> Digest has a bunch of problems. See this document > > http://tools.ietf.org/html/draft-ietf-httpbis-security-properties-05#section-2.2.2 > > for a short tour of them.
Thanks for the link. I totally agree with all of this, and in fact there are more MitM attacks possible than are alluded to in that document. This is one of the two reasons I brought up Digest initially. The MAC proposal does not appear to provide any additional security over Digest, and yet Digest is still susceptible to MitM attacks. We can pick and prod at the MAC proposal all we want from a security perspective, but we'll probably end up at the same place that Digest is at, security-wise. We'll still have a protocol that can't defend against MitM attacks. So what is the point in providing integrity again? We need to use TLS. Everywhere. The more you look at advanced web attacks (MitM downgrade attacks, DNS rebinding attacks, etc), the more you realize that most of these are addressed by TLS if only it were used everywhere. It's fine to bring out special-purpose authentication protocols. Authentication can happen in a variety of ways either within TLS or tunneled over it (hopefully with channel binding), but don't pretend you'll be doing anyone favors by trying to provide partial integrity protection that is ultimately ineffective. Just focus on better authentication and key/certificate management and let TLS do the rest. tim _______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
