Steffen Schulz wrote: > > Adding mechanisms always adds complexity, not only in terms of code but > also in terms of things the admin should consider to setup a secure > system. So the added complexity should be worth something.
Correct, however I'd say the added complexity in this case (which isnt that much) would be worth the gained security. > > I guess my main point is that SRP or similar mechanisms are (hopefully) > coming. They will not only offer higher password protection but are > also resistant against MITM, without needing a certificate. I hope this > will make SSL much more prominent even for low-security sites. We will see, but something like, such a "tiny" modification like, a hashing input field could be much more quickly and easily implemented than those more complex solutions (in theory the next Firefox patch could include it). > > SRP can also be used as a http-auth mechanism, but then it provides > only limited security, as it could be used with limited SSL security or > no SSL at all. Yes, but here we are not even talking about HTTP authentication, but about form based logins, usually not even via SSL. > Same for your scheme: It protects the password, but as > an attacker I don't even need that if I can break the SSL protection or > if SSL is not even used. Can you explain why? Alexander _______________________________________________ dev-security mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security
