From: Stefan Fritsch <sf@apache.org>
Date: Sun, 5 Jan 2014 16:25:27 +0000 (+0000)
Subject: Merge r1554276, r1554281, r1555555 from trunk:
X-Git-Tag: 2.2.27~87
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=901bd45d051a09c29568b1ba2416b141d7278943;p=thirdparty%2Fapache%2Fhttpd.git

Merge r1554276, r1554281, r1555555 from trunk:

    digest auth is only marginally more secure than basic auth.
    Adjust the docs to today's reality.

    mention insecure password storage as pointed out by Graham

    axe one more case of digest auth being described as secure



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1555566 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/docs/manual/howto/auth.xml b/docs/manual/howto/auth.xml
index a5bf36df610..b231c59a4f2 100644
--- a/docs/manual/howto/auth.xml
+++ b/docs/manual/howto/auth.xml
@@ -209,8 +209,9 @@ module from each group.</p>
     highly sensitive data, unless accompanied by <module>mod_ssl</module>.
     Apache supports one other authentication method:
     <code>AuthType Digest</code>. This method is implemented by <module
-    >mod_auth_digest</module> and is much more secure. Most recent
-    browsers support Digest authentication.</p>
+    >mod_auth_digest</module> and was intended to be more secure. This is no
+    longer the case and the connection should be encrypted with <module
+    >mod_ssl</module> instead.</p>
 
     <p>The <directive module="core">AuthName</directive> directive sets
     the <dfn>Realm</dfn> to be used in the authentication. The realm serves
diff --git a/docs/manual/mod/mod_auth_digest.xml b/docs/manual/mod/mod_auth_digest.xml
index ec1982e328f..fd0c84947e0 100644
--- a/docs/manual/mod/mod_auth_digest.xml
+++ b/docs/manual/mod/mod_auth_digest.xml
@@ -32,7 +32,14 @@
 <summary>
     <p>This module implements HTTP Digest Authentication
     (<a href="http://www.faqs.org/rfcs/rfc2617.html">RFC2617</a>), and
-    provides a more secure alternative to <module>mod_auth_basic</module>.</p>
+    provides an alternative to <module>mod_auth_basic</module> where the
+    password is not transmitted as cleartext. However, this does
+    <strong>not</strong> lead to a significant security advantage over
+    basic authentication. On the other hand, the password storage on the
+    server is much less secure with digest authentication than with
+    basic authentication. Therefore, using basic auth and encrypting the
+    whole connection using <module>mod_ssl</module> is a much better
+    alternative.</p>
 </summary>
 
 <seealso><directive module="core">AuthName</directive></seealso>
@@ -70,9 +77,16 @@
     </example>
 
     <note><title>Note</title> 
-    <p>Digest authentication is more secure than Basic authentication,
-    but only works with supporting browsers. As of this writing (December
-    2012) all major browsers support digest authentication.</p>
+    <p>Digest authentication was intended to be more secure than basic
+    authentication, but no longer fulfills that design goal. A
+    man-in-the-middle attacker can trivially force the browser to downgrade
+    to basic authentication. And even a passive eavesdropper can brute-force
+    the password using today's graphics hardware, because the hashing
+    algorithm used by digest authentication is too fast. Another problem is
+    that the storage of the passwords on the server is insecure. The contents
+    of a stolen htdigest file can be used directly for digest authentication.
+    Therefore using <module>mod_ssl</module> to encrypt the whole connection is
+    strongly recommended.</p>
     </note>
 </section>