IETF Logo Mail Archive

[calsify] draft-douglass-subscription-upgrade / Re: Client "Bootstrapping" Procedures for CalDAV/CardDAV for passwordless access

Дилян Палаузов <dilyan.palauzov@aegee.org> Wed, 10 October 2018 07:30 UTC

Return-Path: <dilyan.palauzov@aegee.org>
X-Original-To: calsify@ietfa.amsl.com
Delivered-To: calsify@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BB7C7130DC1 for <calsify@ietfa.amsl.com>; Wed, 10 Oct 2018 00:30:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (4096-bit key) header.d=aegee.org
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FRqaMYKPBovK for <calsify@ietfa.amsl.com>; Wed, 10 Oct 2018 00:30:56 -0700 (PDT)
Received: from mail.aegee.org (mail.aegee.org [144.76.142.78]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4E7DD127148 for <calsify@ietf.org>; Wed, 10 Oct 2018 00:30:55 -0700 (PDT)
Authentication-Results: mail.aegee.org/w9A7Uo4t015225; auth=pass (LOGIN) smtp.auth=didopalauzov@AEGEE.ORG
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=aegee.org; s=k4096; t=1539156652; i=dkim+MSA-tls@aegee.org; r=y; bh=ADFZih+aMbtR8/Z+Jmq4/MRKV7NKuINsaOhZcnZ7sI8=; h=Subject:From:To:Cc:Date:In-Reply-To:References; b=lNgV6jn9o9nky/OGCzVu1MuOIV7as468vGnsBGpedfPpIYFNEGvFl5oy5FbzaZA6H DkpJ/gvUZj4tYlzJH/3O1EteK+4dm++dlYAP0CxU7jCBEMlSiJ7OasrdB7L4sGNIrx DeZC/7MFTRwWNqSPqhR6SvtQMlo87AVNLxTHa6bUsyDJnYJ5wVYhIlPrSFjQpE9y+4 LAFIs1lqinqIaxjkdSsoQsPh7xqpqy4nQa0mLolQCH5unxiUUYgD3ffq5tSfk/AcPQ Wx/IahXPZH2kBY2x4YupmZQI7dvJq2BOx6oQbNXb1VLDrHUXW3bDCl+PCEFs/kAFb/ A1e5b70IQaqLetJcmilFLLNmof3sqM33kDvUPaPSDRDRl1f5QaBTDQhtBcPpr2zIV8 KCDRs3TQ2uJudmMY9JsLWLCbKEQz+kyH70Cx7dAUzYVvy9/VofjV8vg/vkan5zrP9C s/7E1oDfRgSShCa7vePV8no/CCY2siI4k+cAkXJY9NvavWaLXFDH8bvffJyqYJ1cry q0MIFprUstxuzjQ01vTF5t+jL3bs7iGs+Ug7M0ADdMs9iiTvqMMqn7Ww3sR/Ebh2+s 06lZTg3nmPv0y3zk0/bTahPPaA2a78VEM+YLwUMw2OQnd/GJQs/LWvtaP2yXv8QPED dm31q7nIKy4WVLJr+X/LkW+c=
Authentication-Results: mail.aegee.org/w9A7Uo4t015225; dkim=none
Received: from Tylan (87-118-146-153.ip.btc-net.bg [87.118.146.153]) (authenticated bits=0) by mail.aegee.org (8.15.2/8.15.2) with ESMTPSA id w9A7Uo4t015225 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Wed, 10 Oct 2018 07:30:51 GMT
Message-ID: <c70feab7a2a2983f16e1842e5522b37972d23d16.camel@aegee.org>
From: Дилян Палаузов <dilyan.palauzov@aegee.org>
To: Michael Douglass <mikeadouglass@gmail.com>
Cc: calsify@ietf.org
Date: Wed, 10 Oct 2018 07:30:50 +0000
In-Reply-To: <20180819030918.Horde.QhV2Wf7cFO4nBkr4bCOLKvj@webmail.aegee.org>
References: <20180818233752.Horde.esUJKQWOiboWHLScyO3X6Rq@webmail.aegee.org> <821258b3-8eb0-fc80-e023-ef2c8e8f68ef@gmail.com> <20180819030918.Horde.QhV2Wf7cFO4nBkr4bCOLKvj@webmail.aegee.org>
Content-Type: text/plain; charset="UTF-8"
User-Agent: Evolution 3.31.2
Mime-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Virus-Scanned: clamav-milter 0.100.1 at mail.aegee.org
X-Virus-Status: Clean
Archived-At: <https://mailarchive.ietf.org/arch/msg/calsify/-IkMrjvaE3BlZcRxm1t2pdKCguQ>
Subject: [calsify] draft-douglass-subscription-upgrade / Re: Client "Bootstrapping" Procedures for CalDAV/CardDAV for passwordless access
X-BeenThere: calsify@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <calsify.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/calsify>, <mailto:calsify-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/calsify/>
List-Post: <mailto:calsify@ietf.org>
List-Help: <mailto:calsify-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/calsify>, <mailto:calsify-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 10 Oct 2018 07:31:00 -0000

Hello,

the passwordless CalDAV access can be reflected also in 
https://tools.ietf.org/html/draft-douglass-subscription-upgrade-03 :

One CalDAV collection can be accessed in two ways: anonymously (without
login) and with login.  In the former case the client cannot make
modifications, in the latter the client probably can.

The use case is that any user can edit the ACLs of its own calendar and
can say that anybody can read it.

Should OPTIONS following draft-douglass-subscription-upgrade publish
Link: subscribe-caldav or Link: subscribe-caldav-auth for that
resource?

The current problem with the CalDAV clients is, that some of them
insist on having a username before making a request and others only
send the username, if they get 401.  For a calendar that can be
accessed in two modes, the server does not return 401 and the clients
are stuck.  The only thing a server can do is to send 401 when no user
name is provided and accept for a user “anonymous@domain” any password.

draft-douglass-subscription-upgrade doesn’t say that for Link:
subscribe-caldav when the server returns 401 the client shall retry
with user anonymous@domain and it shouldn’t.

My proposal is to remove subscribe-caldav-auth from the draft and ask
the user, whether she wants to authenticate for the CalDAV collection.

Greetings
  Дилян

On Sun, 2018-08-19 at 03:09 +0000, Dilyan Palauzov wrote:
> Hello Michael,
> 
> where precisely is HTTP Basic Authentication required for  
> CalDAV/CardDAV and what is the purpose of this requirement?
> 
> https://tools.ietf.org/html/rfc4918#section-20.1  [WebDAV core RFC]  
> requires support for Digest authentication, permitting other  
> authentications, but appendix E states
>     Note that the results of
>     some requests might vary according to whether or not the client is
>     authenticated -- a PROPFIND might return more visible resources if
>     the client is authenticated, yet not fail if the client is anonymous.
> 
> so WebDAV does not require authentication.
> 
> In RFC4791 CalDAV I cannot find such requirements, too.
> 
> What do you mean by putting authenticated and unauthenticated  
> resources in different context?  Do you suggest to use different  
> domains, which allow the bootstrapping process to find different URLs?  
>   This will help with clients which send passwords only after  
> receiving 401, but will not help with clients which insist on having a  
> password before performing the bootstrapping.
> 
> https://tools.ietf.org/html/rfc6352#section-9.3 [CardDAV, Client  
> Configuration] adds:
>     Given support for SRV records (Section 11) and DAV:current-user-
>     principal-URL [RFC5397], users only need enter a user identifier,
>     host name, and password to configure their client.  The client would
>     take the host name and do an SRV lookup to locate the CardDAV server,
>     then execute an authenticated PROPFIND on the root/resource looking
>     for the DAV:current-user-principal-URL property.
> 
> So clients waiting for 401 before authenticating on performing this  
> PROPFIND are indeed formally wrong.
> 
> But are CalDAV/CardDAV clients required to authenticate on purpose,  
> was this an oversight, not to state clearer that unauthenticated  
> accesses is bad idea, and what what speaks against clarifying this now?
> 
> Greetings
>    Дилян
> 
> ----- Message from Michael Douglass <mikeadouglass@gmail.com> ---------
>     Date: Sat, 18 Aug 2018 21:55:41 -0400
>     From: Michael Douglass <mikeadouglass@gmail.com>
> Subject: Re: [calsify] Client "Bootstrapping" Procedures for  
> CalDAV/CardDAV for passwordless access
>       To: calsify@ietf.org
> 
> 
> > On 8/18/18 19:37, Dilyan Palauzov wrote:
> > > Hello,
> > > 
> > > RFC6764 "Locating Services for Calendaring Extensions to WebDAV  
> > > (CalDAV) and vCard Extensions to WebDAV (CardDAV)", Section 6.  
> > > Client "Bootstrapping" Procedures suggests asking the user for  
> > > minimal amount of data - email address or URL and a password, to  
> > > complete the configuration.
> > > 
> > > RFC 4918 "HTTP Extensions for Web Distributed Authoring and  
> > > Versioning (WebDAV)" - Appendix E.  Guidance for Clients Desiring  
> > > to Authenticate says:
> > > 
> > >    Thus, the WebDAV client would be able to authenticate
> > >    with its first couple requests to the server, provided it had a way
> > >    to get the authentication challenge from the server with realm name,
> > >    nonce, and other challenge information.  Note that the results of
> > >    some requests might vary according to whether or not the client is
> > >    authenticated -- a PROPFIND might return more visible resources if
> > >    the client is authenticated, yet not fail if the client is  
> > > anonymous. [...]
> > > 
> > > My understanding is, that a CalDAV server can offer public and  
> > > private calendars.  When users authenticate, they see the own,  
> > > internal and public calendars, but if they don't authenticate  
> > > (=anybody on the globe) can see the public calendar.  In  
> > > particular, for the same requests the server can return different  
> > > answers, depending on whether the user is authenticated, but never  
> > > return 401 to force user authentication.
> > > 
> > > How shall the bootstraping work for public calendars?  Entering  
> > > anonomous@domain with any password would work, but this is  
> > > unnecessary complicated and any user using this mechanism would ask  
> > > herself how can be software engineers so stupid to require users to  
> > > enter useless information.
> > Bedework offers authenticated and unauthenticated CalDAV.  
> > Unauthenticated is actually not part of the spec as the spec  
> > mandates basic auth. Most other forms of auth don't work with CalDAV  
> > (as specified).
> > 
> > For basic auth it's quite easy. Put authenticated on one context and  
> > unauth on another. Then the server can challenge on the first  
> > request to the authenticated context. Never chanllenge on the unauth.
> > > What about closing the gap by writing one more bootstraping scenario:
> > > * for a CalDAV server:
> > >   (modify first bullet, by inserting *possibly*; inject more bullets)
> > >           +  Minimal input from a user would consist of a calendar user
> > >              address and possibly a password.  A calendar user  
> > > address is defined
> > >              by iCalendar [RFC5545] to be a URI [RFC3986]. Provided a
> > >              user identifier and a domain name can be extracted from the
> > >              URI, this simple "bootstrapping" configuration can be done.
> > > 
> > >        + When no password is provided by the user, the client shall  
> > > assume that the server offers anonymous access and should try the  
> > > bootraping without a password, before forcing the user to enter one  
> > > on 401 Unauthenticated response
> > >        + When password is provided by the user, the client must  
> > > send WWW-Authenticate when obtaining the DAV:current-user-principal  
> > > and all subsequent reqeusts, even if the server has not returned  
> > > 401 Unauthenticated
> > > 
> > > The explicit "password" is a little bit funny, as the client can  
> > > use WWW-Authenticate: Negotiate/GSSAPI-SPNEGO/KerberosV without any  
> > > password, but I cannot think on a better wording.
> > > 
> > > Greetings
> > >   Дилян
> > > 
> > > _______________________________________________
> > > calsify mailing list
> > > calsify@ietf.org
> > > https://www.ietf.org/mailman/listinfo/calsify
> > 
> > _______________________________________________
> > calsify mailing list
> > calsify@ietf.org
> > https://www.ietf.org/mailman/listinfo/calsify
> 
> ----- End message from Michael Douglass <mikeadouglass@gmail.com> -----
> 
> 
> _______________________________________________
> calsify mailing list
> calsify@ietf.org
> https://www.ietf.org/mailman/listinfo/calsify

v2.23.0 | Report a Bug | By Email