On Wed, 2011-08-24 at 07:42 -0400, 1983-01-06_at_gmx.net wrote:
> Are you refering to sole Kerberos or are you just concerned about
> transport encryption? Your statement somewhat irritates me.
> Given that the HTTP traffic cannot be securely wrapped into the GSS
> content and nor the SASL QOP can be set (like for LDAP), I would
> neglect that and still say TLS is not of your concern but of mine or
> the users in general.
Any authentication-only mechanism used over an insecure channel is
vulnerable to MITM attacks which preserve the authentication and change
the data. Of course, this applies to HTTP basic and digest over raw
HTTP just as much as it does to negotiate, so perhaps it doesn't make
sense to restrict negotiate auth to HTTPS only on this basis alone.
A further concern with HTTP negotiate is that it is scoped to the TCP
connection and not to a single HTTP request. Ignorant proxies may
combine TCP connections for multiple users' requests and inadvertently
authenticate one users' requests with anothers' credentials. I may be
wrong, but I believe this is the concern which leads implementations to
restrict NTLM to HTTPS. Switching from NTLM to Kerberos does not
mitigate this concern at all. If there are other vulnerabilities in
NTLM which don't presuppose an MITM attack, perhaps I'm wrong.
Received on 2011-08-25 09:21:08 CEST