[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: svnserve password store in clear text

From: John Pybus <john.pybus_at_zoology.oxford.ac.uk>
Date: 2004-06-04 10:14:03 CEST

Mark Benedetto King wrote:
> On Fri, Jun 04, 2004 at 12:01:54AM +0100, John Pybus wrote:
>
>>>It's difficult for the client to prove it knows a secret that the
>>>server cannot be trusted to know without a PKI of some sort.
>>
>>and yet there are protocols which accomplish it, such as SRP:

> Right. Similarly, the server could store the public RSA key of the user,
> and send the client a challenge, and the user could encrypt that challenge
> with their private key. There are protocols for that sort of thing, too.

Using RSA certs requires the user to manage a private key, something
that experience suggests is hard for many user communities. It may be
appropriate in some cases (and is much harder to brute-force) but as a
sysadmin I'd say password based schemes such as SRP, or the various
EKE-based ones, have a lot going for them in terms of managability.

> In my book, things that require big-number libraries count as "difficult".

You can't really get security that is immune from replay attacks or
man-in-the-middle without "difficult" maths going on somewhere, but it's
not so hard to link in a library to do this for you. I'm rather amazed
at the number of new protocols that get built with plain text
authentication tokens; it's not 1994 any more.

John

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Fri Jun 4 10:18:00 2004

This is an archived mail posted to the Subversion Dev mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.