Opened 10 years ago

Closed 6 years ago

Last modified 6 years ago

#246 closed enhancement (invalid)

Bindctl: Create cryptographic binding between tunnelling protocol and authentication protocol to avoid MITM attacks

Reported by: zhanglikun Owned by: UnAssigned
Priority: medium Milestone: Common Outstanding Tasks
Component: ~bind-ctl (obsolete) Version:
Keywords: Cc:
CVSS Scoring: Parent Tickets:
Sensitive: no Defect Severity: N/A
Sub-Project: DNS Feature Depending on Ticket:
Estimated Difficulty: Unestimatable Add Hours to Ticket:
Total Hours: Internal?: no

Description

This ticket was generated by the idea provided by Francis in his reply to email "[bind10-dev] Security Mechanism for Cmdctl and Bindctl".

Currently the password is sent in plaintext from bindctl to cmdctl, and this was thought as one bad idea.

Some documents about MITM attacks:
the draft explaining the issue for PEAP and TTLS is not well known.
(it is draft-puthenkulam-eap-binding-01.txt)
Google gives another ref: http://eprint.iacr.org/2002/163.pdf

Subtickets

Change History (9)

comment:1 Changed 9 years ago by zhanglikun

  • billable set to 0
  • Estimated Difficulty set to 0.0
  • Internal? unset
  • Milestone set to feature backlog item

Suggest to make this one as feature backlog item. If someone else doesn't agree, please change back.

comment:2 Changed 9 years ago by stephen

  • Milestone feature backlog item deleted

Milestone feature backlog item deleted

comment:3 Changed 9 years ago by zhanglikun

  • Owner changed from zhanglikun to UnAssigned
  • Status changed from new to assigned

comment:4 Changed 6 years ago by shane

  • Defect Severity set to N/A
  • Milestone set to New Tasks
  • Sub-Project set to DNS
Last edited 6 years ago by shane (previous) (diff)

comment:5 follow-up: Changed 6 years ago by vorner

Don't we use ssl already for that?

comment:6 in reply to: ↑ 5 Changed 6 years ago by muks

Replying to vorner:

Don't we use ssl already for that?

This bug was discussed recently in another meeting and I thought the same. Can this ticket be closed?

comment:7 Changed 6 years ago by muks

  • Estimated Difficulty changed from 0.0 to Unestimatable

comment:8 Changed 6 years ago by muks

  • Resolution set to invalid
  • Status changed from assigned to closed

We decided to close this ticket as invalid during the sprint planning meeting.

comment:9 Changed 6 years ago by tomek

  • Milestone changed from New Tasks to Common Outstanding Tasks

Milestone New Tasks deleted

Note: See TracTickets for help on using tickets.