From owner-freebsd-security  Sat Jan 13 20: 7: 2 2001
Delivered-To: freebsd-security@freebsd.org
Received: from mailhost01.reflexnet.net (mailhost01.reflexnet.net [64.6.192.82])
	by hub.freebsd.org (Postfix) with ESMTP id BB1DD37B6A6
	for <security@freebsd.org>; Sat, 13 Jan 2001 20:06:43 -0800 (PST)
Received: from rfx-64-6-211-149.users.reflexcom.com ([64.6.211.149]) by mailhost01.reflexnet.net  with Microsoft SMTPSVC(5.5.1877.197.19);
	 Sat, 13 Jan 2001 20:04:58 -0800
Received: (from cjc@localhost)
	by rfx-64-6-211-149.users.reflexcom.com (8.11.1/8.11.0) id f0E46mR33317;
	Sat, 13 Jan 2001 20:06:48 -0800 (PST)
	(envelope-from cjc)
Date: Sat, 13 Jan 2001 20:06:48 -0800
From: "Crist J. Clark" <cjclark@reflexnet.net>
To: Webbie <webbie@ipfw.org>
Cc: Frank Tobin <ftobin@uiuc.edu>, Dru <genisis@istar.ca>,
	security@FreeBSD.ORG
Subject: Re: opinions on password policies
Message-ID: <20010113200648.K97980@rfx-64-6-211-149.users.reflexco>
Reply-To: cjclark@alum.mit.edu
References: <Pine.BSF.4.21.0101131321210.89486-100000@genisis> <Pine.BSF.4.31.0101131726030.40290-100000@palanthas.neverending.org> <20010113165021.I97980@rfx-64-6-211-149.users.reflexco> <58623706.20010113225124@ipfw.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Mailer: Mutt 1.0i
In-Reply-To: <58623706.20010113225124@ipfw.org>; from pccb@yahoo.com on Sat, Jan 13, 2001 at 10:51:24PM -0500
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

On Sat, Jan 13, 2001 at 10:51:24PM -0500, Peter Chiu wrote:
> Saturday, January 13, 2001, 7:50:21 PM, you wrote:
> 
> CJC> On Sat, Jan 13, 2001 at 05:35:51PM -0600, Frank Tobin wrote:
> >> While this may not be applicable to your situation, I feel that the best
> >> policy is to demand public-key authentication.  The reason for this is to
> >> limit the human factor, not demanding the user remember yet another unique
> >> password.  If forced to remember another password, most users (including
> >> myself) will often re-use a password they use at another place.
> >> 
> >> If your system is compromised, you do not to help the attackers, who are
> >> now likely, get into other accounts the user might have other places
> >> because they reused the pasword.  On the flip side, it would be best that
> >> if the user was compromised someplace else, it won't help the attackers
> >> use the authentication information to get into the victim's account on
> >> your system.  Public-key systems prevent this sort of "chain-reaction"
> >> account breakage.
> 
> CJC> I am not sure I understand your argument here. I your system, how does
> CJC> the _user_ authenticate himself? Biometrics? HW token? Smart card?
> CJC> Really, no passwords?
> 
> I think he means using a public-key pair without a passphrase. I could
> be wrong though.

Geez. I hope not. That means there is no user authentication at all.
-- 
Crist J. Clark                           cjclark@alum.mit.edu


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message