[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: authmeth-07 issues






I don't think there is any need to add material to the Security
Considerations section if the proposed changes to authmethod are made (your
previous note on StartTLS and StopTLS).


John  McMeeking


"Roger Harrison" <RHARRISON@novell.com> wrote on 02/16/2004 01:31:47 AM:

> With the fairly extensive reworking of the effect of Start TLS and
> TLS closure on the LDAP association state, I'm wondering how WG
> members view the need for these security considerations proposed by
> Hallvard.  Your comments are greatly appreciated.
>
> Roger
> >>> Hallvard B Furuseth <h.b.furuseth@usit.uio.no> 10/14/2003 8:11:28 AM
>>>
> > 10. Security Considerations
>
> I think you should say that if the connection is already bound when
> startTLS is performed, servers SHOULD reject operations that follow
> StartTLS other than bind, unbind and abandon (with strongAuthRequired?).
>
> bind before startTLS is an insecure combination, and that an attacker
> also may insert a bind before a startTLS when the client expects to do
> anonymous operations with TLS.
>
> Or SHOULD the server reject these operations even if the connection is
> anonymous? The attacker could have inserted an anonymous bind, though
> that doesn't seem like much of a problem.