---------- Begin Forwarded Message ----------
I have a small question on the mentioned XEP. In the "Security Considerations" there is the sentence "Authentication using the 'jabber:iq:auth' method is known to be less secure than SASL authentication, which is one reason why the 'jabber:iq:auth' method has been deprecated.", but I can't find references why this is the case. I mean, in the XMPP Core RFC SASL is specified as authentication mechanism, using at least DIGEST-MD5 authentication. Digest-md5 is basically a md5 hash over a server-side generated nonce concatenated with the user password. XEP78 authentication is a sha1 hash over a server-side nonce (stream id) concatenated with the user password. (Premise: Server-side nonce is truly random.) So, the only difference is md5 vs. sha1. And md5 has fewer bits, and thus is less secure (I don't think those recent Chinese attacks on md5 have any impact on the authentication mechanism...). If you have references to any papers, discussion threads, etc., I would be glad to get a link to them. Also, if I missed something, please enlighten me. ---------- End Forwarded Message ---------- The reasoning behind the switch from jabber:iq:auth to SASL was: 1. SASL is more flexible (lots of different mechanisms). 2. SASL can be more secure (depending on the mechanism used). 3. We were thinking about switching to SASL as early as XEP-0034. 4. IETF security review recommended use of SASL.It seems wrong to compare iq:auth to SASL or to say that iq:auth is less secure. SASL PLAIN over an unencrypted connection is less secure than iq:auth with digest password, whereas SASL EXTERNAL is probably more secure than iq:auth. It all depends on the mechanism used. Therefore I think it would be more accurate to describe the reasons for changing to SASL and remove the misleading text about iq:auth being less secure.
Any objections? Peter
smime.p7s
Description: S/MIME Cryptographic Signature
