geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "hbaxmann" <hol...@bitwind.org>
Subject AW: Security configuration
Date Tue, 01 Jun 2004 19:15:20 GMT
> > > is not particularly secure and I would prefer to have a 
> more robust 
> > > solution (say with encrypted passwords ;-) ) but it works for now.
> > >
> > 
> > <sarcasm>
> > Why not via SRP ?
> > </sarcasm>
> > 
> > sorry, could not resist
> 
> Interesting, how would this fit into Geronimo to provide the 
> general JAAS login mechanisms to obtain subjects?
> 

You are asking seriously? 

http://srp.stanford.edu/

Then in all aspects. There are many LoginMudules avail with SRP.
 
But, unfortunately it is useless. Because secure passwords does simply not
exist:

http://fiatlux.zeitform.info/en/instructions/passwords.html

Theoretically and in a academic point of view, and only there: it provides
security to a secure token (the password) on the wire - but nowhere else.
Nobody, nobody will try to exploit your delivery of PASSWORDS on the wire.
As we all know there are more cost&budget sparing treats to steal passwords.

The main debility is the mixup of authentication and authorization in
conjunction with the possibility of duplication. So you may have not only
have more than one identity, you will exist more than once ...

Especially if you want to save the anonymity of a user you are lost: Guest,
anonymous etc.etc., which you can not track if you do not have at mindest a
two-factor authentication.

You need five points to do not make the non-existing security of passwords
not more worth:

Don't tell anyone your password. 
Don't write your password down anywhere. 
When you decide on a password, make sure it can't be guessed. 
If you think there's even a chance someone else might know your password,
change it. 
Make sure no one is standing near you when you enter your password 
In the point of real security: passwords do not have a security aspect.

These points depends all on exclusively on human interaction. The algorithm
has zero chance.

So the SRP implementations are a marcetecture thingy, more worse because
they are a feint of security.

But nice to implement :-)

bax

Refs:
http://insight.zdnet.co.uk/internet/security/0,39020457,2120474,00.htm
http://www.channelminds.com/article.php3?id_article=941


> Regards,
> Alan
> 


Mime
View raw message