WSSE the authentication protocol that could have been...
[en] Scribbles	steward, wsse, authentication, sose, 2009-01-12

For soon to be released Steward 0.3 (*cough*) I implemented part of the Atom Publishing Protocol relevant for publishing binary blobs, after all that's what Steward is all about. With APP came doing the WSSE authentication protocol. Web-Service Security Extension is an attempt to fix the problems with HTTP-basic and HTTP-digest authentications. However it will never be globally implemented.

As we all know, HTTP basic sends your user name and password in the clear over the wire. So unless the service is wrapped in TLS, that is not a good idea. The advantage of HTTP-basic is that every client since the dawn of time support it, and support it well.

Then there's HTTP-digest, which fixes some of the problems, but has problems of it's own.. And honestly, I've never seen it implemented in Ernest since it's implementation cost is higher then the marginally improved in security.

Thus WSSE was born. On the package it looks pretty good. And actually it has a lot going for it:

• No password going in the clear over the wire
• Using sha-1 as a hash algorithm
• Uses nonces (one-time random numbers) preventing replay attacks
• Contains a date also helping mitigate replays
• It can be used without a round-trip to the server (fire and forget).
  
• And last of all, it's simple to implement.
  

And that last part is important. If it has any hope of being a standard droves of mediocre developers will have to try and implement both the server and client.

So what are the catches:

• Server needs access to the clear-text password to authenticate.
• There seems to be no published standard.
• Uses Yet-another-HTTP-header.
  

But it's never going to be massively adopted because of need for a clear password in the database on the server. If anything, after 30 years of network security, that's something that has stuck. It's good practice only to store a hash of the password in the server. So LDAP stores it in MD5, SMD5, SHA1, SSHA1 or whatever is your taste for hashes is. Even Active-Directory does.

So all corporations have their databases of people, but no clear text password of those accounts. And that means, no implementation. Also, if a provider does support it, it makes it that more interesting a attack target because the web-server has access to the clear-text.

And because there is not official spec, of course the Nokia software in my N95 implemented it in it's own particular way. having to implement nonstandard way of encoding to make it work with the phone.

My guess is that for proper authentication, the client and server need to agree on what hash algorithm the password is in on the server. But then you need more round trips and more intelligence in the client, but at least it would work in most scenarios.

WSSE is a step in the right direction, unfortunately, not a wise to implement in the real world. I guess that wrapping HTTP-basic with TLS still is the only proper way to do things.