IETF Logo Mail Archive

Re: [apps-discuss] [saag] Fwd: HTTP MAC Authentication Scheme

Eran Hammer-Lahav <eran@hueniverse.com> Tue, 10 May 2011 07:06 UTC

Return-Path: <eran@hueniverse.com>
X-Original-To: apps-discuss@ietfa.amsl.com
Delivered-To: apps-discuss@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 70171E06A4 for <apps-discuss@ietfa.amsl.com>; Tue, 10 May 2011 00:06:33 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.84
X-Spam-Level:
X-Spam-Status: No, score=-2.84 tagged_above=-999 required=5 tests=[AWL=-0.241, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2SH+Eq-vdVlW for <apps-discuss@ietfa.amsl.com>; Tue, 10 May 2011 00:06:32 -0700 (PDT)
Received: from p3plex1out02.prod.phx3.secureserver.net (p3plex1out02.prod.phx3.secureserver.net [72.167.180.18]) by ietfa.amsl.com (Postfix) with SMTP id D6FD4E0840 for <apps-discuss@ietf.org>; Tue, 10 May 2011 00:06:32 -0700 (PDT)
Received: (qmail 3056 invoked from network); 10 May 2011 07:06:27 -0000
Received: from unknown (HELO smtp.ex1.secureserver.net) (72.167.180.21) by p3plex1out02.prod.phx3.secureserver.net with SMTP; 10 May 2011 07:06:27 -0000
Received: from P3PW5EX1MB01.EX1.SECURESERVER.NET ([10.6.135.19]) by P3PW5EX1HT003.EX1.SECURESERVER.NET ([72.167.180.21]) with mapi; Tue, 10 May 2011 00:06:27 -0700
From: Eran Hammer-Lahav <eran@hueniverse.com>
To: Nico Williams <nico@cryptonector.com>
Date: Tue, 10 May 2011 00:06:22 -0700
Thread-Topic: [apps-discuss] [saag] Fwd: HTTP MAC Authentication Scheme
Thread-Index: AcwO3dwSAJ0GFgZeSi2aLK8HDXFhZgAAkNug
Message-ID: <90C41DD21FB7C64BB94121FBBC2E723447581DA9EF@P3PW5EX1MB01.EX1.SECURESERVER.NET>
References: <90C41DD21FB7C64BB94121FBBC2E723447581DA8EA@P3PW5EX1MB01.EX1.SECURESERVER.NET> <B1968C5A-867C-4C7D-B3EF-A399AD626B60@vpnc.org> <BANLkTinXPER5NaKxMFnbviMaX=CTSp81fg@mail.gmail.com> <90C41DD21FB7C64BB94121FBBC2E723447581DA933@P3PW5EX1MB01.EX1.SECURESERVER.NET> <BANLkTinr2oT0Br7tJ3z_e01oYLe7KTt6+A@mail.gmail.com>
In-Reply-To: <BANLkTinr2oT0Br7tJ3z_e01oYLe7KTt6+A@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Cc: "saag@ietf.org" <saag@ietf.org>, Apps Discuss <apps-discuss@ietf.org>
Subject: Re: [apps-discuss] [saag] Fwd: HTTP MAC Authentication Scheme
X-BeenThere: apps-discuss@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: General discussion of application-layer protocols <apps-discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/apps-discuss>
List-Post: <mailto:apps-discuss@ietf.org>
List-Help: <mailto:apps-discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 10 May 2011 07:06:33 -0000


> -----Original Message-----
> From: Nico Williams [mailto:nico@cryptonector.com]
> Sent: Monday, May 09, 2011 11:46 PM
> To: Eran Hammer-Lahav
> Cc: Apps Discuss; saag@ietf.org
> Subject: Re: [apps-discuss] [saag] Fwd: HTTP MAC Authentication Scheme
> 
> On Mon, May 9, 2011 at 3:29 PM, Eran Hammer-Lahav
> <eran@hueniverse.com> wrote:
> >> Regarding the question of when to include a hash of the body in the
> >> normalized request string that gets MACed... If one is using TLS,
> >> then I suggest adding the TLS channel binding into the MAC input
> >> string and drop the body hash.  This will speed up operation, since
> >> there's no need to hash the body (think of the performance impact of
> >> hashing the request body in an implementation that uses sendfile()!).
> >
> > It is still not clear when hashing the body is really important, and if this
> should be just an optional feature or something that is required. If it is
> optional, it is not clear how the server should indicate to the client that it is
> required for any particular protected resource. We're still debating that and
> waiting for some deployment experience to guide us.
> 
> See below.
> 
> >> I don't see the point of attempting to provide only partial integrity
> >> protection (e.g., the draft doesn't say to include ever request
> >> header into the MAC
> >> input) if there's no TLS.  In fact, I don't see the point of not
> >> using TLS, but if TLS avoidance is desired then all of the request
> >> (minus the MAC) and response should be covered by the MAC.
> >
> > The point is to be practical given the target audience and use cases we have
> for this: web developers.
> 
> Surely not.  Surely the point is to make some attack more difficult.
> Yes, surely it's nice to make it easy for developers to use it, but that's a
> secondary issue.  The primary issue, what I'm not getting from the I-D, is
> what you're trying to protect against.
> 
> "What is your threat model?"

An eavesdropper grabbing plaintext credentials and using them to gain access to protected resources. That's 99% of it, with the other 1% being that sending plaintext credentials over TLS can still leak due to incorrect implementation, or attacks on dynamic configuration, leading the client to send its plaintext credentials over TLS to the wrong server.

EHL

v2.23.0 | Report a Bug | By Email