Re: HTTPS with Client Authentication -> HTTP

Fri, 8 Oct 1999 01:07:25 -0700 

> It'd require being a little sneaky, but I'd think a good way to go about
> this would be setting a cookie with a session identifier with a 0
> expiration.  Of course, this is only as trustworthy as the network,
> because anybody sniffing the wire after the session switches to HTTP can
> steal the session ID cookie and start using it, posing as your
> "authenticated" client.  <shrug>
> 
Getting a little more sneaky will make it work.

Quoting directly from Mark_Jason Dominus' WWW security tutorial:

   If you get a request that doesn't contain a cookie at all, redirect 
   the browser to a login page with a fill-out form with 'username' and
   'password' boxes. If they send the right username and password, bake
   up a cookie with the following ingredients:

   A. Username
   B. User's IP address
   C. Expiration time (if desired)
   D. Secret data known only to you
   E. MD5(A,B,C,D)
   
   F. The cookie: Concatenate A, B, C, and E. (Don't include D. It's
      secret!)

   If the user _does_ show up with a cookie, you get F, which contains
   the items ABCE. Check C, the expire time, and fail if C is in the
   past. Checnk B, the expected IP address, and fail if it doesn't 
   match the browser's actual IP address. Look up D, compute the MD5
   hash of A, B, C, and D, and fail if this doesn't match E, the 
   expected hash. Finally, if everything has checked out, take A, the
   username, and use it as the user's identity.

   If some snooper stelas the cookie F, it won't do them much good. F
   contains B, the user's IP address, so it can only be used from the 
   correct IP address. The user can't tamper with B, because that 
   would mess up the checksum E. They can't forge a new checksum, 
   because the checksum includes D, which they don't know. D is never
   transmitted anywhere, is kept under strict lock and key at your 
   site, and is changed immediately if it ever leaks.

   Even a snoooper at the same IP address as the real user will only 
   be able to use the credentials until they expire, which hopefully
   isn't too long ... The snooper can't tamper with the expire time,
   again because that would mess up the checksum ...

Again, this is MJD's, not mine. We're planning on using it in our next
release, assuming we ca clear up some nagging prolems with IE and 
certificates.

 --- Joe M.
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl)                   www.modssl.org
User Support Mailing List                      [EMAIL PROTECTED]
Automated List Manager                            [EMAIL PROTECTED]

Reply via email to