IETF Logo Mail Archive

Re: [Gen-art] [Id-event] Genart last call review of draft-ietf-secevent-http-poll-09

Phillip Hunt <phil.hunt@independentid.com> Fri, 12 June 2020 22:11 UTC

Return-Path: <phil.hunt@independentid.com>
X-Original-To: gen-art@ietfa.amsl.com
Delivered-To: gen-art@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0FFBC3A1047 for <gen-art@ietfa.amsl.com>; Fri, 12 Jun 2020 15:11:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.894
X-Spam-Level:
X-Spam-Status: No, score=-1.894 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_FONT_LOW_CONTRAST=0.001, HTML_MESSAGE=0.001, MIME_QP_LONG_LINE=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=independentid-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lc3FJAYQLmNK for <gen-art@ietfa.amsl.com>; Fri, 12 Jun 2020 15:10:57 -0700 (PDT)
Received: from mail-pl1-x644.google.com (mail-pl1-x644.google.com [IPv6:2607:f8b0:4864:20::644]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E787A3A104E for <gen-art@ietf.org>; Fri, 12 Jun 2020 15:10:56 -0700 (PDT)
Received: by mail-pl1-x644.google.com with SMTP id y18so4297807plr.4 for <gen-art@ietf.org>; Fri, 12 Jun 2020 15:10:56 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=independentid-com.20150623.gappssmtp.com; s=20150623; h=content-transfer-encoding:from:mime-version:subject:date:message-id :references:cc:in-reply-to:to; bh=HETrl0YNo5L1EIAcvttGs6/qEKJbU+/mAPrk5QcQBNQ=; b=191O/Wcn+ikWDmVxSXqMCSn5w6Jhl4BA1iPAoDSTkULyQ6hHf3o5oy0k4VlQ9WnKwB LikJCW/7Fja9FdcAthf3BNPgKJuVqjiLekwxICKA7Z42i5wxGw6FbXURWC3McqXDS8Zw vNEFwKRmfbA6ylgAArb07IIO9KGXHYK8X+uR8CKkXztm76U6tDQufyRLjVow1932a1L/ gEZucrD0gVYBbtjSuII65sxbflK/xYlUub59OLAfQusuAEzEAC7Kcv9/g1wP4KVjm2GX mWbpi6+4nAlnpOQhXKJqAgzStVT8im7SSzqNmg4esYxe5r4W36T1oN4cKD1weUCc/dbF 7Dzg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:content-transfer-encoding:from:mime-version :subject:date:message-id:references:cc:in-reply-to:to; bh=HETrl0YNo5L1EIAcvttGs6/qEKJbU+/mAPrk5QcQBNQ=; b=jl/xHuPddQyuyXkGNrD4O+Losv3CaCnKPijvdklqXlazwDbpj2X2UE1qQq/sUrb6N1 JaJe/pkvGTbMKDYVp7k+mcZehQsGHYD9kSH/AODKSZSNPPmvB84hg9O+keDgv7jEAwFW cOZoPoS+LGh0gtYvuKApsp6P4JPXVPwOYQK3GIL2dO/GpxqWGDQ/NjrVBK29591YkJ9W j9Kgz7kjLZFHs8BbtBkpgMlPwuVxh55e++IpUq7/n80FxL+5Yyex751yCgGfwlXLdrFu a//y05FruuI5nOUOnvV5bXr1PjmlnFpOHUsfY1xDu6unMMRg9+MSRSHTZFiNxjSFlzDv JQTg==
X-Gm-Message-State: AOAM530r8swEva2j9dSNAotZS1P7k7fEgM3gue8hK6aSeNwfcR9Senwy JNCJhIzaiNAAQW0Ej/9u26+DOQ==
X-Google-Smtp-Source: ABdhPJyN9x7nqOqSIjYTexHM7e/hQrWpz1eOmtHIbL4QcvHTOPobzgFNE7LZdDOwPRwbJphUQYAyLg==
X-Received: by 2002:a17:90a:2c06:: with SMTP id m6mr1007275pjd.216.1591999855828; Fri, 12 Jun 2020 15:10:55 -0700 (PDT)
Received: from ?IPv6:2001:569:7a71:1d00:d540:d864:53fd:5e42? (node-1w7jr9qrfoxxarmwczuh2q4aq.ipv6.telus.net. [2001:569:7a71:1d00:d540:d864:53fd:5e42]) by smtp.gmail.com with ESMTPSA id w186sm7213359pff.83.2020.06.12.15.10.55 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Fri, 12 Jun 2020 15:10:55 -0700 (PDT)
Content-Type: multipart/alternative; boundary="Apple-Mail-6E90AF8F-5592-4D6E-9917-3CEA5F9ED180"
Content-Transfer-Encoding: 7bit
From: Phillip Hunt <phil.hunt@independentid.com>
Mime-Version: 1.0 (1.0)
Date: Fri, 12 Jun 2020 15:10:54 -0700
Message-Id: <9B8B066B-710E-42AA-AA01-6C672625A68A@independentid.com>
References: <DM6PR00MB06841E5FF4AF6B0D0429F99AF5810@DM6PR00MB0684.namprd00.prod.outlook.com>
Cc: Dick Hardt <dick.hardt@gmail.com>, Yaron Sheffer <yaronf.ietf@gmail.com>, Robert Sparks <rjsparks@nostrum.com>, "Richard Backman, Annabelle" <richanna@amazon.com>, Valery Smyslov <svan@elvis.ru>, "gen-art@ietf.org" <gen-art@ietf.org>, "last-call@ietf.org" <last-call@ietf.org>, "draft-ietf-secevent-http-poll.all@ietf.org" <draft-ietf-secevent-http-poll.all@ietf.org>, "id-event@ietf.org" <id-event@ietf.org>
In-Reply-To: <DM6PR00MB06841E5FF4AF6B0D0429F99AF5810@DM6PR00MB0684.namprd00.prod.outlook.com>
To: Mike Jones <Michael.Jones=40microsoft.com@dmarc.ietf.org>
X-Mailer: iPhone Mail (17F80)
Archived-At: <https://mailarchive.ietf.org/arch/msg/gen-art/oIgjhwIBfTwThv2U7frJK7dONxI>
Subject: Re: [Gen-art] [Id-event] Genart last call review of draft-ietf-secevent-http-poll-09
X-BeenThere: gen-art@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "GEN-ART: General Area Review Team" <gen-art.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/gen-art>, <mailto:gen-art-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/gen-art/>
List-Post: <mailto:gen-art@ietf.org>
List-Help: <mailto:gen-art-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/gen-art>, <mailto:gen-art-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 12 Jun 2020 22:11:00 -0000

+1. Thanks Mike. 

Phil

> On Jun 12, 2020, at 12:12 PM, Mike Jones <Michael.Jones=40microsoft.com@dmarc.ietf.org> wrote:
> 
> 
> It appears to me that Yaron, Dick, Annabelle, and Atul Tulshibagwale (on the OpenID RISC mailing list) have all advocated mandating TLS in response to Robert Sparks’ and Valery Smyslov’s reviews.  Phil Hunt’s response was that TLS shouldn’t be necessary as long as the SET is “self protected”.
>  
> Given these responses and the now near ubiquity of TLS on the Web, I plan to edit the two drafts to make it clear that TLS is required to use these transports.  If it makes editorial sense, I plan to try to preserve the informative guidance that’s currently present about considerations for using non-secured transports, while making it clear that that guidance doesn’t apply to these transport mechanisms.  I’m thinking of moving those statements to a non-normative appendix.
>  
> Hopefully we can wrap this up soon and get the new versions scheduled for an upcoming telechat.
>  
>                                                        Cheers,
>                                                        -- Mike
>  
> From: Richard Backman, Annabelle <richanna@amazon.com> 
> Sent: Tuesday, June 9, 2020 4:40 PM
> To: Dick Hardt <dick.hardt@gmail.com>; Mike Jones <Michael.Jones@microsoft.com>
> Cc: last-call@ietf.org; Valery Smyslov <svan@elvis.ru>; gen-art@ietf.org; Yaron Sheffer <yaronf.ietf@gmail.com>; draft-ietf-secevent-http-poll.all@ietf.org; id-event@ietf.org; Robert Sparks <rjsparks@nostrum.com>
> Subject: Re: [Id-event] Genart last call review of draft-ietf-secevent-http-poll-09
>  
> While TLS may be redundant in some cases, in practice I don’t see the requirement to use TLS materially impacting deployments that fit that edge case. Transmitters/receivers that would be burdened by the code/time/CPU/memory costs of TLS are probably not going to be communicating via HTTP in the first place.
>  
> –
> Annabelle Backman (she/her)
> AWS Identity
> https://aws.amazon.com/identity/
>  
>  
> From: Id-event <id-event-bounces@ietf.org> on behalf of Dick Hardt <dick.hardt@gmail.com>
> Date: Tuesday, June 9, 2020 at 12:04 PM
> To: Mike Jones <Michael.Jones@microsoft.com>
> Cc: "last-call@ietf.org" <last-call@ietf.org>, Valery Smyslov <svan@elvis.ru>, "gen-art@ietf.org" <gen-art@ietf.org>, Yaron Sheffer <yaronf.ietf@gmail.com>, "draft-ietf-secevent-http-poll.all@ietf.org" <draft-ietf-secevent-http-poll.all@ietf.org>, "id-event@ietf.org" <id-event@ietf.org>, Robert Sparks <rjsparks@nostrum.com>
> Subject: RE: [EXTERNAL] [Id-event] Genart last call review of draft-ietf-secevent-http-poll-09
>  
> CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you can confirm the sender and know the content is safe.
> 
>  
> There were concerns mandating TLS for any SET as it restricts the use of SET to TLS transports. I would guess the language in the draft-ietf-secevent-http-pull and draft-ietf-secevent-http-poll followed that thinking.
>  
> I my personal opinion, mandating TLS for HTTP transports is reasonable (which is what the specs in discussion use), and that should be changed in both draft-ietf-secevent-http-pull and draft-ietf-secevent-http-poll
>  
> /Dick
>  
> On Mon, Jun 8, 2020 at 6:18 PM Mike Jones <Michael.Jones@microsoft.com> wrote:
> I agree that the spec should give clear guidance on whether TLS is required.  People should read Phil Hunt's comments (which I just forwarded to the list) and consider where we'd like to land in this regard.
> 
> I agree that if we decide to mandate TLS, rather than simply integrity-protected SETS, we should modify the Section 3 text below:
>    The SET delivery method described in this specification is based upon
>    HTTP and HTTP over TLS [RFC2818] and/or standard HTTP authentication
>    and authorization schemes, as per [RFC7235].
> to remove the "HTTP and".
> 
> Likewise, we'd need to revise 4.3 to remove the non-TLS choice.  We can also revise the first sentence of 4.4.1 to make it clear that 6750 requires TLS, regardless of other decisions we make.
> 
> Note that some of the language in question is also present in draft-ietf-secevent-http-push, so we should apply consistent changes there as well.
> 
> I hope to hear back from the working group with your thoughts this week.
> 
>                                 -- Mike
> 
> -----Original Message-----
> From: Yaron Sheffer <yaronf.ietf@gmail.com> 
> Sent: Friday, June 5, 2020 9:36 AM
> To: Mike Jones <Michael.Jones@microsoft.com>; Robert Sparks <rjsparks@nostrum.com>; gen-art@ietf.org; Valery Smyslov <svan@elvis.ru>
> Cc: last-call@ietf.org; draft-ietf-secevent-http-poll.all@ietf.org; id-event@ietf.org
> Subject: Re: [Id-event] Genart last call review of draft-ietf-secevent-http-poll-09
> 
> Hi Mike,
> 
> The document is very ambiguous regarding the use of TLS, and frankly I wish we noticed it earlier.
> 
> - The first sentence of Sec. 3 has TLS as one of two options: "The SET delivery method described in this specification is based upon HTTP and HTTP over TLS [RFC2818] and/or standard HTTP authentication and authorization schemes, as per [RFC7235]. "
> 
> - Similarly in Sec. 4.3, TLS is mentioned as one alternative, not a requirement: "In such cases, SET Transmitters and SET Recipients MUST protect the confidentiality of the SET contents by encrypting the SET as described in JWE [RFC7516], using a transport-layer security mechanism such as TLS, or both. "
> 
> - Sec. 4.4.1 (first sentence) also treats TLS as conditional.
> 
> My personal opinion is that nowadays we can simply mandate TLS, but I'm open to discuss it. Whatever the WG chooses, the document needs to be clear and consistent.
> 
> Thanks,
>         Yaron
> 
> On 6/5/20, 19:22, "Mike Jones" <Michael.Jones@microsoft.com> wrote:
> 
>     That TLS is used is specified in the first sentence of the introduction at https://tools.ietf.org/html/draft-ietf-secevent-http-poll-09#section-1.  It's also in the first paragraph of https://tools.ietf.org/html/draft-ietf-secevent-http-poll-09#section-3..
> 
>     The new privacy considerations text was requested by Valery Smyslov in the SecDir review of push.  I also added it here.  I did think it was odd that it was requested when TLS is required, but it seemed harmless to add it.  If you like, I could clarify that this should never occur.
> 
>                                 -- Mike
> 
>     -----Original Message-----
>     From: Yaron Sheffer <yaronf.ietf@gmail.com> 
>     Sent: Friday, June 5, 2020 8:26 AM
>     To: Mike Jones <Michael.Jones@microsoft.com>; Robert Sparks <rjsparks@nostrum.com>; gen-art@ietf.org
>     Cc: last-call@ietf.org; draft-ietf-secevent-http-poll.all@ietf.org; id-event@ietf.org
>     Subject: Re: [Id-event] Genart last call review of draft-ietf-secevent-http-poll-09
> 
>     Hi Mike,
> 
>     I'm looking at the latest PR, specifically at the Poll document. I can see that you changed the text around signing SETs, but I don't see any new (or existing) text that requires HTTPS as you noted in your response to Robert.
> 
>     I even see this new text "If SETs are transmitted over unencrypted channels" that confuses me even more. For the latter, maybe you meant something like: If SETs are transmitted over unencrypted channels while being processed in an otherwise protected system.
> 
>     Thanks,
>         Yaron
> 
>     On 6/5/20, 03:49, "Mike Jones" <Michael.Jones@microsoft.com> wrote:
> 
>         Thanks for the quick reply.  My responses are inline, prefixed by "Mike>".
> 
>         -----Original Message-----
>         From: Robert Sparks <rjsparks@nostrum.com> 
>         Sent: Thursday, June 4, 2020 2:51 PM
>         To: Mike Jones <Michael.Jones@microsoft.com>; gen-art@ietf.org
>         Cc: last-call@ietf.org; draft-ietf-secevent-http-poll.all@ietf.org; id-event@ietf.org
>         Subject: Re: [Id-event] Genart last call review of draft-ietf-secevent-http-poll-09
> 
> 
>         On 6/4/20 4:27 PM, Mike Jones wrote:
>         > Thanks for your review, Robert.  I'm working on addressing the review comments received and wanted to have a clarifying discussion on some of yours before deciding what corresponding edits to make.
>         >
>         > I think there's a misunderstanding about "jti" values and the security 
>         > model.  Because communication is over a TLS-protected channel
> 
>         Not always, and that's an important part of my point.
> 
>         See the first sentence of section 4.1:
> 
>         "   In scenarios where HTTP authorization or TLS mutual authentication
>             are not used or are considered weak, "
> 
>         Mike> Frankly, the text you're citing never seemed very clear or well motivated to me.  It was written by an earlier editor who since stopped working on the spec.  I'm going to just remove it and unambiguously require HTTPS.
> 
>         > between two parties, it would be fine if the JTI values were totally guessable, such as "A", "B", "C", etc.  There's no opportunity for an attacker to inject traffic into or to listen to the stream.  Does that make sense to you?
>         _If_ it were never possible for authorization to be weak or for TLS auth to not be used, then sure. But the exception you call out at 4.1 exactly allows someone to be an attacker this way.
>         >
>         > As for limits on how long a transmitter is required to hold a SET, I propose to add this text:
>         >        Transmitters may also discard undelivered SETs under deployment-specific conditions,
>         >        such as if they have not been polled for over too long a period of time
>         >        or if an excessive amount of storage is needed to retain them.
>         That's better, but consider being a bit more specific about "too long".
> 
>         Mike> That's deployment-specific, but I'm open to wording suggestions.
> 
>         >
>         >                               -- Mike
>         >
>         > -----Original Message-----
>         > From: Id-event <id-event-bounces@ietf.org> On Behalf Of Robert Sparks 
>         > via Datatracker
>         > Sent: Friday, May 8, 2020 11:57 AM
>         > To: gen-art@ietf.org
>         > Cc: last-call@ietf.org; draft-ietf-secevent-http-poll.all@ietf.org; 
>         > id-event@ietf.org
>         > Subject: [Id-event] Genart last call review of 
>         > draft-ietf-secevent-http-poll-09
>         >
>         > Reviewer: Robert Sparks
>         > Review result: Ready with Issues
>         >
>         > I am the assigned Gen-ART reviewer for this draft. The General Area Review Team (Gen-ART) reviews all IETF documents being processed by the IESG for the IETF Chair.  Please treat these comments just like any other last call comments.
>         >
>         > For more information, please see the FAQ at
>         >
>         > <https://trac.ietf.org/trac/gen/wiki/GenArtfaq>.
>         >
>         > Document: draft-ietf-secevent-http-poll-09
>         > Reviewer: Robert Sparks
>         > Review Date: 2020-05-08
>         > IETF LC End Date: 2020-05-13
>         > IESG Telechat date: Not scheduled for a telechat
>         >
>         > Summary: Essentially ready but with some issues to consider before 
>         > publishing as a Proposed Standard RFC
>         >
>         > This document is well-written and easy to follow.
>         >
>         > I have a couple of edge-case issues that I think should be considered though:
>         >
>         > This document allows, and anticipates, deployments where Recipients are not well authenticated. See, for example, the first sentence of section 4.1. There is also an unstated expectation in the document that the jti of each SET is hard to guess.  If it's reasonably easy to guess jti values, a malicious Recipient could ack SETs it has never received and the Transmitter will remove that state, preventing a valid Recipient from ever receiving that SET.
>         >
>         > If that's an explicit requirement in the jwt or SET base documents for the jti to be hard to guess, please point me to it? If there's not, perhaps a short discussion in the security considerations requiring this property would be worthwhile?
>         >
>         > Is there a discussion somewhere of how long the transmitter is required to hold a given SET for a Recipient? Forever seems unreasonable.
>         >
>         >
>         >
>         > _______________________________________________
>         > Id-event mailing list
>         > Id-event@ietf.org
>         > https://www.ietf.org/mailman/listinfo/id-event
> 
> 
> 
> ᐧ
> _______________________________________________
> Id-event mailing list
> Id-event@ietf.org
> https://www.ietf.org/mailman/listinfo/id-event

v2.23.0 | Report a Bug | By Email