Dear Bert,Thank you for your comments, I will integrate all of them in the future version.
- In section 3.2 I read:
The psk_identity_hint is initially defined in section 5.1 of RFC4279
The psk_identity_hint can do double duty and also provide a form of
server authentication in the case where the user has the same
password on a number of NETCONF agents.
and wonder: would that not be risky in that if an intruder discovers
the password of one agent, that he then has access to
all/several other agents as well?
Of course it is risky in having the same password shared with several agents, not only from intruder (external entity) point of view but also from any legitimate agent (internal entity) that has the password.
The easier way to minimize this risk is by recommending the use of a different password for each agent.
However, it is possible to minimize the risk of discovering the password of one user as follows: 1) the user has to store its password in a secure way (e.g. on a temper-resistant), and 2) on each agent, the user stores the hashed value of the concatenation of the password and the agent_id (the agent_id is the agent identifier, e.g. IP address). The user computes the hash version of the concatenation of the password and the agent_id before connecting to the agent. In this way, the intruder that discovers the password of one agent will not be able to have access to all other agents, unless he is able to perform a brute-force or dictionary attack to recover the password in clear text.
Best regards, Badra -- to unsubscribe send a message to netconf-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: <http://ops.ietf.org/lists/netconf/>