Something Stronger than a Passphrase? (UNCLASSIFIED)
- To: <myproxy-users@ncsa.uiuc.edu>
- Subject: Something Stronger than a Passphrase? (UNCLASSIFIED)
- From: "Friedrichs, Paul D CTR DISA PEO-IAN" <Paul.Friedrichs.ctr@disa.mil>
- Date: Tue, 10 Apr 2007 13:50:31 -0400
- Content-class: urn:content-classes:message
- Content-transfer-encoding: 8bit
- Content-type: text/plain; charset="us-ascii"
- Sender: owner-myproxy-users@ncsa.uiuc.edu
- Thread-index: Acd7mLlqEtnWDZnOSCCR5MkwLLN0aA==
- Thread-topic: Something Stronger than a Passphrase? (UNCLASSIFIED)
Classification: UNCLASSIFIED
Caveats: NONE
Hi All,
I am *very* interested in deploying MyProxy on a large scale, but I am
concerned about the possibility of a phishing/pharming-like attack to
capture the passphrase passed from the prospective proxy to what it
thinks is the MyProxy server during the get process. What I don't like
about this is that if the prospective proxy were fooled into revealing
the passphrase here, it would be the principal who is harmed. Should I
not be concerned about this? Am I missing something?
Given the use of PKI everywhere else, I am surprised a passphrase is
used for this process. Is it possible for the principal to use the put
command to give the MyProxy server the prospective proxy's public key
(which the principal can obtain from its SSL session with the
prospective proxy) and then for the MyProxy server, in the get process,
to authenticate the prospective proxy using this public key and
client-authenticated SSL?
And this leads me to wonder... Since the principal already knows how to
issue a proxy certificate and the prospective proxy already knows how to
obtain a proxy certificate, what is the advantage of having a MyProxy
server as an intermediary? Why couldn't the principal just issue a proxy
certificate to the proxy?
Many Thanks,
Paul
Classification: UNCLASSIFIED
Caveats: NONE