User-Agent: Mozilla/5.0 (X11; U; Linux i686; ja; rv:22.214.171.124) Gecko/2009101600 Firefox/3.0.15 Build Identifier: This patch is to implement HTTP Mutual access authentication protocol, which we are currently proposing to IETF HTTP Working group. http://tools.ietf.org/html/draft-oiwa-http-mutualauth Mutual authentication protocol is a protocol which implements password-based strong access authentication. This protocol provides true mutual authentication between HTTP clients and servers using simple password-based authentication. It is designed on top of generic HTTP authentication architecture (RFC 2617). Unlike Basic and Digest HTTP access authentication protocol, the protocol ensures that the server knows the user's entity (encrypted password) upon successful authentication. This prevents common phishing attacks: phishing attackers cannot convince users that the user has been authenticated to the genuine website. Furthermore, even when user has been authenticated against an illegitimate server, the server can not gain any bit of information about user's passwords. Currently, the draft protocol specification is submitted to the IETF as an Internet Draft; it is available both from IETF and from our project homepage. We also have an Apache module for this protocol, which can be downloaded from our project page. For trial, we put an implementation of Firefox with this patch applied in our project page, too. This patch consists of three parts: 1. an extension to the C-language part of network-layer implementation, adding interfaces for implementing (2) below. To implement authentication in an add-on layer, we need several additional interfaces for communication between them (e.g. session management and hooks). Current our implementation is somewhat specific to our protocol: we think it can be generalized. 2. an add-on module implemented in XPI layer for the Mutual authentication protocol. Most of the work is done in this level. Cryptographic computations are done in a DLL in this module. 3. a new user interface for authentication. To ensure (a) the authentication UI is not affected by the page content from malicious phishers, and (b) to show the result of a mutual authentication, we propose a new UI for this, separately from conventional authentication methods. We also use this UI for supporting non-modal optional authentication (see specs for details.) To implement this protocol, at least part 1 (or generalized one) have to be incorporated to the main code of the Mozilla browsers. Other parts can either be built-in or be an add-on. This proposal will be an answer for several existing bug IDs for phishing and authentication issues: further information is posted on a web page specific for this bug-id: http://www.rcis.aist.go.jp/special/MutualAuth/software/mozilla/ This page contains the following resources: - links to related bug IDs - possible things to be considered (known issues) - materials (posters and paper abstracts) describing the proposed protocol and UI design - link to the trial implementation and trial website - more things to be added... We believe the protocol is useful, and ask considerations for including this to future (e.g. 3.7 or 4.0?) releases of Firefox. Reproducible: Always
Created attachment 415413 [details] [diff] [review] A patch to the network portion of the main Mozilla code.
Created attachment 415414 [details] [diff] [review] The extension part which implements the protocol.
A bug on cache management, which has been found during implementing these patches, has been submitted as a separate bug 533412. That bug affects both existing (Basic/Digest) and new authentication mechanisms, if 401 response bodies are processed as documents. As this proposal always processes 401 responses when user/pass are not available, the bug 533412 "must" be fixed for this bug-id. (for Basic/Digest, it SHOULD.) I added that bug as a dependency. The patch above contains a partial workaround for bug 533412, which is to be removed once that is fixed.
Created attachment 538896 [details] [diff] [review] A patch to the network portion of the main Mozilla code. A patch to the network portion of the main Mozilla code. Obsoletes attachment 415413 [details] [diff] [review].
Created attachment 538897 [details] [diff] [review] The extension part which implements the protocol. The extension part which implements the protocol. Obsoletes attachment 415414 [details] [diff] [review].
These patches (538896 and 538897) are for Firefox 3.6.17.