On Sun, 2003-01-05 at 19:00, Amelia A.Lewis wrote:
Umm, forgive me, but as I understand DIGEST-MD5, it does store hashed. Are you thinking of CRAM-MD5? As far as I know, that requires plain-text storage on the server, and I agree with your criticisms. I happen to like DIGEST-MD5 because it looks like someone finally came along and got the SASL auth mechanism right.
But perhaps I'm the one that's mistaken.
=) no, you're right in that it's stored hashed. I was thinking of CRAM-MD5 specifically, but after reviewing section 3.9 of RFC2831, I'm still thinking that DIGEST-MD5 isn't really for me.
What's hashed is the username + ":" + realm + ":" + password. This is used to compute a part of the protocol. (referenced as A1) To quote the RFC:
There are two important security consequences of this. First the password file must be protected as if it contained plaintext passwords, because for the purpose of accessing documents in its realm, it effectively does.
A second consequence of this is that the realm string should be unique among all realms that any single user is likely to use. In particular a realm string should include the name of the host doing the authentication.
To me, this means a few things: 1. You can no longer simply change a user's name. 2) you can no longer simply change a host's name if you follow the RFC and finally 3) you can't efficiently use digest-md5 in a distributed authentication environment. (just doesn't scale well)
Since I deal with system-level accounts across multiple systems with occasional username changes (such as when someone marries) and system migrations where users and mail get shifted over to systems with different names or domains, then digest-md5 looks more and more like the wrong tools for the job.
Your requirements may be different, however and digest-md5 may be the perfect solution. =)
d!