On Sat, 2003-07-12 at 00:51, Henrik Nordstrom wrote: > fre 2003-07-11 klockan 15.08 skrev Robert Collins: > > > We support nonces, but not client nonces. md5-sess requires client nonce > > support. > > Err.. Squid support client nounces, just not capable of trigger md5-sess > HHA1 calculation, and lacks an helper interface for md5-sess HA1 > exchanges.
I don't recall coding it up. Let me check... no. No - we don't provide full cnonce support. We don't support response auth, nor response auth-integrity. We do put a client nonce into the HHA1 calculation where appropriate, and squid can create a md5-sess HHA1 although the code is disabled - as you note we don't have a helper interface for it. (It's a relatively small patch to enable that though). > > NT Provides Digest for IIS, but under some constraints: > > * You MUST have an AD Domain > > * You MUST turn on 'store passwords with reversible encryption' in the > > AD policies. > > Rumor is that the IIS must also be a domain controller, but I have not > seen this verified. IIS Doesn't have to be a DC IIRC. I had this setup in a test bed some time ago. .. > Correct, except that the nounce creation should be done by the > OS/Directory for secure MD5-sess exchanges as outlined in my previous > message. If not the system is vulnerable to cryptographic attacks on the > MD5-sess exchange. If the OS/Directory can establish full trust on the > application/server then nounce creation may be left to the > application/server, but I see no valid reason to why do this. Uhm, yeah. Chosen nonces would at worst - assuming no sanity checks on nonce length by the directory, expose MD5(user:realm:password). Having the client choose the nonce could be useful (say if the client wanted to use a constant cnonce for memory efficiency - not a compelling reason though:}), but there is a risk as you say. Rob -- GPG key available at: <http://members.aardvark.net.au/lifeless/keys.txt>.
signature.asc
Description: This is a digitally signed message part