Challenging clients, why another ping-pong?

[Russ Allbery]

Rick van Rein <rick at openfortress.nl> writes:

> Thanks, the terminology has indeed been confusing to me.  I suppose
> things are as they are — or, as they have grown.

The short but less polite version is that HTTP-Negotiate with SPNEGO is a
horrible hack from a Kerberos perspective.  It sort of works as long as
you know what to expect from it, but it's basically a half-assed one-sided
authentication from the client to the server that doesn't behave like a
real GSS-API authentication, doesn't give you mutual authentication or
most of the other GSS-API guarantees, and cannot scale to other mechanisms
or to sensible changes in how one wants the negotiation to work.

Most of those problems are inherent in the way that it was plugged into
HTTP and cannot easily be fixed.

Since HTTP doesn't provide any easy way for an authentication mechanism to
add channel encryption, any proper solution is probably stuck with channel
binding and using TLS for confidentiality.  But within that constraint,
it's probably possible to do better by taking the authentication out of
the HTTP headers into, say, a separate exchange with different HTTP
protocol verbs or with designated URLs, resulting in some sort of
authenticator with channel bindings that must be provided in all
subsequent HTTP requests in that session.  Nico has done some work on such
a protocol.

-- 
Russ Allbery (eagle at eyrie.org)              <http://www.eyrie.org/~eagle/>