IETF Logo Mail Archive

Re: [Ace] Review of draft-ietf-ace-oscore-profile

Göran Selander <goran.selander@ericsson.com> Mon, 07 September 2020 15:05 UTC

Return-Path: <goran.selander@ericsson.com>
X-Original-To: ace@ietfa.amsl.com
Delivered-To: ace@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 241353A0F8F for <ace@ietfa.amsl.com>; Mon, 7 Sep 2020 08:05:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.102
X-Spam-Level:
X-Spam-Status: No, score=-2.102 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wSYNlv0Po4eY for <ace@ietfa.amsl.com>; Mon, 7 Sep 2020 08:05:21 -0700 (PDT)
Received: from EUR05-VI1-obe.outbound.protection.outlook.com (mail-vi1eur05on2072.outbound.protection.outlook.com [40.107.21.72]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 007023A0F94 for <ace@ietf.org>; Mon, 7 Sep 2020 08:05:20 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=D2wdrPqiV5cIjjNRDxCRTvZ+IXN9LD2nbGrG2pI/QM5vxHW6R02qTRkvvVNhBVyzI806NjzD2ucWIkvc6kbI0Nxd0h5qhDazz6ZN6+YnEOD6fpX7GbsgwQK+TZ3JaHxZ5LMXBqgjEGRIDYwUP8qEP4mMpykcZVtYu3T2YANC8qisMdtQaxUu0c56JibtcPFeD/sXmoRVdbiy9JhKfzOhuEuUSOu2Iw1KQluQo1bSmDX4U+srJ/mwQYtIq1MPrlgTj68ovyyT9xdOCS4miogV1AwGtB+1IuptvIZiOfcCkT0a+GHAoY1mr6EHtH8xVNMy6WP3Er1uTnujjb3Yx0PL9w==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=7hP3fER5/hxeUcNJpSeCHpW9I6Uubw7lgs3U9ZF98U8=; b=ddkzz4Xj2+bOv0NbhcX7MqQ1LJR+VqdZ4rvBnhVf15SSJVOKJULN0MLIzjhHa4Rhmr75DQWMtfxTYx6JHV53kr4TjfXSz7BatyGkiXEN/lMRAq2w912YEncEpx2B9OX5xDj4FGe+WIMb8Dk4ZN+RQ0B9iN9AmgMWOrcRA9FdK6BtBGcz+TtxuKWE1XPKxl83LxmZmqkKCbhLhS8lFrPUPeH+G/TinDE2N+ICn95XsDBBQnJMRfrPfxsfKspc9xgUDjI2j4vGsmV5Gh65MnV0f7yssrpaCPUzRkT+nXJBKsOZAFZFmue/wsuEcFlvbwsuH+3zu9Fy/LekBLQQu+WPAw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ericsson.com; dmarc=pass action=none header.from=ericsson.com; dkim=pass header.d=ericsson.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=7hP3fER5/hxeUcNJpSeCHpW9I6Uubw7lgs3U9ZF98U8=; b=NqSRlIrnn6pk4p6pAL7Lqpg1d3xznisTUw1emavCOmX9jPQGtVkNvzcQKpTjnz6IgKpRTh1Bp1lWFjHKbWxatkspylPCldQLjjJanq1XV9J1XcPrLsZfLsCub5ckEmTFS15wQr4DOqsR5zEA2Rs/o1CvOEydGF2rpegGkJDJSOw=
Received: from HE1PR0702MB3674.eurprd07.prod.outlook.com (2603:10a6:7:82::14) by HE1PR07MB3178.eurprd07.prod.outlook.com (2603:10a6:7:31::28) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3370.15; Mon, 7 Sep 2020 15:05:18 +0000
Received: from HE1PR0702MB3674.eurprd07.prod.outlook.com ([fe80::3168:e1aa:8f49:6de3]) by HE1PR0702MB3674.eurprd07.prod.outlook.com ([fe80::3168:e1aa:8f49:6de3%7]) with mapi id 15.20.3370.015; Mon, 7 Sep 2020 15:05:18 +0000
From: Göran Selander <goran.selander@ericsson.com>
To: John Mattsson <john.mattsson=40ericsson.com@dmarc.ietf.org>, "ace@ietf.org" <ace@ietf.org>
Thread-Topic: [Ace] Review of draft-ietf-ace-oscore-profile
Thread-Index: AQHWhShMyduFrr/T3UaeI46XZXQfLA==
Date: Mon, 07 Sep 2020 15:05:18 +0000
Message-ID: <643557DA-9A7E-43BD-AA92-7CA84EC29B2F@ericsson.com>
Accept-Language: en-US
Content-Language: en-GB
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.40.20081000
authentication-results: dmarc.ietf.org; dkim=none (message not signed) header.d=none;dmarc.ietf.org; dmarc=none action=none header.from=ericsson.com;
x-originating-ip: [192.176.1.63]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 66281866-5025-41b9-b4ce-08d8533f6f10
x-ms-traffictypediagnostic: HE1PR07MB3178:
x-microsoft-antispam-prvs: <HE1PR07MB3178C17DDABE013803492D59F4280@HE1PR07MB3178.eurprd07.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: p2fuaVnZ2aLc/mwhCd1HIpFghPWpcZVuut4tD0D/EF+OCQnP2KI1a77tKgjuLTZRwr7Rf6kxh1+7DGytvVaUHsEY7oBo+WK3ddoCRWnECl3rJk1Z3O7QpwPftl8HmkvYJy3l5+WMsgZp6m4VbEsNum/DGTX6zQ4ZJEHr8FlpHuse0U3C9GuDgDdRcTy2u+sIPjZg3swcie85HWJOl3ANxWHlD0ZoNVAYcLrW7JcaFORUlSAMRp6e7/xcI5sp6+Br3jPvSsIS5TaEU9wRiyjxOVtmZjgk+5eJy2pFllmbSfuJWqAct88XuRxxJJTH8BF+Vi66zcUwirWygW7dDqKmSCltQUWQfCJFZea3yafa+/qjISCKOa98B94Jy/0n8e/7+X28zAKL1yZFutSJLEJ5ZQ==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:HE1PR0702MB3674.eurprd07.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(396003)(376002)(136003)(39860400002)(346002)(366004)(91956017)(85202003)(26005)(966005)(6486002)(186003)(71200400001)(66446008)(33656002)(2616005)(8936002)(66476007)(83380400001)(76116006)(66946007)(6506007)(66574015)(66556008)(64756008)(86362001)(478600001)(316002)(83080400001)(36756003)(6512007)(2906002)(5660300002)(110136005)(85182001)(8676002); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata: l7Jz1s658aMIUDV8JxVqqIVVYjA7xdCrJ1co3Vdo8YE6AqrqhlxQ1Tv4MFiTgAM7UJyJIwm5jJwjZVNx9IksOGmSuMMWrB/RafZL2EvIvEDiRgnEwCtc6FIAXA7srRr60/xw4i2dV5qG4HKVJWZRekuDpsK/UdIEmBKaIeeC+XQu1osSYHXMQUHIWGBaKI8Zmwg94eVq1f9GxzJ0JImKpvfSTRqt8eYD/aegIOCRFWb2NexixU71BimTAK6nhpWACF5j/a2b5CBx1IYNReREuvIuVArU7IJIoqcb8MCZCx4H0OhFZJ+84phRZx4n9qvkf59SUuzQN0touCkp5A/RYW/D3Mbu+YBRXh19TFqC9xKUoGHe1yB8B9jVs9fQ0nl/stA+qKJxefil0J/YZQPNLpvj6FhKBO02S3N84Oftjp3aQ5i2kIxsZnr3kw//sDloWvzo1hJVkpZaVrdKSX7Zny85CBL/mFNBeVLJanXITzVcjJMSHJh+Xj7/pNSpAPvQQ04N8AHtYZfBECNK3f4NMc0mnIqxr5HEEPBWUJ81nDDdoXiRQAEflWvkqiwNp73azC56oozrQgEWpP7TppTJT9+Q3LLJIwtHb2cPk2UoKNSN8F5G0TBrJc8LAtrU+8qC+ySVqQDMOEJ9nTr4d8JppQ==
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="utf-8"
Content-ID: <07039821D57F6840AEB68C69301D8AB3@eurprd07.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: ericsson.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: HE1PR0702MB3674.eurprd07.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 66281866-5025-41b9-b4ce-08d8533f6f10
X-MS-Exchange-CrossTenant-originalarrivaltime: 07 Sep 2020 15:05:18.3646 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: NtzEl0tGyvvpeyFEeMhN9sIobKJ7IIOkKllu/fOnpl5HOdEkFSha0YwHtJlWpKnOUN99WFa+X/H0HyyjaZk7COH9VcaFMNSbZFQZORVYIO0=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: HE1PR07MB3178
Archived-At: <https://mailarchive.ietf.org/arch/msg/ace/oFSK3uVvH5GOiSYaMLPvkDj3ZSk>
Subject: Re: [Ace] Review of draft-ietf-ace-oscore-profile
X-BeenThere: ace@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" <ace.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ace>, <mailto:ace-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ace/>
List-Post: <mailto:ace@ietf.org>
List-Help: <mailto:ace-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ace>, <mailto:ace-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 07 Sep 2020 15:05:26 -0000

Hi,

Just want to acknowledge, as was discussed in the WG meeting today, that the major comment below is alternatively a possible -bis update. I think this is good functionality, and even though related problem statements have been discussed before, this solution has not. And although the change is small it comes at a late stage. But if it doesn't make it for this version then let's make it in an update soon. 

Göran


On 2020-09-05, 14:51, "Ace on behalf of John Mattsson" <ace-bounces@ietf.org on behalf of john.mattsson=40ericsson.com@dmarc.ietf.org> wrote:

    Hi,

    I have reviewed the latest GitHub version of draft-ietf-ace-oscore-profile
    https://protect2.fireeye.com/v1/url?k=cd0dd5df-93bc0ebf-cd0d9544-86e2237f51fb-51fc8fb4bf065a0f&q=1&e=5ecc1a37-faa1-4082-857b-150aa2dc3b9a&u=https%3A%2F%2Face-wg.github.io%2Face-oscore-profile%2Fdraft-ietf-ace-oscore-profile.html

    In general this draft looks very good. I have one major comments, and several more minor comments.

    Major comment
    -------------------

    - Asignment of OSCORE Sender and Recipient IDs

    I think the specified mechanism where the AS dictates the OSCORE connection parameters is unfortunate. It introduces several current and future limitations. The current assignment mechanisms only works without problems in close systems where the RS does not have any other non-AS OSCORE connections, where the CoAP client and CoAP server roles are fixed and cannot be switched, and where only draft-ietf-ace-oscore-profile is used. In systems where the OSCORE nodes can switch between CoAP client and CoAP server (a feature explicitly supported by OSCORE) the current mechanism is likely to lead to RecipientID collisions. Also in future systems where the AS also supports a more modern key management with PFS using e.g. a future draft-ace-edhoc-oscore-profile, the mechanism would not work together in an efficient way. My understanding is that the authors would like the solution to work with both role switching and EDHOC.

    How to negotiate these type of connection identifiers (in this case OSCORE Sender and Recipient IDs) have been studied and specified several times in e.g. draft-selander-lake-edhoc, draft-ietf-tls-dtls-connection-id. A solution where each party choses its OSCORE recipient ID for the connection always work without collisions. Such a negotiation could quite easily be added to the roundtrip with the nonces N1 and N2. My feeling is that it would be worthwhile to do such a change. This would also require a new identifier for the OSCORE_Security_Context Object, either a new objectID or a hash of the object could be used. I think this would be a good change as the current "hack" of using the ACE client sender Id and and ID context to identify the object might lead to other future limitations.

    The suggested changes would lead quite equal message sizes and storage requirements, they might even lead to some small improvements.

    Minor comments
    -------------------

    - "server authentication"

    My understanding is that server authentication with this draft requires two additional things. That C trusts AS and that RS sends an OSCORE response back. The draft should point this out similarly to the way it points out that a OSCORE request is required for proof-of-possession. As C trust in AS, and RS sending an OSCORE response back are both optional, I would recommend to maybe remove "server authentication" from the abstract and intro.

    - "The nonces are encoded as CBOR bstr if CBOR is used, and as Base64 string if JSON is used"

    Would be good to define exactly how the Master salt is created when JSON is used. I.e. is the Base64 encoded strings used, or are the byte strings after Base64 decoding used.

    - "the authz-info endpoint is not a protected resource, so there is no cryptographic protection to this request."

    I do not think this follows from the OAuth ACE term “protected resource”. Most resources on the web are not protected resources, but use cryptographic protection (https:// HTTPS)

    - "An OSCORE_Security_Context is an object that represents part or all of an OSCORE Security Context"

    The object cannot represent all of an RFC 8613 OSCORE Security Context as sequence number, replay window, and Master salt are missing. I would also strongly recommend removing "context" from the name of the object so that it is not confused with an RFC 8613 context. Maybe OSCORE input keying material or something similar.

    - "CBOR type"

    The types listed are CDDL types. Should at least mention CDDL or change to actual CBOR types.

    - "Security Context identified by "kid""

    This message has two different "kid", one on the ACE level and one on the OSCORE level, would be good to clarify which "kid" this refers to.

    - "client" "server"

    I think the draft should have a sentence saying that the terms "client" "server" when used without specification refer to the ACE client C and the ACE resource server RS. There is another server in the ACE architecture, and on the CoAP level the nodes can switch roles.

    - "input salt"

    input salt is not defined when it is used in section 2.

    - "clientID", "serverID", "contextID"

    I am not fond of these new abbreviations for the OSCORE parameters for several reasons. The draft uses the term "clientID" for "ACE client sender ID" = "ACE resource server recipient ID", the term "serverID" for "ACE client recipient ID" = "ACE resource server sender ID", and the term "contextID" for "ID context". "clientID" and "contextID" is also together used as an identifier for the "OSCORE_Security_Context Object".

    The problems I have with these terms are that "client ID" and "serverID" give the impression that they are identifiers for the nodes C and RS, which they are not. In two-party OSCORE, the identifiers (senderID and recipientID) are not connected to any of the parties more than the other. In fact, a node needs to be in control of its recipient IDs but does not really need to care much about its sender IDs.

    - RFC 8613 Appendix B.2

    To me it does not seem clear if draft-ietf-ace-oscore-profile can be used together with the mechanism in Appendix B.2 of RFC 8613. The mechanism in Appendix B.2 leads to a new Context ID. Is it allowed to use that mechanism after using draft-ietf-ace-oscore-profile? In draft-ietf-ace-oscore-profile, the AS dictates a specific “ID Context”?

    Cheers,
    John

    _______________________________________________
    Ace mailing list
    Ace@ietf.org
    https://www.ietf.org/mailman/listinfo/ace

v2.23.0 | Report a Bug | By Email