On 12/06/2014 02:35 AM, Nick Edwards wrote:> On 12/5/14, ML mail <mlnospam at yahoo.com> wrote: >> Hello, >> >> I am wondering which variant is more secure for user authentication and >> password scheme. Basically I am looking at both variants: >> >> 1) MD5-CRYPT password scheme storage with CRAM-MD5 auth mechanism >> 2) SHA512-CRYPT password scheme storage with PLAIN auth mechanism >> >> In my opinion the option 2) should be safer although it is using PLAIN auth >> mechanism. Of course I would always use STARTTLS and not allow unencrypted >> connection. > > Thats not exactly a true statement, if you offer STARTTLS you are > optional on encryption, if you mean not allow unencrypted connections > then you are forcing TLS, not STARTTLS since the latter is designed to > accept unencrypted and then _try_ upgrade to encryption if possible, > if not, stay unencrypted.If you add disable_plaintext_auth=yes ssl=required settings, then dovecot will drop authentication without STARTTLS. But damage will be done, client will send unencrypted (or in this scenario MD5 or SHA512 hash) login/password. http://wiki2.dovecot.org/SSL>> What is your opinion? >> > Number 2 as the other poster said without hesitation and for reasons he said+1 -- Jan Wide? Senior System Administrator e-mail: jan.widel at networkers.pl mobile: +48 797 004 946 www: http://www.networkers.pl GPG: http://networkers.pl/GPG/2E7359CD.asc
Am 06.12.2014 um 06:56 schrieb Jan Wide?:> If you add disable_plaintext_auth=yes ssl=required settings, then > dovecot will drop authentication without STARTTLS. But damage will be > done, client will send unencrypted (or in this scenario MD5 or SHA512 > hash) login/passwordno, damage will *not* be done STARTTLS happens in context of connect and *log before* any authentication is tried the handshake between client/server fails -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 181 bytes Desc: OpenPGP digital signature URL: <http://dovecot.org/pipermail/dovecot/attachments/20141206/e02c3ae5/attachment.sig>
Am 6. Dezember 2014 13:10:58 MEZ, schrieb Reindl Harald <h.reindl at thelounge.net>:> >Am 06.12.2014 um 06:56 schrieb Jan Wide?: >> If you add disable_plaintext_auth=yes ssl=required settings, then >> dovecot will drop authentication without STARTTLS. But damage will be >> done, client will send unencrypted (or in this scenario MD5 or SHA512 >> hash) login/password > >no, damage will *not* be done > >STARTTLS happens in context of connect and *log before* any >authentication is tried the handshake between client/server failsIf the client is misconfigured to not strictly require STARTTLS, but to allow plaintext authentication too, and some man in the middle strips the STARTTLS capability from the server capability message, then the client will probably send its password login attempt in plaintext, without even trying to establish a STARTTLS session, because the server seemed to be incapable of STARTTLS. So you might need to teach your users to enforce STARTTLS in their email client in order to mitigate MITM attacks. Regards Daniel
W dniu 2014-12-06 13:10, Reindl Harald napisa?(a):> Am 06.12.2014 um 06:56 schrieb Jan Wide?: >> If you add disable_plaintext_auth=yes ssl=required settings, then >> dovecot will drop authentication without STARTTLS. But damage will be >> done, client will send unencrypted (or in this scenario MD5 or SHA512 >> hash) login/password > > no, damage will *not* be done > > STARTTLS happens in context of connect and *log before* any > authentication is tried the handshake between client/server failsYes, of course you are right. I meant that client is misconfigured by forced not to use TLS. -- Jan Wide? Senior System Administrator e-mail: jan.widel at networkers.pl mobile: +48 797 004 946 www: http://www.networkers.pl GPG: http://networkers.pl/GPG/2E7359CD.asc