This is an archived snapshot of W3C's public bugzilla bug tracker, decommissioned in April 2019. Please see the home page for more details.
I would like to propose a new feature for HTML: password hashing. In most web applications that allow users to register and log in, passwords are transmitted in plain text over the internet. This is a serious security flaw. So far, this security flaw can only be addressed by either using HTTPS (which is rarely used because certificates that are trusted by most user agents are costly) or using HTTP authentication (which is rarely used as well because it can not be used with a regular HTML form). Adding support for various password hashing schemes to HTML would probably help owners of web pages to provide their users more security without loss of comfort and hopefully help simple but effective security schemes to be deployed more widely. I will now present a more precise scheme: More attributes should be added to <input type="password"> tags: hash-algorithm: This is the actual algorithm used for hashing (such as md5 or sha1). salt : A salt that should be used before the password is hashed. hashing-scheme : This may be used to specify how the hash will be generated from the password before it is transmitted. For example, this may include how the password and the salt are combined before the hash is actually generated. one-time-salt: I will explain this attribute below. I will now present one such hashing-scheme: The salt and the clear text password are concatenated and hashed by the specified hash-algorithm. Then, the "one time salt" is prefixed to the result of the hash algorithm and the result is hashed again with the specified hash algorithm. The result may then be transmitted along with the form. This scheme will both protect the password from being transmitted in clear text and prevent simple replay attacks that might be possible if the "one time salt" would not be used. E.g., if the hash of the concatenation of salt and password were transmitted directly, any eavesdropper might later just replay that hash value and a web application could not distinguish between a request that was generated with the real password and a replay of a previous request. This scheme assumes, that the web application has access to the hashed concatenation of salt and password (without the one time salt applied). Under this assumption, the web application may generate arbitrary one time salts and compare the results of the hashing scheme when it receives a request. I am aware that HTML is meant for semantic markup and that it is questionable, if this proposal improves HTML's capabilities to provide such. However, this proposal is not meant to enhance those capabilites but to help simple but effective security schemes to be deployed more widely.
I like this idea. Why assume a web application will hash a password. Why ever send a clear password? If this were a default it would better protect user's. The hard question is what or how to salt? This would need to be effortless on the user.
(In reply to comment #1) > I like this idea. Why assume a web application will hash a password. Why ever > send a clear password? > > If this were a default it would better protect user's. > > The hard question is what or how to salt? This would need to be effortless on > the user. This is already done in WWW Digest authentication. It bypasses <form> controls altogether.
(In reply to comment #2) > (In reply to comment #1) > > I like this idea. Why assume a web application will hash a password. Why ever > > send a clear password? > > > > If this were a default it would better protect user's. > > > > The hard question is what or how to salt? This would need to be effortless on > > the user. > > > This is already done in WWW Digest authentication. It bypasses <form> controls > altogether. That's the point. I suppose to incorporate this (or similar) functionality into regular HTML forms.
Mass move to "HTML WG"
EDITOR'S RESPONSE: This is an Editor's Response to your comment. If you are satisfied with this response, please change the state of this bug to CLOSED. If you have additional information and would like the Editor to reconsider, please reopen this bug. If you would like to escalate the issue to the full HTML Working Group, please add the TrackerRequest keyword to this bug, and suggest title and text for the Tracker Issue; or you may create a Tracker Issue yourself, if you are able to do so. For more details, see this document: http://dev.w3.org/html5/decision-policy/decision-policy.html Status: Rejected Change Description: No spec change Rationale: This is a great idea. In fact there are also lot of other interesting use cases that one can imagine would be useful (more than just hashing a password input field). To this end, the Web Crypto Working Group was established to design a set of APIs for performing strong cryptography inside of the web application (client). Given support for Web Crypto API in a user agent, one could easily hookup form field validation callbacks that perform SHA or MD5 hashes of the password content before it is submitted. Given that the Web Crypto WG is much better equipped to spec out the details and use cases for this technology, I'd rather not add the simple feature to input[type=password] elements exclusively, and instead support the Web Crypto API for this and other great scenarios.