[Ach] Fwd: Re: !SRP

Adi Kriegisch adi at kriegisch.at
Wed Dec 18 23:48:51 CET 2013


> Ivan Ristić agrees that we should remove !SRP.
> Peter Gutmann also suggests to use TLS-SRP (or TLS-PSK) instead of any
> other ciphersuites for password-authentication in his upcoming book
> "Engineering Security" in several places. (From my point of view,
> TLS-SRP seems a bit more safe than TLS-PSK for password-authentication,
> I would use TLS-PSK for embedded and other special applications)
Thanks for providing more insights!

Actually I am still not convinced that removing '!SRP' from the cipher list
is a good idea: SRP requires special configuration in any way.
Enabling a security mechanism that isn't configured may lead to undesired
side effects and I'm afraid, we'll only know what may happen when
web/imap/whatever servers begin supporting SRP.

Anyone else having an opinion on that?

Probably you could provide more explanations for section 7.3 (choosing your
own ciphers). What we have right now:
Key Exchange:
"Other key exchange mechanisms like Pre-Shared Key (PSK) or Secure Remote
 Password (SRP) are irrelevant for regular SSL/TLS use."
(which is a little misguided)

and Authentication:
"In addition to the server providing its identity, a client might do so as
 well. That way mutual trust can be established. Another mechanism providing
 client authentication is Secure Remote Password (SRP) [ADD REFERENCE]
 All those mechanisms require special configuration."

-- Adi
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 827 bytes
Desc: Digital signature
URL: <http://lists.cert.at/pipermail/ach/attachments/20131218/2d3e012c/attachment.sig>

More information about the Ach mailing list