ietf-nntp Re: WG Review: Simple Authentication and Security Layer
(sasl)
Ken Murchison
ken at oceana.com
Sat Jan 4 15:02:06 PST 2003
"Jeffrey M. Vinocur" wrote:
>
> On Fri, 20 Dec 2002, Rob Siemborski wrote:
>
> > I don't think there is a very strong argument against using TLS/PLAIN
> > for this purpose (given that this WG seems to be insistent that the
> > servers receive copies of the plaintext passwords,
>
> We're still waiting for details from SASL people about the possibility of
> down-negotiation to plaintext after authentication. I'd say that makes a
> difference.
FYI, I spent some time hacking the TLS renegotiation after
authentication stuff into the Cyrus NNTP server and test client, and it
_is_ possible using OpenSSL. Its pretty straight forward adding this
to the server, but the client needs to be made aware of renegotiations
(checking error code of SSL_read()) and must provide the NULL ciphers.
Perhaps its possible to tell OpenSSL to negotiate the least
secure/fastest cipher so that even if the NULL ciphers aren't available
we can get increased performance, but I haven't looked into it.
For those that are interested, here is a protocol dump of a
STARTTLS/PLAIN session using ssldump. The renegotiation starts right
after the return code for the AUTHINFO command (record 15). Starting at
record 26, the rest of the session is once again in plaintext (with
MAC).
New TCP connection #1: eagle.oceana.com(56489) <->
eagle.oceana.com(9119)
0.1027 (0.1027) S>C
---------------------------------------------------------------
200 eagle.oceana.com Cyrus NNTP v2.2.prealpha server ready, posting
allowed
---------------------------------------------------------------
0.1031 (0.0003) C>S
---------------------------------------------------------------
LIST EXTENSIONS
---------------------------------------------------------------
0.1034 (0.0003) S>C
---------------------------------------------------------------
202 Extensions supported:
AUTHINFO
SASL SRP OTP NTLM DIGEST-MD5 CRAM-MD5
HDR
LISTGROUP
OVER
STARTTLS
.
---------------------------------------------------------------
0.1036 (0.0001) C>S
---------------------------------------------------------------
STARTTLS
---------------------------------------------------------------
0.1781 (0.0745) S>C
---------------------------------------------------------------
382 Begin TLS negotiation now
---------------------------------------------------------------
1 1 0.1840 (0.0059) C>S Handshake
ClientHello
Version 3.1
cipher suites
TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA
TLS_RSA_WITH_3DES_EDE_CBC_SHA
TLS_DHE_DSS_WITH_RC4_128_SHA
TLS_RSA_WITH_RC4_128_SHA
TLS_RSA_WITH_RC4_128_MD5
TLS_DHE_DSS_WITH_RC2_56_CBC_SHA
TLS_RSA_EXPORT1024_WITH_RC4_56_SHA
TLS_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA
TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA
TLS_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5
TLS_RSA_EXPORT1024_WITH_RC4_56_MD5
TLS_DHE_RSA_WITH_DES_CBC_SHA
TLS_DHE_DSS_WITH_DES_CBC_SHA
TLS_RSA_WITH_DES_CBC_SHA
TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA
TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA
TLS_RSA_EXPORT_WITH_DES40_CBC_SHA
TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5
TLS_RSA_EXPORT_WITH_RC4_40_MD5
compression methods
NULL
1 2 0.1858 (0.0017) S>C Handshake
ServerHello
Version 3.1
session_id[32]=
ac c9 a3 28 c5 01 e4 01 a5 d9 79 40 d0 80 8c b0
ec a4 e8 e0 3e e1 5c 87 ea c2 dc 73 f7 f9 ff df
cipherSuite TLS_RSA_WITH_3DES_EDE_CBC_SHA
compressionMethod NULL
1 3 0.1858 (0.0000) S>C Handshake
Certificate
1 4 0.1858 (0.0000) S>C Handshake
CertificateRequest
certificate_types rsa_sign
certificate_types dss_sign
certificate_authority
30 81 a9 31 0b 30 09 06 03 55 04 06 13 02 4e 59
31 11 30 0f 06 03 55 04 08 13 08 4e 65 77 20 59
6f 72 6b 31 15 30 13 06 03 55 04 07 13 0c 4f 72
63 68 61 72 64 20 50 61 72 6b 31 0f 30 0d 06 03
55 04 0a 13 06 4f 63 65 61 6e 61 31 28 30 26 06
03 55 04 0b 13 1f 43 65 72 74 69 66 69 63 61 74
69 6f 6e 20 53 65 72 76 69 63 65 73 20 44 69 76
69 73 69 6f 6e 31 17 30 15 06 03 55 04 03 13 0e
4f 63 65 61 6e 61 20 52 6f 6f 74 20 43 41 31 1c
30 1a 06 09 2a 86 48 86 f7 0d 01 09 01 16 0d 63
61 40 6f 63 65 61 6e 61 2e 63 6f 6d
ServerHelloDone
1 5 0.1916 (0.0058) C>S Handshake
Certificate
1 6 0.1916 (0.0000) C>S Handshake
ClientKeyExchange
1 7 0.1916 (0.0000) C>S ChangeCipherSpec
1 8 0.1916 (0.0000) C>S Handshake
Finished
1 9 0.2091 (0.0174) S>C ChangeCipherSpec
1 10 0.2091 (0.0000) S>C Handshake
Finished
1 11 0.2098 (0.0007) C>S application_data
---------------------------------------------------------------
LIST EXTENSIONS
---------------------------------------------------------------
1 12 0.2108 (0.0010) S>C application_data
---------------------------------------------------------------
202 Extensions supported:
AUTHINFO USER
SASL SRP LOGIN OTP NTLM PLAIN DIGEST-MD5 CRAM-MD5
HDR
LISTGROUP
OVER
STARTTLS
.
---------------------------------------------------------------
1 13 2.5529 (2.3421) C>S application_data
---------------------------------------------------------------
AUTHINFO SASL PLAIN dGVzdAB0ZXN0AHRlc3Q=
---------------------------------------------------------------
1 14 2.5693 (0.0164) S>C application_data
---------------------------------------------------------------
250 Success (tls protection)
---------------------------------------------------------------
1 15 2.5698 (0.0004) S>C Handshake
HelloRequest
1 16 2.5706 (0.0007) C>S Handshake
ClientHello
Version 3.1
cipher suites
TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA
TLS_RSA_WITH_3DES_EDE_CBC_SHA
TLS_DHE_DSS_WITH_RC4_128_SHA
TLS_RSA_WITH_RC4_128_SHA
TLS_RSA_WITH_RC4_128_MD5
TLS_DHE_DSS_WITH_RC2_56_CBC_SHA
TLS_RSA_EXPORT1024_WITH_RC4_56_SHA
TLS_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA
TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA
TLS_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5
TLS_RSA_EXPORT1024_WITH_RC4_56_MD5
TLS_DHE_RSA_WITH_DES_CBC_SHA
TLS_DHE_DSS_WITH_DES_CBC_SHA
TLS_RSA_WITH_DES_CBC_SHA
TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA
TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA
TLS_RSA_EXPORT_WITH_DES40_CBC_SHA
TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5
TLS_RSA_EXPORT_WITH_RC4_40_MD5
TLS_RSA_WITH_NULL_SHA
TLS_RSA_WITH_NULL_MD5
compression methods
NULL
1 17 2.5718 (0.0011) S>C Handshake
ServerHello
Version 3.1
session_id[32]=
bc 5a a8 0f 2c 47 51 d6 cb da 43 2a d2 38 3d 43
ce f3 4f 3a 6d 5a 6e de 05 35 17 d2 b1 6d f6 f7
cipherSuite TLS_RSA_WITH_NULL_SHA
compressionMethod NULL
1 18 2.5718 (0.0000) S>C Handshake
Certificate
1 19 2.5718 (0.0000) S>C Handshake
CertificateRequest
certificate_types rsa_sign
certificate_types dss_sign
certificate_authority
30 81 a9 31 0b 30 09 06 03 55 04 06 13 02 4e 59
31 11 30 0f 06 03 55 04 08 13 08 4e 65 77 20 59
6f 72 6b 31 15 30 13 06 03 55 04 07 13 0c 4f 72
63 68 61 72 64 20 50 61 72 6b 31 0f 30 0d 06 03
55 04 0a 13 06 4f 63 65 61 6e 61 31 28 30 26 06
03 55 04 0b 13 1f 43 65 72 74 69 66 69 63 61 74
69 6f 6e 20 53 65 72 76 69 63 65 73 20 44 69 76
69 73 69 6f 6e 31 17 30 15 06 03 55 04 03 13 0e
4f 63 65 61 6e 61 20 52 6f 6f 74 20 43 41 31 1c
30 1a 06 09 2a 86 48 86 f7 0d 01 09 01 16 0d 63
61 40 6f 63 65 61 6e 61 2e 63 6f 6d
ServerHelloDone
1 20 2.5774 (0.0056) C>S Handshake
Certificate
1 21 2.5774 (0.0000) C>S Handshake
ClientKeyExchange
1 22 2.5774 (0.0000) C>S ChangeCipherSpec
1 23 2.5774 (0.0000) C>S Handshake
Finished
1 24 2.5939 (0.0165) S>C ChangeCipherSpec
1 25 2.5939 (0.0000) S>C Handshake
Finished
1 26 14.3106 (11.7166) C>S application_data
---------------------------------------------------------------
DATE
---------------------------------------------------------------
1 27 14.3111 (0.0005) S>C application_data
---------------------------------------------------------------
111 20030104222841
---------------------------------------------------------------
1 28 15.5819 (1.2707) C>S application_data
---------------------------------------------------------------
QUIT
---------------------------------------------------------------
1 15.5821 (0.0001) C>S TCP FIN
1 29 15.5841 (0.0020) S>C application_data
---------------------------------------------------------------
205 Bye
---------------------------------------------------------------
--
Kenneth Murchison Oceana Matrix Ltd.
Software Engineer 21 Princeton Place
716-662-8973 x26 Orchard Park, NY 14127
--PGP Public Key-- http://www.oceana.com/~ken/ksm.pgp
More information about the ietf-nntp
mailing list