[NNTP] Notes on auxiliary documents
Clive D.W. Feather
clive at demon.net
Thu Dec 2 01:40:43 PST 2004
Russ Allbery said:
> The reasons for disallowing STARTTLS after AUTHINFO would apply to any
> other privacy extension as well. They're not specific to TLS. (In
> particular, new privacy layer => discard all existing state => discard
> existing authentication => double authentication messes that we decided to
> punt on.)
Not necessarily so.
If the authentication mechanism uses a public-key or zero-knowledge system,
successful authentication means that both sides can be sure that the other
person is who they say they are *even* if there's an active attacker in the
middle (that is, the AAitM can prevent authentication but can't falsely
authenticate). At which point they can use an existing shared secret as the
encryption key.
It only applies to TLS because:
- the defined layering puts the SASL encryption on the TLS-encrypted path,
not the other way round;
- TLS uses certificates rather than shared secrets.
--
Clive D.W. Feather | Work: <clive at demon.net> | Tel: +44 20 8495 6138
Internet Expert | Home: <clive at davros.org> | Fax: +44 870 051 9937
Demon Internet | WWW: http://www.davros.org | Mobile: +44 7973 377646
Thus plc | |
More information about the ietf-nntp
mailing list