> > >> Usually what happens is the server generates a self-signed certificate > >> and the apps are given some "username" and "password" and the app > >> ignores the unauthenticated nature of the TLS connection and sends > >> the u/p credential on through. > > > > Isn't this use case more of an argument for an updated auth-digest to use > > something better than MD5? I'm not convinced MITM is a real concern for a > > typical IoT environment (however that's defined - I'm assuming http in a > > domestic environment). > > First of all, what makes you think it's MD5 digest and not just > plaintext? And updated by whom? These are ad hoc constructions done > because the alternative is too onerous. >
I didn't say that. I was suggesting using a standard HTTP digest mechanism rather than sending a plaintext username/password. The IETF has already updated HTTP digest, so there's no work. > > As someone who has stolen wi-fi from the apt next door that was > protected by a PSK I would say that doing a dictionary attack in > a "domestic environment" is entirely plausible. If I have to do a > soft AP advertising the neighbor's SSID in order to lure a set-top > box or thermostat or whatever to connect to me then that's a very > low bar. > Whilst you have my sympathy, I don't see how that's relevant; a dictionary attack can be used just as easily against a TLS protected resource. Securing the WiFi configuration so that devices connect to the correct one is not a TLS issue. Best wishes, Phil Lello
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls