ietf-nntp Re: WG Review: Simple Authentication and Security
Layer (sasl)
Lawrence Greenfield
leg+ at andrew.cmu.edu
Fri Dec 20 09:20:48 PST 2002
The major cost of TLS is in the public key operations that happen at the
start of the session. Due to session resumption, this cost can be amortized
over many actual connections.
Defining a new SASL mechanism that does some sort of ADH will in fact
increase the per-connection cost, since it will be unable to utilize
session resumption. (Not to mention that TLS can be hardened against MITM
attacks by distributing the appropriate certificates.)
The only reason to fear TLS is if encryption of the data stream is viewed
as too costly. This might be true, but if it is please confine your
arguments to that. (A clever server might be able to downgrade the cipher
suite in TLS after authentication has taken place by asking the client for
a renegotiation.)
The round-trip argument is a good one, but I think the web has shown that
TLS's costs are managable across a wide variety of clients.
Larry
--On Friday, December 20, 2002 10:42 AM +0000 Andrew Gierth
<andrew at erlenstar.demon.co.uk> wrote:
>>>>>> "Lawrence" == Lawrence Greenfield <leg+ at andrew.cmu.edu> writes:
>
> Lawrence> I would instead propose that the working group have a MUST
> Lawrence> implement TLS
>
> not ever going to happen in practice.
>
> Very few users are interested in TLS for actually securing the _data_,
> and therefore they aren't interested in paying the costs involved in
> providing it. Therefore it is likely that people will stick to using
> plaintext passwords and AUTHINFO USER/PASS (which is not going to go
> away anytime soon, if ever).
>
> The other reason to not rely on TLS is because currently, even with
> SASL, the authentication exchange can be mostly kept separate from the
> rest of the protocol. A sensible high-volume server design will even
> implement it via a pass-through to a separate authentication server
> rather than clutter up the mainline code. Bear in mind that
> authentication itself is a not-inconsiderable load at a large site,
> where it is not uncommon to have to deal with 50-100 connects/sec.
> Furthermore, because clients often do set up and tear down connections
> fairly quickly, the authentication process must not involve an excessive
> number of round-trips.
>
> --
> Andrew.
> _______________________________________________
> ietf-nntp mailing list
> ietf-nntp at academ.com
> https://www.academ.com/mailman/listinfo/ietf-nntp
>
More information about the ietf-nntp
mailing list