[jdev] plaintext passwords hack

Peter Saint-Andre stpeter at stpeter.im
Fri Dec 18 10:46:28 CST 2009 

On 12/18/09 9:17 AM, Dave Cridland wrote:
> On Fri Dec 18 15:41:39 2009, Peter Saint-Andre wrote:
>> On 12/18/09 8:07 AM, Alexander Holler wrote:
>> > Am 18.12.2009 14:58, schrieb Alexander Holler:
>> >> Storing a hash for every mechanism will not work. E.g. for DIGEST-MD5
>> >> the server has to hash the clear-text password with a value the client
>> >> provides. So the server needs the clear-text password. And if the
>> server
>> >> is able to get the clear-text password, everyone with the same
>> rights on
>> >> the server can retrieve the clear-text passwords too.
>> >
>> > The solution to this problem are public key algorithms. So using
>> > (enforcing) client-side SSL certificates would do the trick.
>> >
>> > Maybe a XEP which defines how a client sends his (public part of the)
>> > certificate during the registration process would be a practical
>> solution.
>>
>> Yes, I've been thinking about that for a while, but I haven't had time
>> to write up a document about it. I think we might want to avoid X.509
>> (with its dependency on ASN.1 etc.) and instead use simple RSA keys as
>> in XEP-0189. But I'll give it more thought soon.
> 
> I agree that ASN.1 isn't terribly easy, but it's all just blobs, really
> - it strikes me as simpler to just reuse existing self-signed cert
> generation code for the purpose.

The case I've been thinking about in relation to XEP-0189 (and things
that might be built on top of it) is end-to-end encryption by web
clients. We had some hallway discussion about that at IETF 74. Until and
unless someone writes a TLS and X.509 stack in JavaScript, web clients
will be out of luck. Something simpler might be preferable. But that's a
bigger topic and might belong on another mailing list. :)

> Plus, that gains you the ability to tap into sometmes quite advanced
> X.509 personal key stores on some operating systems.

As someone who uses a client certificate, I agree that's a good thing.
Naturally, you could sign your RSA key with your X.509 cert or OpenPGP
key or other such material. But, again, that might be a topic for
another time and place...

Peter

-- 
Peter Saint-Andre
https://stpeter.im/


-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 6820 bytes
Desc: S/MIME Cryptographic Signature
URL: <https://www.jabber.org/jdev/attachments/20091218/10393deb/attachment-0001.bin>

More information about the JDev mailing list