[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Salsa update: no more "-guest" and more

Russ Allbery <rra@debian.org> writes:

> That's effectively what a password manager simulates, albeit trading off
> local secure storage for convenience while limiting the strong passwords
> someone has to memorize to one.  I would argue that the only functional
> difference between a properly-configured password manager and using TLS
> client certificates is that password managers have better UI.  (Which is
> important!)

On re-reading this (which I should have done before sending it rather than
afterwards), I left out some context that made this statement look too
sweeping.  I meant that a password manager with random passwords and
client TLS certificates look similar in their security properties for a
user: you enter a password to unlock a secure store and then some opaque
blob in that secure store is used to authenticate.

Obviously, passwords (assuming no special crypto magic) are effectively
bearer tokens whereas TLS client certificates use asymmetric crypto, so
TLS client certificates are better than password managers for all the
normal reasons why asymmetric crypto is better than bearer tokens (defense
against man-in-the-middle eavesdropping, primarily).  My very rough
understanding of PAKE schemes (which may well be wrong) is that they
effectively turn passwords into asymmetric crypto, thus bringing them
closer to TLS certs except with a fairly weak asymmetric key.

Russ Allbery (rra@debian.org)              <https://www.eyrie.org/~eagle/>

Reply to: