[Date Prev][Date Next] [Chronological] [Thread] [Top]

active attacks (Was: Applicability (Was: authmeth review notes [long]))



At 01:42 PM 3/9/2004, Hallvard B Furuseth wrote:
>I wrote:
>> Kurt D. Zeilenga writes:
>>>>> BTW, I can't find any requirement that TLS be supported.
>>>
>>> It's not.
>> (...)
>>> DIGEST-MD5 is LDAP's strong authentication mechanism
>>> (which provides adequate data security services).  There is no
>>> interop or security reason to mandate or recommend more (except
>>> in limited cases, such as when Simple is to be used).
>> 
>> While I like that TLS is optional, I don't buy this as an argument for
>> it.  DIGEST-MD5...
>
>... is also vulnerable to active intermediary attacks ([Authmeth]
>section 10).

So is TLS (version downgrade attack), see RFC 2246.

DIGEST-MD5 addresses the known active intermediate vulnerability
(the layer downgrade attack) of the authentication exchange by
stating that both peers must ensure that adequate protections have
been established before transferring any application-protocol data.
Likewise, [Authmeth] must say this for its use of SASL as LDAP's
SASL mechanism discovery facility is also subject to downgrade
attacks (unless protected by other means).

Kurt