[Ace] OSCORE Profile status update and way forward

Francesca Palombini <francesca.palombini@ericsson.com> Mon, 21 September 2020 13:48 UTC

Return-Path: <francesca.palombini@ericsson.com>
X-Original-To: ace@ietfa.amsl.com
Delivered-To: ace@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B2E523A0EFA; Mon, 21 Sep 2020 06:48:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.796
X-Spam-Level:
X-Spam-Status: No, score=-3.796 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-1.695, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pGozttVZa9IA; Mon, 21 Sep 2020 06:48:40 -0700 (PDT)
Received: from EUR04-VI1-obe.outbound.protection.outlook.com (mail-eopbgr80057.outbound.protection.outlook.com [40.107.8.57]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 335463A0EFB; Mon, 21 Sep 2020 06:48:35 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=QHWpCzkIqa6qh5pRwo62VqbypV++7dqBpV7whFyREgxuv5WVn8Top9z9WZHk2o0GQl0rIITJul0BpR7OvZLPc2yqeuxGCcnqHsIGBVLV+QvJhrM9nKAYdoTRPPjFuaix0CaiG8cll5xaRe2XlGQ+KxHhfvta+1hcTzwqHSyh0/57cVISQeSuhyStxOThUCHz3//CBkMfuOS2NvNB3GjJmy1pT9LyoKHorSJzArzKP/+vK4/WvUapbDKW+8+L2qDaE6W3jW6YjCcCcupOsKn9Fd6BNx/JajHFtndYDcktoINhrHuSS52yVNXqFUGa/goVT5shTLcP4ouhmhnVtMG3xw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=vZEGUbMloufcoibzAClxFKPXOpiUrNiSo+0Urh5KCpo=; b=kx+iunLtiCP2CVWX9MP/lcmnG2ZcA+oCaJBan9qsBROyJUsle1+fT/9XA0f0k4bLeKY5Bg993E4KCZK30xCKUTFZsY+AcOSBYLqyomnU0IZFWMyUzWJfHeypA96xbjUQaKr5iJOT0zxGgPFvf0vGY1w3hJFSRhvVI51LQGgDIHi0ThXhUsPgtcB4OuaR50ljxOhUeqTG6X3FX0Snw2SZ8B2p9t0fMPWLqQX9auVZMxOLa0KAOU3WSv6emalYte2sucl8gXixZ9bJJNhIBIfT6vxrzSw1vp4rjeGaTb1ugfJl9K4EBw0qEMdPfMXPsVid+ROU1iEChKpejgj0M9R7Bg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ericsson.com; dmarc=pass action=none header.from=ericsson.com; dkim=pass header.d=ericsson.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=vZEGUbMloufcoibzAClxFKPXOpiUrNiSo+0Urh5KCpo=; b=kUNchyBoBjtuXN2gOuit2Adx5ekWvVtbvvew3WsgV+eAcewbDue5C+Rg7KNC0s+6js5xUbmZet31LhFNff4SbhMglvNFLMBkhGOifIGOUdP5BLSoUmJp1ly9Gqtwj0M1QMotFDoO62gRbojQqcJLgb+t2Bf5bacXqW8971aaO08=
Received: from VI1PR07MB4477.eurprd07.prod.outlook.com (2603:10a6:803:74::33) by VI1PR07MB3952.eurprd07.prod.outlook.com (2603:10a6:803:38::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3412.7; Mon, 21 Sep 2020 13:48:33 +0000
Received: from VI1PR07MB4477.eurprd07.prod.outlook.com ([fe80::cba:ac03:353c:2d1f]) by VI1PR07MB4477.eurprd07.prod.outlook.com ([fe80::cba:ac03:353c:2d1f%7]) with mapi id 15.20.3412.018; Mon, 21 Sep 2020 13:48:33 +0000
From: Francesca Palombini <francesca.palombini@ericsson.com>
To: Ace Wg <ace@ietf.org>
CC: "ace-chairs@ietf.org" <ace-chairs@ietf.org>, "ace-ads@ietf.org" <ace-ads@ietf.org>, "draft-ietf-ace-oscore-profile@ietf.org" <draft-ietf-ace-oscore-profile@ietf.org>
Thread-Topic: OSCORE Profile status update and way forward
Thread-Index: AQHWkB3lL5vgPcSqm0itM92+Khf54Q==
Date: Mon, 21 Sep 2020 13:48:33 +0000
Message-ID: <2D021116-D240-4EE8-9223-83E9F9D4A4EB@ericsson.com>
Accept-Language: en-GB, en-US
Content-Language: en-GB
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.40.20081000
authentication-results: ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=none action=none header.from=ericsson.com;
x-originating-ip: [158.174.219.143]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 08e9076d-2f1b-4556-84ed-08d85e350827
x-ms-traffictypediagnostic: VI1PR07MB3952:
x-microsoft-antispam-prvs: <VI1PR07MB395217E5E897BF3B9B730BB2983A0@VI1PR07MB3952.eurprd07.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: MF0xdk73r8mqdwCRvjwReNDMM/9aptC2he7RibQj8yROkK2Tq2L+Ky5Mgo9Bywy6AFFgnlrgJJeQ3Sb0x2olQVlJI0lOWOZ8kxoCsSJgRaBbRfRGYc1cp72PxpaGJa8LJKehcfbp2aKAFvFNwqkyITLK85HIrE7/vtyOWVPwEFkU5Czf0FD7AeSB5tP9duEQhAZ4HWMZYnIV1jtqnKTQ2BIbcEMaeg/InFlaoJGsWKJDle2o+WTN5K+mpuvy6/8hLSxVIfakkUnHgw8wTqrhu1bgM9oZB+7InYmw/3FQ+Pu4eihU8I7+ujn+wHhZ+EBHM3tbI64z7GU7O880iKy1rtIoXnJAWJdDcrVf2xaHlyleB9I0ekjR6I7oTov6mKosC+0rXZNtH0T1Ow9xPcGPyeBLwcvXndEbmpoUbI0qE0bTP5yffnVEE5hvM0KHnxTamv9vAcI23GYAxebTTPjicg==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:VI1PR07MB4477.eurprd07.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(366004)(136003)(396003)(376002)(39860400002)(346002)(6506007)(15650500001)(86362001)(478600001)(54906003)(71200400001)(83380400001)(186003)(66446008)(64756008)(76116006)(2906002)(36756003)(966005)(316002)(91956017)(5660300002)(66476007)(66946007)(26005)(6916009)(2616005)(33656002)(66556008)(6512007)(8936002)(450100002)(4326008)(8676002)(6486002)(44832011); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata: yPLjCGTWIGVJpRj3ddC+JLDYTZ1jssuTUtCfhMC2ubXgnj1Nc+l+R9kwigCpmPflUa8URTpN8yJyw8ICcBzvkXLeD/BPxCBr5m6PnHEuytIszPqUlDhn5KIyW6MLxaoILHty0tMPmOEw61MNxOeLQt8X1vINf2TZlC6yuhd6tB63+iDlP+xTGlRmWfPqJA051G8VI20nNcA67W7ogJHybV3VEbR6NxCpoUK9Uw2+q5Smb7kfQ/DMimdmZZLt08/ib5HCs8htxFrGC8/0ZSWVj5lIrPsA1vV7YPCQnWehjBwGpjzctws3xzN6Z/za88hcBaFP0tDuzvsv9TL4m193HYXX+wW7T8XOdvG7b6WAXM7UGghbbjk4uAxN/MPQUysKk15pSgvUuTyr8otibKSSFsbPk1LQ/simBDTwhDuqc2mhGCkgBrmUXF7JCE/7fz8BJ0oT/aQOF+FqfKHiPI65B5hUyjJda2IYzbx758ooRlXWSXNWepMmrZu/UfRmrSEgrUdNi87uHZ6gRL5XutQtJmtQ+5kavqIbb2q+h9Z31ppOCB/cQzicSI9xtmCLqRTGFhc+fcr3t6OKZT3GFlsnyUH/T4ERBrQNq+0mj4WQDnZieM6/btssU2OquUeT1wv1YGAPLwTIQ6w0AqOMkGMArQ==
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="utf-8"
Content-ID: <48A36B98366F5C4588C60317C6188442@eurprd07.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: ericsson.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: VI1PR07MB4477.eurprd07.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 08e9076d-2f1b-4556-84ed-08d85e350827
X-MS-Exchange-CrossTenant-originalarrivaltime: 21 Sep 2020 13:48:33.4371 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: qxxKmZ8vmps4tDDfjeumSqnT+SFYazq9QyqxdmtNnUWyb7otp3xR9dn9PxnbZtAVj8h75J4AIxA3bOVGO/bRANQ+SEaLWF/q3GrC/sNwGBxMzPlDsLprxxWdRh1PmgCq
X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI1PR07MB3952
Archived-At: <https://mailarchive.ietf.org/arch/msg/ace/WRxZFPpzN9gosEI2EfWdrc-SYQE>
Subject: [Ace] OSCORE Profile status update and way forward
X-BeenThere: ace@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" <ace.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ace>, <mailto:ace-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ace/>
List-Post: <mailto:ace@ietf.org>
List-Help: <mailto:ace-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ace>, <mailto:ace-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 21 Sep 2020 13:48:42 -0000

Hi all,

Following the discussions here and at the latest interim, I have submitted a new version of the OSCORE profile. This version addresses the last call/post last call comments: Gen ART review, the OPS Dir review, IANA comments and John's review. Diff here: https://tools.ietf.org/rfcdiff?url2=draft-ietf-ace-oscore-profile-12.txt 

Re IANA comments, I have gone with Ludwig's suggestion and named the "location" for the new IANA parameters as "client-rs request" and "rs-client response". I think this is the clearest and simplest option. If there is no objection to those names, I will send the email to the DE on Wednesday.

Gen ART and OPS Dir review were mostly editorial with some bug fixes. To answer John's review, I have done some bigger changes, additional to what I consider editorial and clarifications. Main changes are summarized here:
- Master Salt construction for JSON/Base64 encoding is now specified. Examples for both CBOR and JSON are added.
- added a requirement: clarified that the AS MUST send different OSCORE Input Material to different clients
- added security considerations on one client using the same OSCORE Input Material with different RS
- removed AS discovery mechanism (this is just inherited from the framework)
- clarified that Appendix B.2 of OSCORE can be used with this profile, and what implementers need to think about if they do.
- renamed OSCORE_Security_Context into OSCORE_Input_Material

I consider all of John's comments addressed, with two exceptions: 
a. renaming clientId and serverId, as that was discussed previously and I don't see a better option for it, and 
b. the id negotiation mechanism. As discussed in the meeting, I worked on several options to add the identifier negotiation mechanism: 

1. define an additional optional mechanism that would work on top of the existing OSCORE profile if both nodes support it. Because such a mechanism is optional, attackers in the middle could easily make the nodes roll back to OSCORE without this mechanism, which is why I don't think this is the optimal solution
Draft: https://tools.ietf.org/html/draft-palombini-ace-oscore-profile-id-00 

2. define an OSCORE profile v-2 which is equal to the existing OSCORE profile + adds the negotiation mechanism. Much more thought is needed about how these two different profiles interact (can the client try to run a v2 profile if it receives a v1 token? How does the RS react if it does support v1 but not v2? ), but it seems to me that it becomes very complicated to try to cover all cornercases and profiles overlap. Moreover I was hoping for a simple, short document. It is not.
Draft: https://tools.ietf.org/html/draft-palombini-ace-oscore-profile-v2-00 

3. include the identifier negotiation mechanism in the profile itself. I implemented this in a separate branch in the github: https://github.com/ace-wg/ace-oscore-profile/tree/id-negotiation . You can see the diff with the draft here: https://tools.ietf.org/rfcdiff?url1=https://tools.ietf.org/id/draft-ietf-ace-oscore-profile.txt&url2=https://ace-wg.github.io/ace-oscore-profile/id-negotiation/draft-ietf-ace-oscore-profile.txt 
Considered the changes which have already happened as a consequence of last call reviews, it might be worth for the working group to consider this option, although it is a major change conceptually to the document. You can see that the changes are not huge, it actually removes a lot of text.

We welcome opinions from everybody in the wg, and guidance from our chairs and AD on what's the best way to move forward at this point.

Francesca