undefined | Better HN

0 pointspornel15y ago0 comments

Basic is useless - sends password in the clear.

Digest authentication is safe against passive sniffing (it doesn't exchange any password/token in the clear and uses nonces), but it doesn't protect against active attacker who could modify server headers and replace "Digest" with "Basic" to reveal password.

0 comments

al_james15y ago

Ok, so digest authentication is safe against this new firefox extension?

If so, why don't facebook et al. switch to digest based authentication?

Surely its better than unencrypted cookie based logins. Is it just that its ugly (the browser login popup)?

pornelOP15y ago

Yes, Digest is safe in this case, but one could write a more advanced (packet-injecting) tool/Firefox extension that breaks Digest too.

Terribly bad UI and lack of standard way to log out are dealbreakers for HTTP auth.

There's also no reliable way to customize UI to offer help, password reminders, branding or anything like that.

There has been proposal to improve this in 1999:

http://www.w3.org/TR/NOTE-authentform

and recently discussed in HTML5 WG, but the conclusion was Digest and countless JS tricks proposed in its place are only partial solutions, cookies have unstoppable momentum, so it's better if everyone just switches to SSL.

j / k navigate · click thread line to collapse