From mboxrd@z Thu Jan 1 00:00:00 1970 To: 9fans@cse.psu.edu Subject: Re: [9fans] upas/smtpd password authentication From: "Russ Cox" Date: Mon, 17 Dec 2007 12:52:59 -0500 In-Reply-To: <1a579fc66314c00596b0b6f99acf5fc8@quanstro.net> MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit Message-Id: <20071217175230.1C7BC1E8C4D@holo.morphisms.net> Topicbox-Message-UUID: 1bba257e-ead3-11e9-9d60-3106f5b1d025 > i'm not a security expert. what case that i can't currently see > would tls solve for me that's worth the extra configuration. > what am i missing? I believe you are missing the fact that the so-called "inferno/pop" password is no less powerful from an authentication point of view than the "plan9" password. If you give me either one, I can convince a host owner factotum that I am you, and thus change my user id to yours on the local machine. It turns out that the general login access daemons all require p9any authentication, which can't be carried out with the inferno/pop password, but that's not fundamental. As far as factotum and the kernel are concerned, the inferno/pop password identifies you as much as the plan9 password. So what I've described is, right now, only a local escalation, not a network one. But there's no fundamental reason for that to continue. Better names would have been the "crappy DES" ("plan9") password and the "everything else" ("inferno/pop") password. The plan9 password is not stored on the auth server -- its DES equivalent is. The inferno/pop password *is* stored on the auth server, making it possible to use in non-DES protocols. If the plan9 password text had been stored originally, the inferno/pop password wouldn't exist. > tls seems like something extra to break. i have several > dozen mac/windows users that need detailed instructions > for every change. Around 1999, DHCP was a royal pain, because configuring it was difficult or undocumented, the clients and all the servers spoke slightly different dialects, and to a first approximation no one could understand each other. Now, you just check a box and it works. No one blinks at needing to set up DHCP. IMAP and SMTP over TLS used to be difficult too, but support for these has converged as they have become more widespread. Now you just check a box. Russ