in the list of mechanisms
it offers clients.
More information about the Standards