[Ach] Fwd: Re: !SRP

Philipp Gühring pg at futureware.at
Wed Dec 18 18:29:38 CET 2013


Ivan Ristić agrees that we should remove !SRP.
Peter Gutmann also suggests to use TLS-SRP (or TLS-PSK) instead of any
other ciphersuites for password-authentication in his upcoming book
"Engineering Security" in several places. (From my point of view,
TLS-SRP seems a bit more safe than TLS-PSK for password-authentication,
I would use TLS-PSK for embedded and other special applications)

Can we remove !SRP from the ciphersuites?

Best regards,
Philipp Gühring

-------- Original-Nachricht --------
Betreff: 	Re: !SRP
Datum: 	Mon, 02 Dec 2013 10:04:29 +0000
Von: 	Ivan Ristić <ivanr at webkreator.com>
An: 	Philipp Gühring <pg at futureware.at>

I agree. I'll see how best to do it.


On 29/11/2013 14:01, Philipp Gühring wrote:
> Hi Ivan,
>> Neither. But it's not supported by most (all) major browsers and
>> virtually no body uses it. Thus, I disable it purely to disable
>> clutter,
>> allowing you to have a better idea of what you're using.
> Ok, I understand. Good. Thanks a lot for your fast feedback!
> Unfortunately, people are taking your suggestion as security
> recommendation, and implement it that way on their systems.
> It´s a bit difficult for most browsers to implement SRP, since it is a bit
> against their current architecture, so it takes quite some changes which
> take some time, but I hope that they will succeed in implementing it soon.
> It would be disappointing if by the time the browsers have implemented
> SRP, everyone else believes that we should do !SRP in the configs, and it
> will be hard to revert that afterwards.
> Actually, I think that most servers should not advertise SRP ciphersuites
> in the handshake, unless they are configured with all necessary parameters
> for SRP. So I would expect that you would not get SRP clutter in the
> handshake if you removed !SRP from the config.
> Therefore I would ask you to remove !SRP.
> But feel free to add !SRP when it really causes any problems, or when you
> hear about any security problems. I just hope that we can use SRP for
> things like POP3/IMAP, where I think that it can provide a really good
> man-in-the-middle prevention in the future.
> Best regards,
> Philipp Gühring


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cert.at/pipermail/ach/attachments/20131218/d27585e3/attachment.html>

More information about the Ach mailing list