Re: augmented/basic

Stephen,

Not intending to speak for Radia, I'd suggest refinining some of these
position statements:

At 01:09 PM 4/2/01 +0100, Stephen paraphrased Radia's remarks as:
>
> - augmented means that even with the server DB, you have to mount
>   an offline dictionary attack to get a password

It is better to say:

   - augmented means that even with the server DB, you have to mount
     an offline dictionary attack to be able to pose as the user in the protocol.

For example, you can run an un-augmented method with hash(password) in
the DB, where the client program proves knowledge of hash(password)
in each run.  A thief who steals the DB still has to do a dictionary attack to
get the password, even though he only needs hash(password) to login
with a modified client program.

> - only the Ford/Kaliski scheme does better (using separate 
>   servers), but you think that should be out of scope for comms
>   & possibly IPR reasons

These may be reasons against F/K being a MUST-implement scheme,
but otherwise it seems quite relevant.

> - for sacred, augmented is unimportant since the only thing we're 
>   protecting is already in the server's DB (i.e. the credential)