Re: [Ace] Key IDs ... RE: WGLC on draft-ietf-ace-cwt-proof-of-possession-02

Benjamin Kaduk <kaduk@mit.edu> Sat, 23 June 2018 21:30 UTC

Return-Path: <kaduk@mit.edu>
X-Original-To: ace@ietfa.amsl.com
Delivered-To: ace@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6CD96130ECB; Sat, 23 Jun 2018 14:30:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.201
X-Spam-Level:
X-Spam-Status: No, score=-4.201 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7Ha46HDYQids; Sat, 23 Jun 2018 14:30:05 -0700 (PDT)
Received: from dmz-mailsec-scanner-3.mit.edu (dmz-mailsec-scanner-3.mit.edu [18.9.25.14]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 76018130DD1; Sat, 23 Jun 2018 14:30:05 -0700 (PDT)
X-AuditID: 1209190e-3f7ff70000003baa-c2-5b2ebbdbeea4
Received: from mailhub-auth-1.mit.edu ( [18.9.21.35]) (using TLS with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by dmz-mailsec-scanner-3.mit.edu (Symantec Messaging Gateway) with SMTP id 2F.5C.15274.CDBBE2B5; Sat, 23 Jun 2018 17:30:04 -0400 (EDT)
Received: from outgoing.mit.edu (OUTGOING-AUTH-1.MIT.EDU [18.9.28.11]) by mailhub-auth-1.mit.edu (8.13.8/8.9.2) with ESMTP id w5NLU2Cj022684; Sat, 23 Jun 2018 17:30:02 -0400
Received: from kduck.kaduk.org (24-107-191-124.dhcp.stls.mo.charter.com [24.107.191.124]) (authenticated bits=56) (User authenticated as kaduk@ATHENA.MIT.EDU) by outgoing.mit.edu (8.13.8/8.12.4) with ESMTP id w5NLTvqX025510 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Sat, 23 Jun 2018 17:29:59 -0400
Date: Sat, 23 Jun 2018 16:29:57 -0500
From: Benjamin Kaduk <kaduk@mit.edu>
To: Mike Jones <Michael.Jones@microsoft.com>
Cc: Hannes Tschofenig <Hannes.Tschofenig@arm.com>, Jim Schaad <ietf@augustcellars.com>, "draft-ietf-ace-cwt-proof-of-possession@ietf.org" <draft-ietf-ace-cwt-proof-of-possession@ietf.org>, "ace@ietf.org" <ace@ietf.org>
Message-ID: <20180623212956.GE99689@kduck.kaduk.org>
References: <VI1PR0801MB2112C4D6D3CED7C15D9AE886FA750@VI1PR0801MB2112.eurprd08.prod.outlook.com> <20180622204344.GP64617@kduck.kaduk.org> <MW2PR00MB02986BC1E87754046C8CDC6AF5750@MW2PR00MB0298.namprd00.prod.outlook.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <MW2PR00MB02986BC1E87754046C8CDC6AF5750@MW2PR00MB0298.namprd00.prod.outlook.com>
User-Agent: Mutt/1.9.1 (2017-09-22)
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFmpjleLIzCtJLcpLzFFi42IR4hRV1r2zWy/a4O1zYYvv33qYLX7+u85s cXPGKSaL1dO/s1nsnfaJxYHVY828NYweG+dMZ/NYsuQnk0frjr/sASxRXDYpqTmZZalF+nYJ XBk3rp9kLljLUfHtxVaWBsarbF2MnBwSAiYSL5tWsnYxcnEICSxmklhzeg2Us5FR4uOdj2wQ zlUmib8/frGCtLAIqErMeP2MHcRmE1CRaOi+zAxiiwjoSDy++A2sgVngK6PEk1mHGEESwgJh Ek8erAWzeYH23Vy9gQVi6j1GiRVTlrFAJAQlTs58AmYzC2hJ3Pj3kqmLkQPIlpZY/o8DJMwp ECvx5s9qsLtFBZQl9vYdYp/AKDALSfcsJN2zELoXMDKvYpRNya3SzU3MzClOTdYtTk7My0st 0jXWy80s0UtNKd3ECA5uSb4djJMavA8xCnAwKvHwfmjVixZiTSwrrsw9xCjJwaQkynuzQida iC8pP6UyI7E4I76oNCe1+BCjBAezkgjv4n6gct6UxMqq1KJ8mJQ0B4uSOG/2IsZoIYH0xJLU 7NTUgtQimKwMB4eSBO+vXUCNgkWp6akVaZk5JQhpJg5OkOE8QMPNdoMMLy5IzC3OTIfIn2JU lBLnXQDSLACSyCjNg+sFJR+J7P01rxjFgV4R5v0EUsUDTFxw3a+ABjMBDb5+SxdkcEkiQkqq gdH+hHeM1jTDfx0XHn7bvVx8+RwPmVL33+XfU/4knrx/v+/jmSaO1t1njyW1CUpqr73wqHhL Sdy3gBCbBFaJ60+DY6ekiJQuOXrQuHHBLtEJ3TskS/suLuOvXHHp4oziad2CHR9lzkzmzGnz eblq39ft3dw2xbt3p3POnCSfJffaylJb+OEvjxYlluKMREMt5qLiRACxOXDRGQMAAA==
Archived-At: <https://mailarchive.ietf.org/arch/msg/ace/5JEKLzsmT15Jd8oni77_WiAfVnE>
Subject: Re: [Ace] Key IDs ... RE: WGLC on draft-ietf-ace-cwt-proof-of-possession-02
X-BeenThere: ace@ietf.org
X-Mailman-Version: 2.1.26
Precedence: list
List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" <ace.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ace>, <mailto:ace-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ace/>
List-Post: <mailto:ace@ietf.org>
List-Help: <mailto:ace-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ace>, <mailto:ace-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 23 Jun 2018 21:30:08 -0000

On Fri, Jun 22, 2018 at 08:48:35PM +0000, Mike Jones wrote:
> See my note just now proposing this text to Jim:
> 
> "Likewise, if PoP keys are used for multiple different kinds of CWTs in an application and the PoP keys are identified by Key IDs, care must be taken to keep the keys for the different kinds of CWTs segregated so that an attacker cannot cause the wrong PoP key to be used by using a valid Key ID for the wrong kind of CWT."
> 
> As long as the PoP keys for different contexts are kept segregated, Key ID collisions or reuse cause no problems.

If we trust everyone to implement things properly.  We should probably only
take that risk if we get some other benefit from it, though.  Jim mentioned
(off-list?) a scenario involving giving the same client additional
privileges, and of course we can gain some simplicity savings if we don't
need to enforce global key-id uniqueness (for appropriate values of
"global").  So this may well be the right thing to do; I just don't think
it's without tradeoffs as your text seems to imply.

-Ben