[Ace] review draft-ietf-ace-oauth-authz-02
Renzo Navas <renzoefra@gmail.com> Fri, 08 July 2016 15:05 UTC
Return-Path: <renzoefra@gmail.com>
X-Original-To: ace@ietfa.amsl.com
Delivered-To: ace@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A620712D56E for <ace@ietfa.amsl.com>; Fri, 8 Jul 2016 08:05:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level:
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 82Np9Dudjsa0 for <ace@ietfa.amsl.com>; Fri, 8 Jul 2016 08:05:04 -0700 (PDT)
Received: from mail-qk0-x242.google.com (mail-qk0-x242.google.com [IPv6:2607:f8b0:400d:c09::242]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0FEB512D4FB for <Ace@ietf.org>; Fri, 8 Jul 2016 08:05:04 -0700 (PDT)
Received: by mail-qk0-x242.google.com with SMTP id r68so10487468qka.3 for <Ace@ietf.org>; Fri, 08 Jul 2016 08:05:04 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:from:date:message-id:subject:to :content-transfer-encoding; bh=aNNvieM3cqgw1Q/heM0rY+vshkZSxVfUZM0+j5QmTvY=; b=p2G4t0Psck629wkjU0j/YkPzJYgwePpDXWfM+PSq572WO9bv1VmiP0GQZv4ZQyzG9l XsW7E0C/Pf+sL64x5Gey6W4QbX4M/A6+yvYPIiROZvCvp7F7G1jsyI5CCKBmRYeuro6W cQJUXb6S7YUvdTA9cQ61bwHM6e7neMmpmYXvKNvUQ2FcQcEWhv26WiAbb3hCCEQpnjeB T5dRA2PNere/Uu8aHVv8XFK1WMIAZQDJw/pFDTuL5l83YpywFUC5D6Y2fEyxpaqGp02j Spr+fUaNd01Kc4WITNHxhjW1LbQIC4u1V4/Qjruzpn4hLRHOZhbdXY76aeDh3OS0Qnao uTGA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:from:date:message-id:subject:to :content-transfer-encoding; bh=aNNvieM3cqgw1Q/heM0rY+vshkZSxVfUZM0+j5QmTvY=; b=G58sSBEgQMpkqmLLeuUBwLwFJcNwieSHEJqg1qyeX4wPDZVmtg6jd7jcjmHcv5pD0d m+E2HX23AFKlaq6dZuP043gGmhtu5inFsmjAhZRHNXo022Kqk9XJvnSJviZ9TAzIZfLV CkQEfyj5d0sNiP/XlqtUDaUNBmmLle3Ix/YtFGZ5ISihyT5yI3Cr/vLfTx9zAZJD6etB NZC/6HtOy3P7lC5Y+cpPwCZQ2C6rvg/PGZHlSsZVsjzN9OJ5OSm5WFelkrS34BrSohh8 MveeEu9oyE/RdbU/FlkIGuVSWNbF2CwQmfCmQ6QtQ0T4rjdH3Ik1QEcsf123HepSwY1/ GVZg==
X-Gm-Message-State: ALyK8tJV0q3f4NMsxWs9xY5yNqUVXlKRUCUjS7YbYgaJkHt/S0ewAw5CclZnnGulLS/wDiu1UClGq6Q9YanzYw==
X-Received: by 10.233.232.66 with SMTP id a63mr8003283qkg.25.1467990302577; Fri, 08 Jul 2016 08:05:02 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.55.160.5 with HTTP; Fri, 8 Jul 2016 08:04:43 -0700 (PDT)
From: Renzo Navas <renzoefra@gmail.com>
Date: Fri, 08 Jul 2016 17:04:43 +0200
Message-ID: <CAD2CPUFJi7QizdOwPOtkTd21VRREjarD+tvwmM0sN9h=Qy-+Yw@mail.gmail.com>
To: ace <Ace@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/ace/4_y7lw_uKGfUJW7FD1c3f2HgRx4>
Subject: [Ace] review draft-ietf-ace-oauth-authz-02
X-BeenThere: ace@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" <ace.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ace>, <mailto:ace-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ace/>
List-Post: <mailto:ace@ietf.org>
List-Help: <mailto:ace-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ace>, <mailto:ace-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 08 Jul 2016 15:05:07 -0000
Hi ace wg, Hi Ludwig, Göran, et al. Thank you first for this magnificent document (and appropriate acknowledge to the previous work on ace framework -acre, dcaf, etc-). I found the document very clear and well written (the figures and examples are a big plus); and me coming from a oauth complete ignorance, I can say that I found on the document the necessary pointers to understand the oauth framework, the pop token and architecture, jwt, etc.: excellent introductory work. I show also my possitive feedbak on the new "client_token" concept , and I believe is a useful/relevant use case; and this provides an elegant an easy solution. I should have sent this review one (two?) week ago as promised on the interim meeting, I'm sorry I did not. I believe my comments are a bit messy, excuse me in advance. I hope you can get some positive input from my comments that can help to make the document better -and feel free to ask me again if some comment is not clear-: ---------------------------------------------------------------- Review of https://tools.ietf.org/html/draft-ietf-ace-oauth-authz-02 --------------------------------------------------------------- 4. Protocol Interactions "The consent of the resource owner, for giving a client access to a protected resource, can be pre-configured authorization policies or dynamically at the time when the request is sent." "when the request is sent": The request we are talking is the Resource Request (Client already has the access token) or the token request? I believe is Resource Request. would it be good to explicit where this authz. policies are pre-configured (at the AS? were enforced before at the token request and are now embedded on the Access token; or at the RS?); and how the consent can be dynamically determined (will involve interaction with the Res Owner : RS to RO; RS to AS to RO ?). All this is out of scope of the draft, however I believe making explicit at least where the authz policies are pre-conf can be a good idea, just a suggestion. (My understanding is that they are at the AS; and were enforced at the token request; if introspection is used, can be enforced again at the resource request). 4. Messages Flows description: A-F: Would it be too redundant to state which security properties needs each messages, or it will be clearer? (A,B,D,E,F encrypted+integrity protected. C does not) This is just a question/suggestion; each message sec. requ. are stated in other parts of the draft (early on section 4, and on section 5 and 6...). 5. Framework Proof-of-Possession FROM " i.e. that the authenticated token holder is bound to the token." to Something like " i.e. that the token holder can prove being a holder of the key bound to the token" 5. Framework "In OAuth 2.0 the communication with the Token and the Introspection resources at the AS (...) This framework RECOMMENDS to use CoAP instead and RECOMMENDS the use of the following alternative instead of Uri-query parameters: The sender (client or RS) encodes the parameters of its request as a CBOR map and submits that map as the payload of the POST request. The Content-format MUST be "application/cbor" in that case." If we use plain cbor on top of coap this means we are using dtls to protect the messages. If we are protecting the messages with cose, should we not use the Content-Format: "application/cose;cose-type=cose-encrypt" ? All the examples of the doc use appplication/cbor; however, can be useful to mention somewhere (here?) that if cose is used the content format is "application/cose"? ---------------------- 6. The 'Token' Resource "Communication between the client and the token resource at the AS MUST be integrity protected and encrypted. Furthermore AS and client MUST perform mutual authentication. Profiles of this framework are expected to specify how authentication and communication security is implemented." Is it worthy (.. is it accurate?) to express that the Token Request, from C to AS might not be source-authenticated, and the AS -in that case- can authenticate the request ("a posteriori") with the client_id/client_secret? The buzz in my head came because authentication of the client can be done at dtls/cose level (that, for me, its not a must), and also with the client credentials inside the request. I think that the description on the text is generic enough so any interpretation of how to authenticate the C towards AS, is OK. In any case I send to you this (confusing) thoughts I had when I first read this sentence. Authentication can be done at communication level with the PSK C-AS , and also with the client_secret (maybe this is an "application authentication"...). 6. The 'Token' Resource "The figures of this section uses CBOR diagnostic notation without the integer abbreviations for the parameters or their values for better readability." (already did this comment) is worth mentioning that if cose is used, the coap messages content-type are application/cose, and we show the cbor plaintext payload? ------------------- 6.1. Client-to-AS Request Figure 3: Example request for an access token bound to an asymmetric key. "grant_type" : "token" I have not found the definition of grant_type "token" , should not be "client_credentials"? ( https://tools.ietf.org/html/rfc6749#section-4.4.2 ) ------------ 6.2. AS-to-Client Response Figure 5: Example AS response with an access token bound to a symmetric key. "{ "access_token" : b64'SlAV32hkKG ... (...), "token_type" : "pop", "alg" : "HS256", "cnf" : { "COSE_Key" : { ...." how does the "alg" field of the token response relates to the "key_alg" from the COSE_Key object if present, they must match , or cose_key alg must be a super-set of this "alg"? In 6.4.2 this "alg" is defined, Now that I read the passage attentively, this "alg" field in the token response is only used for the initial PoP; then the key can be used with other algorithms (e.g. to encrypt with aes-ccm). OK. I left this comment to show the confusion that produced the "alg" field at two different levels, maybe its worthy to briefly tell the difference/purpose of each one in contrast to each other. ------------ 6.4.4. Confirmation "COSE_Encrypted In this case the 'cnf' parameter contains an encrypted symmetriic key destined for the client." (typo "symmetriic"). Is it needed to encrypt the symmetric key inside cnf? Was not assumed that the communication between AS and Client was already protected (the whole response was integrity protected and encrypted). Or it was a general statement, and this is a particular case? In any case, fields outside cnf should be at least integrity protected. GENERAL OBSERVATION (already did on section 4): Can be a good idea to specify for each message which kind of security properties (confidentiality, integrity/data authentication)' we need and at what level/layer (e.g: transport layer/application layer, Cose_key field needs confidentiality but the rest only integrity, etc.)? ----------- 7. The 'Introspect' Resource " Finally the AS SHOULD to verify that the RS" remove/"to" ? ------------ 7.4. Client Token Personally I believe this is a very relevant use case. This "client token" solution is elegant, and easy to understand on the context on the rest of the framework. ------------ 8.2. Token Expiration "RS verifies these by comparing them to values from its internal clock as defined in [RFC7519]. In this case the RS must have a real time chip (RTC) or some other ..." Shall it say "real time clock (RTC)"? Its worthy to be more clear and say that the internal clock should reflect the current date/time, or at least be synchronized with the issuer-of-the-token's clock (the AS)? ---------------------- Appendix C. Deployment Examples Comment: I found it VERY useful to see the real exchange of messages. C.1. Local Token Validation " The token includes the claim "aif" with the authorized access that an owner of the temperature device can enjoy. The 'aif' claim, issued by the AS, informs the RS that the owner of the token, that can prove the possession of a key is authorized to" The first sentence should not say: ".. that an owner of the of the token, that can prove the possession of a key can enjoy" instead of the "owner of the temperature device" ? C.1. Local Token Validation About "AIF" claim should not reference https://tools.ietf.org/html/draft-bormann-core-ace-aif-03 somewhere? "aif" claim is only mentioned on appendix C, what happened on the rest of the document? (is not a valid claim?) In cbor web token (https://tools.ietf.org/html/draft-ietf-ace-cbor-web-token-00#appendix-A.3 ) , the only reference of aif is on Appendix 3! shall we give more visibility for the aif claim on the main body of the doc? -------------------------------------------- C.2. Introspection Aided Token Validation "Figure 23: Request and Response Payload for C offline" "COSE_Key" : { "kid" : b64'c29tZSBwdWJsaWMga2V5IGlk', "kty" : "oct", "alg" : "HS256", " * Should not be: "kty": "Symmetric " ? * "alg", supossedly this is key_alg that specifies "Key usage restriction to this algorithm". "HS256", I found a reference on json web token, and says "indicates that this token is signed using HMAC-SHA256." Should not be put on "alg" the algorithm that will be used on the DTLS-PSK performed later? e.g.: "AES-CCM-16-64-128"? ------------------------------ "E: The AS provides the introspection response containing (...). (...) allows the RS to verify the client's proof of possession in step F. After receiving message E, the RS responds to the client's POST in step C with Code 2.01 Created." See "Figure 24: Token Introspection for C offline" "step C with Code 2.01 Created", Is this not the "Step F"? ------------- Both comments coming from "Figure 25: Request and Response Payload for Introspection:" "Request-Payload: ... "client_id" : "FrontDoor", "client_secret" : "ytrewq" " This is introspection request from RS to AS. How did the RS got the client_id and the client_secret? (previous, message from C to RS is not protected) "Response-Payload: ... "cnf" : { "kid" : b64'...'} " Should not "cnf" need to have the whole "COSE_Key" (including "k")? On the text it was not assumed that RS and C already shared a Key (if they did, at some point after original C-AS request, AS must have provisioned it to RS -this can be assumed-). In the general case AS will have to transport the key to RS on the introspection response I think -------------------------------- Saludos, Renzo
- [Ace] review draft-ietf-ace-oauth-authz-02 Renzo Navas
- Re: [Ace] review draft-ietf-ace-oauth-authz-02 Ludwig Seitz