[776] in WWW Security List Archive
Still more SHTTP questions
daemon@ATHENA.MIT.EDU (Marc VanHeyningen)
Mon Jul 17 19:08:19 1995
From: marcvh@spry.com (Marc VanHeyningen)
To: ekr@eit.com (Eric Rescorla)
cc: www-security@ns2.rutgers.edu
Date: Mon, 17 Jul 1995 12:15:10 -0700
Errors-To: owner-www-security@ns2.rutgers.edu
In the course of chasing down some demo issues, something's come up that
seems a fundamental issue with regard to the SHTTP spec and authentication.
The Prearranged-Key-Info: header can accomodate any of a variety of methods
of providing the key used for the Symmetric-Head-Algorithm: inband, outband,
or either flavor of Kerberos. The SHTTP-Key-Exchange-Algorithms: negotiation
header allows negotiation of which methods are acceptable to both parties.
The MAC-Info: header, similarly, can accomodate any of a variety of methods
(outband, inband, kerberos-4, kerberos-5, null, dek) for providing the
shared secret employed in MAC computation. However, there is not an
analagous header for specifying which methods are acceptable. (There is
the Your-Key-Pattern: with the auth-key use, but that only allows
specification of the key name, not the method.)
I had previously assumed this was unneeded because the K-E-A: header
sufficed for both purposes, since most reasonable uses would involve
having the same key used for both purposes (if both are present.)
This would mean that, by default, the only key method available for
creating a MAC is inband (since it's an optional default KEA, and
you can't use an RSA key for making a MAC-Info: header.)
(Well, "null" and "dek" are also available options, although neither
of them actually authenticates anything in some or all cases.)
So, what methods are appropriate by default for MAC-Info: headers, and
how are they negotiated (or are they?)
Tx
- Marc
