On 7/02/11 2:38 AM, Florian Weimer wrote:
* Gervase Markham:
Goal: fix bug 570252. Provide 2-factor authentication for some
Bugzilla accounts.
https://bugzilla.mozilla.org/show_bug.cgi?id=570252
The IP address restriction is a pretty strong factor. Basically, it
means that a potential attacker would have to compromise a device
quite close to the user (possible the terminal itself). If you deal
with such attackers, very few reliable options exist. For Bugzilla,
things are extraordinarily difficult because you don't want to protect
transactions, but read access to certain bugs.
If your threat target is read access to certain bugs, then the low
hanging fruit might be to use client certs. You already have all the
tech, it's just a matter of using it. Asking the security people to get
a client cert, and registering it by hand in the code, is no biggie.
As a result, extending the IP address restrictions, possibly using
crypto tunnels such as OpenVPN, are probably a better investment than
hardware tokens. You also need usage how the key material is to be
handled by users.
IP address restrictions are a bit of a facade. Techies register their
online servers, and hop through there, as they tend to connect in from
different places. They might still be worth doing, though.
It will certainly not help against malware which captures server
responses, but none of the technologies under consideration will.
iang
PS: fwiw, I've got a few conceptual notes on how to use client certs here:
https://wiki.cacert.org/Technology/KnowledgeBase/ClientCerts/theOldNewThing
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
