[Ace] Review of draft-jones-ace-cwt-proof-of-possession-00
Jim Schaad <ietf@augustcellars.com> Tue, 27 June 2017 07:50 UTC
Return-Path: <ietf@augustcellars.com>
X-Original-To: ace@ietfa.amsl.com
Delivered-To: ace@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1E88C12EC00; Tue, 27 Jun 2017 00:50:33 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.002
X-Spam-Level:
X-Spam-Status: No, score=-2.002 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=augustcellars.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id w-ZKlGDQHfSc; Tue, 27 Jun 2017 00:50:31 -0700 (PDT)
Received: from mail4.augustcellars.com (augustcellars.com [50.45.239.150]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 534A212EBFF; Tue, 27 Jun 2017 00:50:28 -0700 (PDT)
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Content-Language: en-us
DKIM-Signature: v=1; a=rsa-sha256; d=augustcellars.com; s=winery; c=simple/simple; t=1498549823; h=from:subject:to:date:message-id; bh=eYJGi067gSmIrEsrEriU/VJE+Qh1Xgwrsu/U0HmYMok=; b=XpoMRxqUyaO+nzuDWdKgI4x7u3kiT4fQtwevl9mQ45sqVT7hRVsUe7I842iojWWZUdVtJZzwp40 qLryhMK3PN8dSQGcwQBTuYAdree5VlqZ38EYwlzAIub5I7Lxp9pe5Uz0H+WRk5TyYzHj/UdBd090z 9IHJ8ym+OsjxpPEkhQqa+MBSg7jiWhFC79+usrQuZisG4s3DkSXuQTAVkAV4bNhzKlyoOx7v2Yjz0 Q/516fcADslg+ZjAC9G5AeCcSXCtYLBE2eASdQ6xpP58INA4SLkOVnq2cmwAcNCzmRKSRgg5fWB63 nF9QsAX37BtBs0haGz5izGGZDuHM6atoWLxg==
Received: from mail2.augustcellars.com (192.168.1.201) by mail4.augustcellars.com (192.168.1.153) with Microsoft SMTP Server (TLS) id 15.0.1263.5; Tue, 27 Jun 2017 00:50:22 -0700
Received: from Hebrews (24.21.96.37) by mail2.augustcellars.com (192.168.0.56) with Microsoft SMTP Server (TLS) id 15.0.1263.5; Tue, 27 Jun 2017 00:50:17 -0700
From: Jim Schaad <ietf@augustcellars.com>
To: draft-jones-ace-cwt-proof-of-possession@ietf.org
CC: ace@ietf.org
Date: Tue, 27 Jun 2017 00:50:19 -0700
Message-ID: <003701d2ef1a$07b13d90$1713b8b0$@augustcellars.com>
MIME-Version: 1.0
X-Mailer: Microsoft Outlook 16.0
Thread-Index: AdLu/J6lZrWV1b3ERWqpqeX4U+jwQA==
X-Originating-IP: [24.21.96.37]
Archived-At: <https://mailarchive.ietf.org/arch/msg/ace/2LvdzumPyuVRDCJXcxqTTccLK8E>
Subject: [Ace] Review of draft-jones-ace-cwt-proof-of-possession-00
X-BeenThere: ace@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" <ace.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ace>, <mailto:ace-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ace/>
List-Post: <mailto:ace@ietf.org>
List-Help: <mailto:ace-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ace>, <mailto:ace-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 27 Jun 2017 07:50:33 -0000
Abstract - I am unclear how this is a profile of RFC 7800 rather than a restatement of that document. In what way does this qualify as a profile? Introduction - I do not understand the second half of the first sentence in the introduction. It claims that the document is going to show how proof of possession is done, however this seems to be explicitly declared as out of scope in section 3.5. Section 2 - Since this document is currently planned to come from the ACE working group, I would suggest that it would be reasonable to provide the equivalent terminology to what is in this document. -- see actors Section 3 - para 1 - missed a s/JSON/CBOR/ Section 3 - para 2 - I am not sure of the following: - Why this is included here and not a separate section - Why the concept of an anonymous POP is not supported - Why the concept of the issuer being inferred from the authentication key on the CWT is not supported - I will note that draft-ietf-ace-oauth-authz does not require either of these fields to be present. Section 3.1 - The first two sentences seems to be slightly contradictory - the first says the cnf claim is used to identify the POP key. The second states that it may have something other than a POP key in it. Section 3.1 - I am not a fan of MUST ignore statements at this level. It should be profile statement if anything. Section 3.1 - last paragraph - Does this mean that only one claim can be in the cnf claim - or are some values of different levels? For example -can I have a COSE_Key and an Kid? This might be considered to be multiple POP keys. Section 3.2 - Profiles can require that additional elements can be required in the COSE_Key element - and example would be to require that the algorithm identifier be present. Section 3.2 - I do not understand why this paragraph is doing in this section give the section title. Why is it not in section 3.3 or in a separate section. I think it makes mores sense at the end of the next section. Section 3.3 - Why is title not symmetric with section 3.2 and the word encrypted be absent? Section 3.4 - This section just makes me uncomfortable. Use a value that was potentially chosen for collisions does not seem to be a good idea. I think this really needs some additional guidance about using. Section 4 - Is there any reason to suppose that the use of asymmetric secrets are immune from replay attacks? Section 3.1 - para 1 -sentence #2 - I do not understand the implication that the POP key implies the authenticity of the token. That statement makes no sense to me. This would look like a self-signed certificate as the authentication point. Jim