WebApp Sec mailing list archives

Previous By Date Next
Previous By Thread Next

RE: NTLM HTTP Authentication is insecure by design - a new writeup by Amit Klein

From: "Cyrill Osterwalder" <cyrill.osterwalder () seclutions com>
Date: Tue, 9 Aug 2005 08:53:03 +0200

Andrew,


Actually, there is a need to couple them - for non-repudiation and  
traceability reasons.


There is indeed a need to couple the trust association with the back-end
servers. And I agree with you, that a trustworthy method must be used to
provision credentials or user identity assertions to back-end systems. But
that does not necessarily mean that the SSL handshake including the client
certificate verification has to be coupled with the back-end servers. Which I
think is a bad idea for larger deployment architectures. It makes filtering
and other security enforcement procedures very difficult, increases the risk
for the back-end server to be compromised and it is not well scalable.

In my opinion, a well implemented ASG or WAF should be capable of offloading
the client certificate authentication and provision the data in a trustworthy
way to back-end systems if the ASG/WAF system is supposed to offload
centralized authentication enforcement.

Best regards

Cyrill Osterwalder

Chief Technology Officer
Seclutions AG

http://www.seclutions.com
Previous By Date Next
Previous By Thread Next

Current thread: