Re: Design Considerations for New Authentication Methods

On Nov 2, 2006, at 12:26 PM, Richard Troy wrote:

> Well, there's simply no need. While I can agree that more could be
> done,
> I'm not convinced there's a need because what we have now works
> fine. Let
> me support my view by stating first that I perceive that combining the
> conception of encrypting a communications channel with user
> authentication
> to be a very poor choice. I gather from the paragraph above that
> this is a
> forgone conclusion. Apologies if I'm mistaken.

Understand that I'm talking about *real* security here. There are
standard protocols and libraries that support real security: SASL
and GSSAPI in particular. You may for various reasons decide that
it's "too hard" to do real security. Most people don't, including
most people who use SSL. I'm not saying that's *wrong*, just that
some possible attack methods have not been prevented.

At the level of detail that's appropriate for this list, all I can do
is repeat myself.

Part of establishing a secure connection is establishing that the end
points are the intended ones and there is no Man In the Middle.
Establishing the end points means the server has identified the user
within the name space of the security mechanism.
------------------------------------------------------------------------
----
The opinions expressed in this message are mine,
not those of Caltech, JPL, NASA, or the US Government.
Henry(dot)B(dot)Hotz(at)jpl(dot)nasa(dot)gov, or hbhotz(at)oxy(dot)edu