Re: gss userauth

[Markus Friedl <markus%openbsd.org@localhost>]

On Mon, Sep 01, 2003 at 11:50:16PM -0400, Jeffrey Hutzelman wrote:
> On Mon, 1 Sep 2003, Markus Friedl wrote:
> 
> > On Tue, Aug 26, 2003 at 11:42:52PM -0400, Joel N. Weber II wrote:
> > > I dislike the partial authentication approach.  I believe it adds
> > > significant complexity to an implementation.
> >
> > I agree, not only because of the implementation complexity.
> >
> > I don't see a reason why this sould be considered a
> > 'partial authentication'.  Why not treat this as two
> > different methods and phase out the non-mic version
> > instead of keeping the less secure version around forever?
> 
> Eliminating the non-mic version means eliminating any support for GSSAPI
> mechanisms which are unable to provide integrity protection for
> application messages (i.e. gss_GetMIC).

why not negotiate the 'mic' capatibility within the user
authentication method instead of requiring chained methods?

e.g. have the server side insist on the mic message for
GSSAPI mechanims supporting.

> I think we already decided much
> earlier in the development of this specification that we didn't want to do
> that; are you suggesting we revisit that decision?

i don't know the use of an authentication mechanism without
integrity protection.