Re: [Ace] Key IDs ... RE: WGLC on draft-ietf-ace-cwt-proof-of-possession-02

Mike Jones <Michael.Jones@microsoft.com> Sat, 23 June 2018 16:06 UTC

Return-Path: <Michael.Jones@microsoft.com>
X-Original-To: ace@ietfa.amsl.com
Delivered-To: ace@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 40BFA130E8B; Sat, 23 Jun 2018 09:06:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.01
X-Spam-Level:
X-Spam-Status: No, score=-2.01 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, T_DKIMWL_WL_HIGH=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=microsoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VoCa6T6Dz5FW; Sat, 23 Jun 2018 09:06:49 -0700 (PDT)
Received: from NAM05-DM3-obe.outbound.protection.outlook.com (mail-eopbgr730113.outbound.protection.outlook.com [40.107.73.113]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 11886130E88; Sat, 23 Jun 2018 09:06:48 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=18bAZZ2o8G+k4B4/GzcILCFPVyBTmHK+zMDGrJRY+GU=; b=j/1gm+JPzwBcV9OEcwi2AMtwrMv9+D5NSJazNjSBvuzYMVjWoJvBG3HTCkojQl2dGyliUs5+HSEW6NbEjlDylxBxQ/uHi9Qs0iv3kA9MsMBH0ZaYfgQ6bb1mXk135hP1VILQDx8KTBWK6Frs9xoTFT/mq5GTq0ZxO+RA5ntv0pI=
Received: from SN6PR00MB0304.namprd00.prod.outlook.com (52.132.117.158) by SN6PR00MB0415.namprd00.prod.outlook.com (52.132.118.138) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.936.0; Sat, 23 Jun 2018 16:06:42 +0000
Received: from SN6PR00MB0304.namprd00.prod.outlook.com ([fe80::cca8:e9e5:3691:f597]) by SN6PR00MB0304.namprd00.prod.outlook.com ([fe80::cca8:e9e5:3691:f597%4]) with mapi id 15.20.0937.000; Sat, 23 Jun 2018 16:06:42 +0000
From: Mike Jones <Michael.Jones@microsoft.com>
To: Jim Schaad <ietf@augustcellars.com>, Hannes Tschofenig <Hannes.Tschofenig@arm.com>, "draft-ietf-ace-cwt-proof-of-possession@ietf.org" <draft-ietf-ace-cwt-proof-of-possession@ietf.org>
CC: "ace@ietf.org" <ace@ietf.org>
Thread-Topic: Key IDs ... RE: [Ace] WGLC on draft-ietf-ace-cwt-proof-of-possession-02
Thread-Index: AdQKFSUx11D9ChnERGKUCytum2t16AAJFr0AAAwJBlAAKJb3gAAABUeA
Date: Sat, 23 Jun 2018 16:06:42 +0000
Message-ID: <SN6PR00MB0304661A4B31A135BE4F5FE7F5740@SN6PR00MB0304.namprd00.prod.outlook.com>
References: <VI1PR0801MB2112C4D6D3CED7C15D9AE886FA750@VI1PR0801MB2112.eurprd08.prod.outlook.com> <01c501d40a39$82742390$875c6ab0$@augustcellars.com> <MW2PR00MB0298632C8613747DD8D4077FF5750@MW2PR00MB0298.namprd00.prod.outlook.com> <023701d40b0c$0244bf80$06ce3e80$@augustcellars.com>
In-Reply-To: <023701d40b0c$0244bf80$06ce3e80$@augustcellars.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [107.16.94.99]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; SN6PR00MB0415; 7:9MEjbO6zJk1Ol+cGYyFRCglyOOUZ16WiSOVoauklxPc/hP0rVtVwOdXLCYGfYNbDIIbZnAX391/fxn6doPFXNpFSiCkEeSZtfMJcIRhKK4Tf0YHIxCd+zXM6owNPd4EHmrFHZF85V1azBwA7vsViKt8oyYgPUznMKe+35u/vq2npGw+hI3Zaxd0wN4BdJauwbguD0+gdt/6ioefzBbxbPFAe+af4RqJFs1LrAI55IZQD/AZSGmbxB6wSJFUs012S
x-ms-exchange-antispam-srfa-diagnostics: SOS;
x-ms-office365-filtering-correlation-id: 67c59c2b-8bb2-439f-5ca0-08d5d9234f74
x-ms-office365-filtering-ht: Tenant
x-microsoft-antispam: UriScan:(223705240517415); BCL:0; PCL:0; RULEID:(7020095)(4652020)(8989117)(4534165)(4627221)(201703031133081)(201702281549075)(8990107)(5600026)(711020)(48565401081)(2017052603328)(7193020); SRVR:SN6PR00MB0415;
x-ms-traffictypediagnostic: SN6PR00MB0415:
x-ld-processed: 72f988bf-86f1-41af-91ab-2d7cd011db47,ExtAddr
x-microsoft-antispam-prvs: <SN6PR00MB0415C1F193F348EFF4C71D1AF5740@SN6PR00MB0415.namprd00.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(28532068793085)(180628864354917)(89211679590171)(192374486261705)(223705240517415);
x-ms-exchange-senderadcheck: 1
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(8211001083)(2017102700009)(2017102701064)(6040522)(2401047)(5005006)(8121501046)(2017102702064)(20171027021009)(20171027022009)(20171027023009)(20171027024009)(20171027025009)(20171027026009)(2017102703076)(3231254)(2018427008)(944501410)(52105095)(3002001)(10201501046)(93006095)(93001095)(6055026)(149027)(150027)(6041310)(20161123560045)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123564045)(20161123558120)(20161123562045)(6072148)(201708071742011)(7699016); SRVR:SN6PR00MB0415; BCL:0; PCL:0; RULEID:; SRVR:SN6PR00MB0415;
x-forefront-prvs: 07126E493C
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(346002)(366004)(396003)(376002)(39380400002)(39860400002)(13464003)(199004)(189003)(554214002)(3846002)(86362001)(2900100001)(14454004)(86612001)(81156014)(81166006)(102836004)(8990500004)(8936002)(26005)(561944003)(6116002)(6346003)(7696005)(72206003)(76176011)(93886005)(4326008)(33656002)(10090500001)(6506007)(110136005)(66066001)(5660300001)(316002)(10290500003)(22452003)(25786009)(6246003)(478600001)(229853002)(99286004)(97736004)(11346002)(3280700002)(2906002)(53936002)(3660700001)(9686003)(446003)(486006)(106356001)(105586002)(476003)(2501003)(305945005)(186003)(5250100002)(53546011)(74316002)(8676002)(5890100001)(7736002)(6436002)(59450400001)(68736007)(55016002); DIR:OUT; SFP:1102; SCL:1; SRVR:SN6PR00MB0415; H:SN6PR00MB0304.namprd00.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: microsoft.com does not designate permitted sender hosts)
authentication-results: spf=none (sender IP is ) smtp.mailfrom=Michael.Jones@microsoft.com;
x-microsoft-antispam-message-info: uOgMAGRvzxLDSOfqIR0HAdorSGFRlyzfR089IPaqWwr2WyHAt/IVWrkeYPWrE0GzICY6cWBAnpasw5o0PnzlML0jNIJ/jxQLFlkZta6EKfhspx0QwJZpe7SXlrSv508ozHyrULroZUhijTfIKupJq3mqn6vgoh2Pi4bZxoFHPFyeFE9O2kXS9w5S//BnB6hBAKEbhPMwmCFxLLpCvvFd4hlA6hksg6vqvKLbqPJDOamvRG+N3DbzDxD7D8qzRqrIY30uJZd3OaD3Pxn9PHcPocBKFQCRJjYtWUZrZvakyyst+U/nueqW4QLxyisnzStf7NHAZPhIF59f6OYWIglxuupCS9P5rDgzAknpm2jQAAA=
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 67c59c2b-8bb2-439f-5ca0-08d5d9234f74
X-MS-Exchange-CrossTenant-originalarrivaltime: 23 Jun 2018 16:06:42.1220 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN6PR00MB0415
Archived-At: <https://mailarchive.ietf.org/arch/msg/ace/4KYqXA0U4sTXVyh1sFhXBVaZVTw>
Subject: Re: [Ace] Key IDs ... RE: WGLC on draft-ietf-ace-cwt-proof-of-possession-02
X-BeenThere: ace@ietf.org
X-Mailman-Version: 2.1.26
Precedence: list
List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" <ace.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ace>, <mailto:ace-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ace/>
List-Post: <mailto:ace@ietf.org>
List-Help: <mailto:ace-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ace>, <mailto:ace-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 23 Jun 2018 16:06:51 -0000

The sentence I sent was in addition to Hannes language to address the multiple CWT case discussed in the thread - not a replacement for it.

				-- Mike

-----Original Message-----
From: Jim Schaad <ietf@augustcellars.com>; 
Sent: Saturday, June 23, 2018 9:05 AM
To: Mike Jones <Michael.Jones@microsoft.com>;; Hannes Tschofenig <Hannes.Tschofenig@arm.com>;; draft-ietf-ace-cwt-proof-of-possession@ietf.org
Cc: ace@ietf.org
Subject: RE: Key IDs ... RE: [Ace] WGLC on draft-ietf-ace-cwt-proof-of-possession-02

No not really, Hannes's language is much closer to what I am looking for.  I don't care if they are different kinds of CWTs.  I care about impersonation.

> -----Original Message-----
> From: Mike Jones <Michael.Jones@microsoft.com>;
> Sent: Friday, June 22, 2018 10:44 PM
> To: Jim Schaad <ietf@augustcellars.com>;; Hannes Tschofenig 
> <Hannes.Tschofenig@arm.com>;; draft-ietf-ace-cwt-proof-of- 
> possession@ietf.org
> Cc: ace@ietf.org
> Subject: RE: Key IDs ... RE: [Ace] WGLC on 
> draft-ietf-ace-cwt-proof-of-
> possession-02
> 
> I think you're looking for language something along these lines, right
Jim?
> 
> "Likewise, if PoP keys are used for multiple different kinds of CWTs 
> in an application and the PoP keys are identified by Key IDs, care 
> must be taken
to
> keep the keys for the different kinds of CWTs segregated so that an
attacker
> cannot cause the wrong PoP key to be used by using a valid Key ID for 
> the wrong kind of CWT."
> 
> 				-- Mike
> 
> -----Original Message-----
> From: Jim Schaad <ietf@augustcellars.com>;
> Sent: Friday, June 22, 2018 7:59 AM
> To: Hannes Tschofenig <Hannes.Tschofenig@arm.com>;; Mike Jones 
> <Michael.Jones@microsoft.com>;; draft-ietf-ace-cwt-proof-of- 
> possession@ietf.org
> Cc: ace@ietf.org
> Subject: RE: Key IDs ... RE: [Ace] WGLC on 
> draft-ietf-ace-cwt-proof-of-
> possession-02
> 
> That language works if you assume that there is only one CWT that an 
> RS
will
> look to.  If there are multiple CWTs then one needs coordination 
> language between them.
> 
> > -----Original Message-----
> > From: Hannes Tschofenig <Hannes.Tschofenig@arm.com>;
> > Sent: Friday, June 22, 2018 6:36 AM
> > To: Jim Schaad <ietf@augustcellars.com>;; 'Mike Jones'
> > <Michael.Jones@microsoft.com>;; draft-ietf-ace-cwt-proof-of- 
> > possession@ietf.org
> > Cc: ace@ietf.org
> > Subject: Key IDs ... RE: [Ace] WGLC on draft-ietf-ace-cwt-proof-of-
> > possession-02
> >
> > Hi Jim,
> >
> > I would like to comment on this issue.
> >
> > -----
> > > > 14.  I have real problems w/ the use of a KID for POP 
> > > > identification.  It
> > may
> > > identify the wrong key or, if used for granting access, may have 
> > > problems
> > w/
> > > identity collisions.  These need to be spelt out someplace to help 
> > > people tracking down questions of why can't I verify w/ this CWT, 
> > > I know it's
> > right.
> > >
> > > The Key ID is a hint to help identify which PoP key to use.  Yes, 
> > > if a Key
> > ID is
> > > sent that doesn't correspond to the right PoP key, failures may occur.
> > > I
> > view
> > > that as usage bug - not a protocol problem.  If keys aren't 
> > > consistently
> > known
> > > and identified by both parties, there are lots of things that can 
> > > go
> > wrong, and
> > > this is only one such instance.  That said, I can try to say 
> > > something
> > about the
> > > need for keys to be consistently and known by both parties, if you 
> > > think
> > that
> > > would help.
> >
> > > My problem is that if there are two different people with the same 
> > > Key ID,
> > either intentionally or unintentionally, then using the key ID to 
> > identify
> the
> > key may allow the other person to masquerade as the first person.  I 
> > am unworried about the instance of a failure to get a key based on a 
> > key
id.
> > That is not the problem you are proposing to address.
> >
> > -----
> >
> > I think we should document this issue. Here is some text proposal 
> > that
> could
> > go into a separate operational consideration section (or into the 
> > security consideration section instead).
> >
> > "
> > - Operational Considerations
> >
> > The use of CWTs with proof-of-possession keys requires additional 
> > information to be shared between the involved parties in order to 
> > ensure correct processing. The recipient needs to be able to use 
> > credentials to
> verify
> > the authenticity, integrity and potentially the confidentiality of 
> > the CWT
> and
> > its content. This requires the recipient to know information about 
> > the
> issuer.
> > Like-wise there needs to be an upfront agreement between the issuer 
> > and the recipient about the claims that need to be present and what 
> > degree of trust can be put into those.
> >
> > When an issuer creates a CWT containing a key id claim, it needs to 
> > make sure that it does not issue another CWT containing the same key 
> > id with a different content, or for a different subject, within the 
> > lifetime of the
> CWTs,
> > unless intentionally desired. Failure to do so may allow one party 
> > to impersonate another party with the potential to gain additional
> privileges.
> > "
> >
> >
> > Ciao
> > Hannes
> >
> > IMPORTANT NOTICE: The contents of this email and any attachments are 
> > confidential and may also be privileged. If you are not the intended
> recipient,
> > please notify the sender immediately and do not disclose the 
> > contents to
> any
> > other person, use it for any purpose, or store or copy the 
> > information in
> any
> > medium. Thank you.