IETF Logo Mail Archive

Re: [Ace] AD review of draft-ietf-ace-dtls-authorize-09

Jim Schaad <ietf@augustcellars.com> Mon, 06 January 2020 18:12 UTC

Return-Path: <ietf@augustcellars.com>
X-Original-To: ace@ietfa.amsl.com
Delivered-To: ace@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 83B5B120A0E; Mon, 6 Jan 2020 10:12:41 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pEmnh64JSAw3; Mon, 6 Jan 2020 10:12:36 -0800 (PST)
Received: from mail2.augustcellars.com (augustcellars.com [50.45.239.150]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9FE3A12094F; Mon, 6 Jan 2020 10:12:21 -0800 (PST)
Received: from Jude (73.180.8.170) by mail2.augustcellars.com (192.168.0.56) with Microsoft SMTP Server (TLS) id 15.0.1395.4; Mon, 6 Jan 2020 10:12:07 -0800
From: Jim Schaad <ietf@augustcellars.com>
To: 'Olaf Bergmann' <bergmann@tzi.org>
CC: ace@ietf.org, 'Benjamin Kaduk' <kaduk@mit.edu>, draft-ietf-ace-dtls-authorize.all@ietf.org
References: <20200102234020.GI35479@kduck.mit.edu> <014601d5c2b8$9947acc0$cbd70640$@augustcellars.com> <878smkrjg0.fsf@wangari>
In-Reply-To: <878smkrjg0.fsf@wangari>
Date: Mon, 06 Jan 2020 10:12:05 -0800
Message-ID: <000801d5c4bc$cf418110$6dc48330$@augustcellars.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Mailer: Microsoft Outlook 16.0
Thread-Index: AQHGCRF5nmwiv9SPGwzqJ8qbQfLFcAHlgxMZAtepCeWn13nIkA==
Content-Language: en-us
X-Originating-IP: [73.180.8.170]
Archived-At: <https://mailarchive.ietf.org/arch/msg/ace/pkRFwuWrxOH4EJLrFG4aspVq0Zk>
Subject: Re: [Ace] AD review of draft-ietf-ace-dtls-authorize-09
X-BeenThere: ace@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" <ace.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ace>, <mailto:ace-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ace/>
List-Post: <mailto:ace@ietf.org>
List-Help: <mailto:ace-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ace>, <mailto:ace-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 06 Jan 2020 18:12:45 -0000


-----Original Message-----
From: Ace <ace-bounces@ietf.org> On Behalf Of Olaf Bergmann
Sent: Monday, January 6, 2020 2:03 AM
To: Jim Schaad <ietf@augustcellars.com>
Cc: ace@ietf.org; 'Benjamin Kaduk' <kaduk@mit.edu>; draft-ietf-ace-dtls-authorize.all@ietf.org
Subject: Re: [Ace] AD review of draft-ietf-ace-dtls-authorize-09

Jim,

Jim Schaad <ietf@augustcellars.com> writes:

[Ben's review]
> We also are potentially in violation of the framework's requirements with respect to the independent selection of profiles for client/AS and client/RS interactions -- at present, when DTLS+RPK is used for client/RS, we require that DTLS+RPK is also used for client/AS, in order to prove possession of the key.  We could perhaps weasel our way out by saying that the framework's requirement applies at the profile granularity, and with symmetric PSK we can be fully independent, but we still need to say something about this property and the interaction with the framework's requirements.
>
> [JLS] I am missing where it is saying this.   Can you give a pointer?  I don't believe that the POP of the RPK is required at the time that the token is obtained.

The problem is that AS must bind the Access Token to the RPK that the Client has presented, and the Client must use the very same RPK to establish the DTLS channel with RS. Otherwise, RS cannot be sure that AS has issued the Token to the same entity that is currently communicating with RS.

[JLS]  What if I do the following sequence of events:
1.  The AS is configured with RPK1 for the client and the client is configured with RPK2 for the AS.
2.  The client and the AS run some type of POP algorithm, not currently specified, to configure RPK3 into the AS for a second RPK to work with some set of audiences (AUD1).
3.  The client then uses RPK1 to authenticate to the AS and asks for a new token for AUD1 and provides (explicitly or implicitly RPK3).  The AS knows that it is tied to the client due to what happened in step 2.  The AS then creates a new token for AUD1 which contains RPK3 for the client (and RPK4 for the RS) and returns it.

The AS does a current POP for RPK1 when the token is being asked for.
The AS did a POP for RPK3 when it was placed into the system.
The AS has not done a POP for RPK4 - that was simply configured without that step ever being done.  The ACE framework has no ability for the AS to do the POP on RPK4 and ensure that it current.  The client would do a POP when the TLS session is created but has to rely on the AS that it is for the correct RS.

Note that the client can never generate a brand new RPK9 and send it to the AS in the token request because the AS will never have seen this before and would need to run the POP algorithm of step 2 in order to assure that it is bound to the correct client and not pulled out of thin air.  RPK9 could not be used to authenticate the token request because the AS has no idea what client it is tied to.

Jim


Jim
 

Grüße
Olaf

_______________________________________________
Ace mailing list
Ace@ietf.org
https://www.ietf.org/mailman/listinfo/ace

v2.23.0 | Report a Bug | By Email