[EMAIL PROTECTED] (Joe McMahon) writes:
> > It'd require being a little sneaky, but I'd think a good way to go about
> > this would be setting a cookie with a session identifier with a 0
> > expiration. Of course, this is only as trustworthy as the network,
> > because anybody sniffing the wire after the session switches to HTTP can
> > steal the session ID cookie and start using it, posing as your
> > "authenticated" client. <shrug>
> >
> Getting a little more sneaky will make it work.
>
> Quoting directly from Mark_Jason Dominus' WWW security tutorial:
>
> If you get a request that doesn't contain a cookie at all, redirect
> the browser to a login page with a fill-out form with 'username' and
> 'password' boxes. If they send the right username and password, bake
> up a cookie with the following ingredients:
>
> A. Username
> B. User's IP address
> C. Expiration time (if desired)
> D. Secret data known only to you
> E. MD5(A,B,C,D)
>
> F. The cookie: Concatenate A, B, C, and E. (Don't include D. It's
> secret!)
>
> If the user _does_ show up with a cookie, you get F, which contains
> the items ABCE. Check C, the expire time, and fail if C is in the
> past. Checnk B, the expected IP address, and fail if it doesn't
> match the browser's actual IP address. Look up D, compute the MD5
> hash of A, B, C, and D, and fail if this doesn't match E, the
> expected hash. Finally, if everything has checked out, take A, the
> username, and use it as the user's identity.
>
> If some snooper stelas the cookie F, it won't do them much good. F
> contains B, the user's IP address, so it can only be used from the
> correct IP address. The user can't tamper with B, because that
> would mess up the checksum E. They can't forge a new checksum,
> because the checksum includes D, which they don't know. D is never
> transmitted anywhere, is kept under strict lock and key at your
> site, and is changed immediately if it ever leaks.
This still isn't that secure. It's actually trivial to
generate traffic with IP addresses of your choice. Under
a lot of conditions, it's easy to arrange to receive the
return traffic as well. Imagine, for instance, that the attacker
is on the same network as the machine he's trying to impersonate.
-Ekr
--
[Eric Rescorla [EMAIL PROTECTED]]
PureTLS - free SSLv3/TLS software for Java
http://www.rtfm.com/puretls/
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
