RFC 1704 (rfc1704) - Page 1 of 17
On Internet Authentication
Alternative Format: Original Text Document
Network Working Group N. Haller
Request for Comments: 1704 Bell Communications Research
Category: Informational R. Atkinson
Naval Research Laboratory
October 1994
On Internet Authentication
Status of this Memo
This document provides information for the Internet community. This
memo does not specify an Internet standard of any kind. Distribution
of this memo is unlimited.
1. INTRODUCTION
The authentication requirements of computing systems and network
protocols vary greatly with their intended use, accessibility, and
their network connectivity. This document describes a spectrum of
authentication technologies and provides suggestions to protocol
developers on what kinds of authentication might be suitable for some
kinds of protocols and applications used in the Internet. It is
hoped that this document will provide useful information to
interested members of the Internet community.
Passwords, which are vulnerable to passive attack, are not strong
enough to be appropriate in the current Internet [CERT94]. Further,
there is ample evidence that both passive and active attacks are not
uncommon in the current Internet [Bellovin89, Bellovin92, Bellovin93,
CB94, Stoll90]. The authors of this paper believe that many
protocols used in the Internet should have stronger authentication
mechanisms so that they are at least protected from passive attacks.
Support for authentication mechanisms secure against active attack is
clearly desirable in internetworking protocols.
There are a number of dimensions to the internetwork authentication
problem and, in the interest of brevity and readability, this
document only describes some of them. However, factors that a
protocol designer should consider include whether authentication is
between machines or between a human and a machine, whether the
authentication is local only or distributed across a network,
strength of the authentication mechanism, and how keys are managed.
Haller & Atkinson