mirror of
https://git.openldap.org/openldap/openldap.git
synced 2024-12-21 03:10:25 +08:00
6e077505e9
Remove grouping I-D until ready to implement
508 lines
17 KiB
Plaintext
508 lines
17 KiB
Plaintext
|
||
|
||
|
||
|
||
|
||
|
||
Network Working Group K. Zeilenga
|
||
Request for Comments: 3112 OpenLDAP Foundation
|
||
Category: Informational May 2001
|
||
|
||
|
||
LDAP Authentication Password Schema
|
||
|
||
Status of this Memo
|
||
|
||
This memo provides information for the Internet community. It does
|
||
not specify an Internet standard of any kind. Distribution of this
|
||
memo is unlimited.
|
||
|
||
Copyright Notice
|
||
|
||
Copyright (C) The Internet Society (2001). All Rights Reserved.
|
||
|
||
Abstract
|
||
|
||
This document describes schema in support of user/password
|
||
authentication in a LDAP (Lightweight Directory Access Protocol)
|
||
directory including the authPassword attribute type. This attribute
|
||
type holds values derived from the user's password(s) (commonly using
|
||
cryptographic strength one-way hash). authPassword is intended to
|
||
used instead of userPassword.
|
||
|
||
1. Background and Intended Use
|
||
|
||
The userPassword attribute type [RFC2256] is intended to be used to
|
||
support the LDAP [RFC2251] "simple" bind operation. However, values
|
||
of userPassword must be clear text passwords. It is often desirable
|
||
to store values derived from the user's password(s) instead of actual
|
||
passwords.
|
||
|
||
The authPassword attribute type is intended to be used to store
|
||
information used to implement simple password based authentication.
|
||
The attribute type may be used by LDAP servers to implement the LDAP
|
||
Bind operation's "simple" authentication method.
|
||
|
||
The attribute type supports multiple storage schemes. A matching
|
||
rule is provided for use with extensible search filters to allow
|
||
clients to assert that a clear text password "matches" one of the
|
||
attribute's values.
|
||
|
||
Storage schemes often use cryptographic strength one-way hashing.
|
||
Though the use of one-way hashing reduces the potential that exposed
|
||
values will allow unauthorized access to the Directory (unless the
|
||
|
||
|
||
|
||
|
||
Zeilenga Informational [Page 1]
|
||
|
||
RFC 3112 LDAP Authentication Password Schema May 2001
|
||
|
||
|
||
hash algorithm/implementation is flawed), the hashing of passwords is
|
||
intended to be as an additional layer of protection. It is
|
||
RECOMMENDED that hashed values be protected as if they were clear
|
||
text passwords.
|
||
|
||
This attribute may be used in conjunction with server side password
|
||
generation mechanisms (such as the LDAP Password Modify [RFC3062]
|
||
extended operation).
|
||
|
||
Access to this attribute may governed by administrative controls such
|
||
as those which implement password change policies.
|
||
|
||
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
|
||
"SHOULD", "SHOULD NOT", "RECOMMENDED", and "MAY" in this document are
|
||
to be interpreted as described in RFC 2119 [RFC2119].
|
||
|
||
2. Schema Definitions
|
||
|
||
The following schema definitions are described in terms of LDAPv3
|
||
Attribute Syntax Definitions [RFC2252] with specific syntax detailed
|
||
using Augmented BNF [RFC2234].
|
||
|
||
2.1. authPasswordSyntax
|
||
|
||
( 1.3.6.1.4.1.4203.1.1.2
|
||
DESC 'authentication password syntax' )
|
||
|
||
Values of this syntax are encoded according to:
|
||
|
||
authPasswordValue = w scheme s authInfo s authValue w
|
||
scheme = %x30-39 / %x41-5A / %x2D-2F / %x5F
|
||
; 0-9, A-Z, "-", ".", "/", or "_"
|
||
authInfo = schemeSpecificValue
|
||
authValue = schemeSpecificValue
|
||
schemeSpecificValue = *( %x21-23 / %x25-7E )
|
||
; printable ASCII less "$" and " "
|
||
s = w SEP w
|
||
w = *SP
|
||
SEP = %x24 ; "$"
|
||
SP = %x20 ; " " (space)
|
||
|
||
where scheme describes the mechanism and authInfo and authValue are a
|
||
scheme specific. The authInfo field is often a base64 encoded salt.
|
||
The authValue field is often a base64 encoded value derived from a
|
||
user's password(s). Values of this attribute are case sensitive.
|
||
|
||
|
||
|
||
|
||
|
||
|
||
Zeilenga Informational [Page 2]
|
||
|
||
RFC 3112 LDAP Authentication Password Schema May 2001
|
||
|
||
|
||
Transfer of values of this syntax is strongly discouraged where the
|
||
underlying transport service cannot guarantee confidentiality and may
|
||
result in disclosure of the values to unauthorized parties.
|
||
|
||
This document describes a number of schemes, as well as requirements
|
||
for the scheme naming, in section 3.
|
||
|
||
2.2. authPasswordExactMatch
|
||
|
||
( 1.3.6.1.4.1.4203.1.2.2
|
||
NAME 'authPasswordExactMatch'
|
||
DESC 'authentication password exact matching rule'
|
||
SYNTAX 1.3.6.1.4.1.4203.1.1.2 )
|
||
|
||
This matching rule allows a client to assert that an asserted
|
||
authPasswordSyntax value matches authPasswordSyntax values. It is
|
||
meant to be used as the EQUALITY matching rule of attributes whose
|
||
SYNTAX is authPasswordSyntax.
|
||
|
||
The assertion is "TRUE" if there is an attribute value which has the
|
||
same scheme, authInfo, and authValue components as the asserted
|
||
value; "FALSE" if no attribute value has the same components as the
|
||
asserted value; and "Undefined" otherwise.
|
||
|
||
2.3. authPasswordMatch
|
||
|
||
( 1.3.6.1.4.1.4203.1.2.3
|
||
NAME 'authPasswordMatch'
|
||
DESC 'authentication password matching rule'
|
||
SYNTAX 1.3.6.1.4.1.1466.115.121.1.40{128} )
|
||
|
||
This matching rule allows a client to assert that a password matches
|
||
values of authPasswordSyntax using an extensibleMatch filter
|
||
component. Each value is matched per its scheme. The assertion is
|
||
"TRUE" if one or more attribute values matches the asserted value,
|
||
"FALSE" if all values do not matches, and "Undefined" otherwise.
|
||
|
||
Servers which support use of this matching rule SHOULD publish
|
||
appropriate matchingRuleUse values per [RFC2252], 4.4.
|
||
|
||
Transfer of authPasswordMatch assertion values is strongly
|
||
discouraged where the underlying transport service cannot guarantee
|
||
confidentiality and may result in disclosure of the values to
|
||
unauthorized parties.
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
Zeilenga Informational [Page 3]
|
||
|
||
RFC 3112 LDAP Authentication Password Schema May 2001
|
||
|
||
|
||
2.4. supportedAuthPasswordSchemes
|
||
|
||
( 1.3.6.1.4.1.4203.1.3.3
|
||
NAME 'supportedAuthPasswordSchemes'
|
||
DESC 'supported password storage schemes'
|
||
EQUALITY caseExactIA5Match
|
||
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{32}
|
||
USAGE dSAOperation )
|
||
|
||
The values of this attribute are names of supported authentication
|
||
password schemes which the server supports. The syntax of a scheme
|
||
name is described in section 2.1. This attribute may only be present
|
||
in the root DSE. If the server does not support any password
|
||
schemes, this attribute will not be present.
|
||
|
||
2.5. authPassword
|
||
|
||
( 1.3.6.1.4.1.4203.1.3.4 NAME 'authPassword'
|
||
DESC 'password authentication information'
|
||
EQUALITY 1.3.6.1.4.1.4203.1.2.2
|
||
SYNTAX 1.3.6.1.4.1.4203.1.1.2 )
|
||
|
||
The values of this attribute are representative of the user's
|
||
password(s) and conform to the authPasswordSyntax described in 2.1.
|
||
The values of this attribute may be used for authentication purposes.
|
||
|
||
Transfer of authPassword values is strongly discouraged where the
|
||
underlying transport service cannot guarantee confidentiality and may
|
||
result in disclosure of the values to unauthorized parties.
|
||
|
||
2.6. authPasswordObject
|
||
|
||
( 1.3.6.1.4.1.4203.1.4.7 NAME 'authPasswordObject'
|
||
DESC 'authentication password mix in class'
|
||
MAY 'authPassword'
|
||
AUXILIARY )
|
||
|
||
Entries of this object class may contain authPassword attribute
|
||
types.
|
||
|
||
3. Schemes
|
||
|
||
This section describes the "MD5" and "SHA1" schemes. Other schemes
|
||
may be defined by other documents. Schemes which are not described
|
||
in an RFC SHOULD be named with a leading "X-" to indicate they are a
|
||
private or implementation specific scheme, or may be named using the
|
||
dotted-decimal representation [RFC2252] of an OID assigned to the
|
||
scheme.
|
||
|
||
|
||
|
||
Zeilenga Informational [Page 4]
|
||
|
||
RFC 3112 LDAP Authentication Password Schema May 2001
|
||
|
||
|
||
3.1. MD5 scheme
|
||
|
||
The MD5 [RFC1321] scheme name is "MD5".
|
||
|
||
The authValue is the base64 encoding of an MD5 digest of the
|
||
concatenation the user password and salt. The base64 encoding of the
|
||
salt is provided in the authInfo field. The salt MUST be at least 64
|
||
bits long. Implementations of this scheme MUST support salts up to
|
||
128 bits in length.
|
||
|
||
Example:
|
||
Given a user "joe" who's password is "mary" and a salt of "salt",
|
||
the authInfo field would be the base64 encoding of "salt" and the
|
||
authValue field would be the base64 encoding of the MD5 digest of
|
||
"marysalt".
|
||
|
||
A match against an asserted password and an attribute value of this
|
||
scheme SHALL be true if and only if the MD5 digest of concatenation
|
||
of the asserted value and the salt is equal to the MD5 digest
|
||
contained in AuthValue. The match SHALL be undefined if the server
|
||
is unable to complete the equality test for any reason. Otherwise
|
||
the match SHALL be false.
|
||
|
||
Values of this scheme SHOULD only be used to implement simple
|
||
user/password authentication.
|
||
|
||
3.2. SHA1 scheme
|
||
|
||
The SHA1 [SHA1] scheme name is "SHA1".
|
||
|
||
The authValue is the base64 encoding of a SHA1 digest of the
|
||
concatenation the user password and the salt. The base64 encoding of
|
||
the salt is provided in the authInfo field. The salt MUST be at
|
||
least 64 bits long. Implementations of this scheme MUST support
|
||
salts up to 128 bits in length.
|
||
|
||
Example:
|
||
Given a user "joe" who's password is "mary" and a salt of "salt",
|
||
the authInfo field would be the base64 encoding of "salt" and the
|
||
authValue field would be the base64 encoding of the SHA1 digest of
|
||
"marysalt".
|
||
|
||
A match against an asserted password and an attribute value of this
|
||
scheme SHALL be true if and only if the SHA1 digest of concatenation
|
||
of the asserted value and the salt is equal to the SHA1 digest
|
||
contained in AuthValue. The match SHALL be undefined if the server
|
||
is unable to complete the equality test for any reason. Otherwise
|
||
the match SHALL be false.
|
||
|
||
|
||
|
||
Zeilenga Informational [Page 5]
|
||
|
||
RFC 3112 LDAP Authentication Password Schema May 2001
|
||
|
||
|
||
Values of this scheme SHOULD only be used to implement simple
|
||
user/password authentication.
|
||
|
||
4. Implementation Issues
|
||
|
||
For all implementations of this specification:
|
||
|
||
Servers MAY restrict which schemes are used in conjunction with a
|
||
particular authentication process but SHOULD use all values of
|
||
selected schemes. If the asserted password matches any of the
|
||
stored values, the asserted password SHOULD be considered valid.
|
||
Servers MAY use other authentication storage mechanisms, such as
|
||
userPassword or an external password store, in conjunction with
|
||
authPassword to support the authentication process.
|
||
|
||
Servers that support simple bind MUST support the SHA1 scheme and
|
||
SHOULD support the MD5 scheme.
|
||
|
||
Servers SHOULD NOT publish values of authPassword nor allow
|
||
operations which expose authPassword values or AuthPasswordMatch
|
||
assertions to unless confidentiality protection is in place.
|
||
|
||
Clients SHOULD NOT initiate operations which provide or request
|
||
values of authPassword or make authPasswordMatch assertions unless
|
||
confidentiality protection is in place.
|
||
|
||
Clients SHOULD NOT assume that a successful AuthPasswordMatch,
|
||
whether by compare or search, is sufficient to gain directory
|
||
access. The bind operation MUST be used to authenticate to the
|
||
directory.
|
||
|
||
5. Security Considerations
|
||
|
||
This document describes how authentication information may be stored
|
||
in a directory. Authentication information MUST be adequately
|
||
protected as unintended disclosure will allow attackers to gain
|
||
immediate access to the directory as described by [RFC2829].
|
||
|
||
As flaws may be discovered in the hashing algorithm or with a
|
||
particular implementation of the algorithm or values could be subject
|
||
to various attacks if exposed, values of AuthPassword SHOULD be
|
||
protected as if they were clear text passwords. When values are
|
||
transferred, privacy protections, such as IPSEC or TLS, SHOULD be in
|
||
place.
|
||
|
||
Clients SHOULD use strong authentication mechanisms [RFC2829].
|
||
|
||
|
||
|
||
|
||
|
||
Zeilenga Informational [Page 6]
|
||
|
||
RFC 3112 LDAP Authentication Password Schema May 2001
|
||
|
||
|
||
AuthPasswordMatch matching rule allows applications to test the
|
||
validity of a user password and, hence, may be used to mount an
|
||
attack. Servers SHOULD take appropriate measures to protect the
|
||
directory from such attacks.
|
||
|
||
Some password schemes may require CPU intensive operations. Servers
|
||
SHOULD take appropriate measures to protect against Denial of Service
|
||
attacks.
|
||
|
||
AuthPassword does not restrict an authentication identity to a single
|
||
password. An attacker who gains write access to this attribute may
|
||
store additional values without disabling the user's true
|
||
password(s). Use of policy aware clients and servers is RECOMMENDED.
|
||
|
||
The level of protection offered against various attacks differ from
|
||
scheme to scheme. It is RECOMMENDED that servers support scheme
|
||
selection as a configuration item. This allows for a scheme to be
|
||
easily disabled if a significant security flaw is discovered.
|
||
|
||
6. Acknowledgment
|
||
|
||
This document borrows from a number of IETF documents and is based
|
||
upon input from the IETF LDAPext working group.
|
||
|
||
7. Bibliography
|
||
|
||
[RFC1321] Rivest, R., "The MD5 Message-Digest Algorithm", RFC 1321,
|
||
April 1992
|
||
|
||
[RFC2219] Bradner, S., "Key words for use in RFCs to Indicate
|
||
Requirement Levels", BCP 14, RFC 2119, March 1997.
|
||
|
||
[RFC2234] Crocker, D., Editor, P. Overell, "Augmented BNF for Syntax
|
||
Specifications: ABNF", RFC 2234, November 1997.
|
||
|
||
[RFC2251] Wahl, M., Howes, T. and S. Kille, "Lightweight Directory
|
||
Access Protocol (v3)", RFC 2251, December 1997.
|
||
|
||
[RFC2252] Wahl, M., Coulbeck, A., Howes, T., and S. Kille,
|
||
"Lightweight Directory Access Protocol (v3): Attribute
|
||
Syntax Definitions", RFC 2252, December 1997.
|
||
|
||
[RFC2256] Wahl, A., "A Summary of the X.500(96) User Schema for use
|
||
with LDAPv3", RFC 2256, December 1997.
|
||
|
||
[RFC2307] Howard, L., "An Approach for Using LDAP as a Network
|
||
Information Service", RFC 2307, March 1998.
|
||
|
||
|
||
|
||
|
||
Zeilenga Informational [Page 7]
|
||
|
||
RFC 3112 LDAP Authentication Password Schema May 2001
|
||
|
||
|
||
[RFC2829] Wahl, M., Alvestrand, H., Hodges, J. and R. Morgan,
|
||
"Authentication Methods for LDAP", RFC 2829, June 2000.
|
||
|
||
[RFC3062] Zeilenga, K., "LDAP Password Modify Extended Operation",
|
||
RFC 3062, February 2001.
|
||
|
||
[SHA1] NIST, FIPS PUB 180-1: Secure Hash Standard, April 1995.
|
||
|
||
8. Author's Address
|
||
|
||
Kurt D. Zeilenga
|
||
OpenLDAP Foundation
|
||
|
||
EMail: Kurt@OpenLDAP.org
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
Zeilenga Informational [Page 8]
|
||
|
||
RFC 3112 LDAP Authentication Password Schema May 2001
|
||
|
||
|
||
9. Full Copyright Statement
|
||
|
||
Copyright (C) The Internet Society (2001). All Rights Reserved.
|
||
|
||
This document and translations of it may be copied and furnished to
|
||
others, and derivative works that comment on or otherwise explain it
|
||
or assist in its implementation may be prepared, copied, published
|
||
and distributed, in whole or in part, without restriction of any
|
||
kind, provided that the above copyright notice and this paragraph are
|
||
included on all such copies and derivative works. However, this
|
||
document itself may not be modified in any way, such as by removing
|
||
the copyright notice or references to the Internet Society or other
|
||
Internet organizations, except as needed for the purpose of
|
||
developing Internet standards in which case the procedures for
|
||
copyrights defined in the Internet Standards process must be
|
||
followed, or as required to translate it into languages other than
|
||
English.
|
||
|
||
The limited permissions granted above are perpetual and will not be
|
||
revoked by the Internet Society or its successors or assigns.
|
||
|
||
This document and the information contained herein is provided on an
|
||
"AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
|
||
TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
|
||
BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
|
||
HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
|
||
MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
|
||
|
||
Acknowledgement
|
||
|
||
Funding for the RFC Editor function is currently provided by the
|
||
Internet Society.
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
Zeilenga Informational [Page 9]
|
||
|