security features.... (Re: Facts, please)

Robert Sayre wrote:

> On 9/19/06, Russ Allbery <rra(_at_)stanford(_dot_)edu> wrote:
>
> > Robert Sayre <sayrer(_at_)gmail(_dot_)com> writes:
> >
> > > Thankfully, the complete failure known as HTTP 1.1 would never make it
> > > to Proposed Standard under the unwritten process we have now. For
> > > example, it doesn't contain a mandatory, universally interoperable
> > > authentication feature.
> >
> > That's right, it doesn't, and the lack of that feature is a first-rate
> > pain in the ass.
>
> I don't disagree. The IETF might first try to design an authentication
> feature worth requiring. None of the current options are at all
> satisfactory.
In fact TLS + HTTP Basic Auth is pretty interoperable, secure against 
quite a few attacks, and widely deployed.
The requirements needed to be "satisfactory" depend very much on your 
viewpoint; last week I talked to the guy who implemented Freenigma (PGP 
for web mailers, http://www.freenigma.com), and he commented that "this 
will never get past the security gurus in the IETF because it's so 
simple, people might actually use it".
That says something frightening about the kind of impression we give to 
people who work on making usable security. "Usable" needs to be an 
important component of "satisfactory".
(He's quite aware of the obvious security defects of his scheme, btw. 
It's a tradeoff.)
                  Harald

_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf