IETF Logo Mail Archive

Re: [Gen-art] Gen-ART Telechat review of draft-ietf-pcp-authentication-13.txt

Paul Kyzivat <pkyzivat@alum.mit.edu> Tue, 07 July 2015 19:41 UTC

Return-Path: <pkyzivat@alum.mit.edu>
X-Original-To: gen-art@ietfa.amsl.com
Delivered-To: gen-art@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A22031A889C for <gen-art@ietfa.amsl.com>; Tue, 7 Jul 2015 12:41:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.235
X-Spam-Level:
X-Spam-Status: No, score=-1.235 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, SPF_SOFTFAIL=0.665] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Sso6FrT_1T2R for <gen-art@ietfa.amsl.com>; Tue, 7 Jul 2015 12:41:26 -0700 (PDT)
Received: from resqmta-ch2-05v.sys.comcast.net (resqmta-ch2-05v.sys.comcast.net [IPv6:2001:558:fe21:29:69:252:207:37]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BDD741A8898 for <gen-art@ietf.org>; Tue, 7 Jul 2015 12:41:26 -0700 (PDT)
Received: from resomta-ch2-14v.sys.comcast.net ([69.252.207.110]) by resqmta-ch2-05v.sys.comcast.net with comcast id pXdz1q0072PT3Qt01XhSVM; Tue, 07 Jul 2015 19:41:26 +0000
Received: from Paul-Kyzivats-MacBook-Pro.local ([50.138.229.151]) by resomta-ch2-14v.sys.comcast.net with comcast id pXhQ1q0053Ge9ey01XhQrf; Tue, 07 Jul 2015 19:41:26 +0000
Message-ID: <559C2B63.1060501@alum.mit.edu>
Date: Tue, 07 Jul 2015 15:41:23 -0400
From: Paul Kyzivat <pkyzivat@alum.mit.edu>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:31.0) Gecko/20100101 Thunderbird/31.7.0
MIME-Version: 1.0
To: Sam Hartman <hartmans@painless-security.com>
References: <20150703040329.26422.22765.idtracker@ietfa.amsl.com> <913383AAA69FF945B8F946018B75898A478836EC@xmb-rcd-x10.cisco.com> <5599A773.40701@alum.mit.edu> <913383AAA69FF945B8F946018B75898A478868AF@xmb-rcd-x10.cisco.com> <559BE75E.9010904@alum.mit.edu> <tslh9pgng78.fsf@mit.edu> <559C1633.10700@alum.mit.edu> <tsla8v7n7nt.fsf@mit.edu>
In-Reply-To: <tsla8v7n7nt.fsf@mit.edu>
Content-Type: text/plain; charset="windows-1252"; format="flowed"
Content-Transfer-Encoding: 7bit
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=comcast.net; s=q20140121; t=1436298086; bh=8E+FOTupb02w+qVTeFjH21G7ECjD9z7BKNf8lMRUVrU=; h=Received:Received:Message-ID:Date:From:MIME-Version:To:Subject: Content-Type; b=fm/gcGOcIDds1sRaikWCt+L04PTkQAjoJ5V0zOM1/x7H6C/11w05vvBCyFlVhT3/b IiEPFmE6hdJOj2URW8BxH9fqvKmiTmaxn9Bwb7KFBXEgJyLnYe0NPtoYIEdkrHOrZZ nJGmoGRPmLj4jrRomEDQIHE49SEGBylvtoE4rb6/sOMLnrYPAp+yM7SNxjwgdaIArU A0x0EI7RnQ7oMcWrXbYR7csNq0D2nN5beBaEkPy0+jKmo2gYpumD0j9tXNbRsLwf7r xQrqfpFhva7r5+xC3skZ8/4OjHBuzgy0R/B8WIN+E0uQrLPXfoFNa1JBASG3TYBgJd CGzKYfKIybM1Q==
Archived-At: <http://mailarchive.ietf.org/arch/msg/gen-art/PB4ACXbJMLAj3guaynIgY9xeSAg>
Cc: General Area Review Team <gen-art@ietf.org>, "Tirumaleswar Reddy (tireddy)" <tireddy@cisco.com>, "draft-ietf-pcp-authentication.all@tools.ietf.org" <draft-ietf-pcp-authentication.all@tools.ietf.org>
Subject: Re: [Gen-art] Gen-ART Telechat review of draft-ietf-pcp-authentication-13.txt
X-BeenThere: gen-art@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "GEN-ART: General Area Review Team" <gen-art.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/gen-art>, <mailto:gen-art-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/gen-art/>
List-Post: <mailto:gen-art@ietf.org>
List-Help: <mailto:gen-art-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/gen-art>, <mailto:gen-art-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 07 Jul 2015 19:41:28 -0000

On 7/7/15 2:29 PM, Sam Hartman wrote:

>      >> You seem to be thinking of authentication as something that tends
>      >> to benefit the server.  In some deployments that's certainly
>      >> true.  However, the client may gain significant benefit from:
>      >>
>      >> * Gaining integrity protection over its communications
>      >>
>      >> * Preventing third-parties from disrupting state it establishes.
>
>      Paul> Sure. That is certainly an argument for *allowing* all PCP
>      Paul> requests to be sent over the PA session once one has been
>      Paul> established.
>
> I think it's an argument for requiring, not just allowing.
> That is once you have a session you need to use it.
> Because unless you require that the server doesn't know whether a
> request is from an attacker or the client.

Good point.

> However, this is all about cases where the session is established.
> We're in agreement that many clients will not choose to authenticate
> until they  are required by the server.

OK.

>      >> In addition, I think it's desirable that once a session is
>      >> established, a client be expected to re-authenticate if session
>      >> state is lost, *not* to send requests and let the server force
>      >> re-authentication.
>
>      Paul> IIUC, when a client is first started it may not know if
>      Paul> authentication will be required. Rather it may learn that only
>      Paul> by being forced by the server to authenticate. If it then
>      Paul> reboots, losing its PA SA state, it will be back in the same
>      Paul> position it was initially. Else you will be forcing it to
>      Paul> maintain persistent state across reboots.
>
> O, sorry.
> Our requirements seem compatible here but we focused on different sides.
>
> You said that when I client discovered a server had lost sessions it
> should try the request without reauthentication.
> To me that implies the client expects a session.
> In that case, I would prefer the client authenticate.

OK. That seems reasonable. To restate:

If the client sends a request within a session, and receives an error 
from the server indicating that the server doesn't know of that session, 
then the client SHOULD/MUST first request a new session, and only 
retransmit the original request after that session is established.

(Corner case: the new authentication fails. Maybe the server reset to 
different credentials, that the client doesn't have. Should the client 
try the request again, in case it might work without authentication?)

> We are in agreement that clients having lost authentication sessions and
> not wishing to authenticate before sending a request should just send an
> unauthenticated request.

Good.

>      Paul> Surely if it *knows* it can preemptively authenticate. But if
>      Paul> it doesn't know then things should still work.
>
> I'd say MUST instead of can, but we're basically in agreement here.
> MUST because you open up attacks that the software implementor will
> typically not be in a position to evaluate if you choose not to
> authenticate in the case where you know you lost a session.
> (I'd be OK with SHOULD)
> We're in agreement though that if you don't know you've lost a session
> it needs to still work.

I think we are aligned here.

>      >> However, I do agree with you that we need a mechanism for the
>      >> server to indicate that it has lost state.  That's only a hint to
>      >> the client.  Since that indication will not be
>      >> integrity-protected, it may be sent by an attacker.  A client MAY
>      >> disregard it, for example if the client suspects a DOS attack.
>      >> Generally, though a client SHOULD try and re-authenticate,
>      >> discarding the session state only when re-authentication is
>      >> successful.
>
>      Paul> Re-authentication requires the client and server to both have
>      Paul> the prior session state. So that path won't work in cases
>      Paul> where one has forgotten the state.
>
> I was using re-authentication with its English meaning not as a term of
> art from the document.
> Sorry for the confusion.
> With that clarification are we basically on the same page?

Yes, I think so.

I fear it may take some heavy editing to make the document agree with this.

And, the changes may impact the security properties. But that is your 
playground!

	Thanks,
	Paul

v2.23.0 | Report a Bug | By Email