[Date Prev][Date Next] [Chronological] [Thread] [Top]

unprotected fields security consideration (Was: REVISED protocol review notes [LONG])

To: ietf-ldapbis@OpenLDAP.org
Subject: unprotected fields security consideration (Was: REVISED protocol review notes [LONG])
From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
Date: Wed, 08 Oct 2003 07:06:30 -0700
In-reply-to: <20031002114843.GB590.bogus@openldap.org>
References: <20031002114843.GB590.bogus@openldap.org>

The first sentence of my suggestion should read "do not provide",
not "do provide".  --Kurt

At 02:48 PM 10/7/2003, Kurt Zeilenga wrote:
>>   When used with SASL, it should be noted that the name field of the 
>>   BindRequest is not protected against modification. Thus if the 
>>   distinguished name of the client (an LDAPDN) is agreed through the 
>>   negotiation of the credentials, it takes precedence over any value in 
>>   the unprotected name field. 
>
>This needs to be expanded to other unprotected fields.
>
>    It should be noted that SASL authentication exchanges do
>    provide data confidential nor integrity protection for the
>    version or name fields of the bind request nor the resultCode,
>    errorMessage, or referral fields of the bind response nor
>    of any information contained in controls attached to bind           
>    request or responses.  Thus information contained in these 
>    fields SHOULD NOT be relied on unless otherwise protected            
>    (such as by establishing protections at the transport layer).       
>
>We should discuss the precedence bit as part of our [authmeth] review.

References:
- REVISED protocol review notes [LONG]
  - From: Kurt Zeilenga <Kurt@OpenLDAP.org>

Prev by Date: RE: Steven's protocol comments
Next by Date: Re: authmeth - user & client usage
Index(es):
- Chronological
- Thread