IETF Logo Mail Archive

Re: HTTP Unprompted Authentication

David Schinazi <dschinazi.ietf@gmail.com> Wed, 19 October 2022 22:12 UTC

Return-Path: <ietf-http-wg-request+bounce-httpbisa-archive-bis2juki=lists.ie@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9136AC1524C7 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Wed, 19 Oct 2022 15:12:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.76
X-Spam-Level:
X-Spam-Status: No, score=-2.76 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.249, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zmWOvyguYx8K for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Wed, 19 Oct 2022 15:12:21 -0700 (PDT)
Received: from lyra.w3.org (lyra.w3.org [128.30.52.18]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A8186C15E3E6 for <httpbisa-archive-bis2Juki@lists.ietf.org>; Wed, 19 Oct 2022 15:12:03 -0700 (PDT)
Received: from lists by lyra.w3.org with local (Exim 4.94.2) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1olHFF-005IWn-Hb for ietf-http-wg-dist@listhub.w3.org; Wed, 19 Oct 2022 22:09:01 +0000
Resent-Date: Wed, 19 Oct 2022 22:09:01 +0000
Resent-Message-Id: <E1olHFF-005IWn-Hb@lyra.w3.org>
Received: from mimas.w3.org ([128.30.52.79]) by lyra.w3.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from <dschinazi.ietf@gmail.com>) id 1olHFD-005IV5-Im for ietf-http-wg@listhub.w3.org; Wed, 19 Oct 2022 22:08:59 +0000
Received: from mail-ej1-x62e.google.com ([2a00:1450:4864:20::62e]) by mimas.w3.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (Exim 4.94.2) (envelope-from <dschinazi.ietf@gmail.com>) id 1olHFB-00G15n-J7 for ietf-http-wg@w3.org; Wed, 19 Oct 2022 22:08:59 +0000
Received: by mail-ej1-x62e.google.com with SMTP id d26so43138382eje.10 for <ietf-http-wg@w3.org>; Wed, 19 Oct 2022 15:08:57 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=m9vdPcF/ZJwnrIVwB4VOrDg/ujBxcEdjZ3gFaH3nW4U=; b=jhxLw7zG84pGiY+ZauIvwIA/U9u67tdDx1SblCa5737PLErsNolbip1g0qE62irZvV tVLT7ZgWVI+h00Tk67RrYwnFWub6JVT8cd4NogQ8trPbEoZRT4n4qfy8S/D8EHd5tP79 cY2vN7X1LfxEg+4+CbowJHM6HI9EsqK/4eruo3Mvwzj9E8vVXwCJiI6GyJ71LJ2bFvzF JQ3xjYSzRWk+kkhQnC1eqh5np0Ehdsbjevdocf47pdF4r386p9UfhoxuflSzloPmUDG5 KNntUHlDGVdCT5XEg2tpvWSPtzOTQUQdJ6N/Q4a065LO5wFcuWMgd7bhqFy/lkqIVw7a derw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=m9vdPcF/ZJwnrIVwB4VOrDg/ujBxcEdjZ3gFaH3nW4U=; b=F5JBD7rM+r2Zj/F4JdwCxN9Tk1+ZkZ/pn4gdsxTKTNt7BufwDfEFvg/wqc90CotkbO j8wQ5KU5gbezQVZ/DxH0V7kHfHPFFEe029i8SLFsGTA+NMJkTYSkfl2OXvptfSm4DdQk pqVUP98nisuOhy0dZau+Z563vRY5Tj1W9zTc5a82MIS4NdBsI+Y19fSqYm3LhQFClk3i V9x6cTmavOKBoQSYce7WhUGtKXhZ69g2wAh9KzpQYmq7zCO9QvQdgFKW6sl3uzpxoyca ee9+YzuRflIVphTzP4ye4kGUN56FaEP+h5BN/CNBK6W5zPv1HJaJ9EfLn7Gf4tidKJES Tu/Q==
X-Gm-Message-State: ACrzQf0O2Er4izxsW4hnvRuyKynNZkt6ORn1GwXLCjxxyyn/Wecqir/q zyd+orMYh+kTf2Vyene7PD67AlgzNJ969gnDZ0Lq3rIF
X-Google-Smtp-Source: AMsMyM6W5pqY023QBZ/Z3UWNf8YYRWzwl7MEK13GIuNifcx6qOpnjl6/X9fXJ6ojCVEIrlEnXoj+mkFZxIQmGwbbpG4=
X-Received: by 2002:a17:906:7621:b0:750:c4a3:8fcd with SMTP id c1-20020a170906762100b00750c4a38fcdmr8926473ejn.180.1666217326463; Wed, 19 Oct 2022 15:08:46 -0700 (PDT)
MIME-Version: 1.0
References: <CAHbrMsCWsLsaNXi4J+DbOvpvjxx8m11F0NpgEeZUY34n89hYtQ@mail.gmail.com> <CAPDSy+7-XDSSeqFx5FWkSbej6fAGvvMdDKExghgS0DO6BeGL=g@mail.gmail.com> <CAHbrMsCTqiuqNHbuLJTY5E0u2obOYcVNcPUwt4Eg6=YggWLcZw@mail.gmail.com>
In-Reply-To: <CAHbrMsCTqiuqNHbuLJTY5E0u2obOYcVNcPUwt4Eg6=YggWLcZw@mail.gmail.com>
From: David Schinazi <dschinazi.ietf@gmail.com>
Date: Wed, 19 Oct 2022 15:08:34 -0700
Message-ID: <CAPDSy+4ZXvgwT6eQteqEUacuQ5fXRoq_DDyebrz5T-3SxzG3oQ@mail.gmail.com>
To: Ben Schwartz <bemasc@google.com>
Cc: HTTP Working Group <ietf-http-wg@w3.org>
Content-Type: multipart/alternative; boundary="000000000000dccee905eb6a73d5"
Received-SPF: pass client-ip=2a00:1450:4864:20::62e; envelope-from=dschinazi.ietf@gmail.com; helo=mail-ej1-x62e.google.com
X-W3C-Hub-DKIM-Status: validation passed: (address=dschinazi.ietf@gmail.com domain=gmail.com), signature is good
X-W3C-Hub-Spam-Status: No, score=-6.1
X-W3C-Hub-Spam-Report: BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, W3C_AA=-1, W3C_DB=-1, W3C_IRA=-1, W3C_WL=-1
X-W3C-Scan-Sig: mimas.w3.org 1olHFB-00G15n-J7 a32150795ada7e8f52a0732e4ff5825b
X-Original-To: ietf-http-wg@w3.org
Subject: Re: HTTP Unprompted Authentication
Archived-At: <https://www.w3.org/mid/CAPDSy+4ZXvgwT6eQteqEUacuQ5fXRoq_DDyebrz5T-3SxzG3oQ@mail.gmail.com>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/40470
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <https://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

You summarized the landscape pretty well - the main goal of asymmetric
cryptography here is the case where the origin is sharded (e.g., the
multi-CDN use case) and you don't want one of the shards to be able to
impersonate a user to another shard. An example scenario is running
on-ramps to Tor distributed amongst volunteers. This allows you to share
the credentials of authorized users while preventing impersonation. I also
agree with you that paths tend to leak not only in browser history, but in
server access logs, etc.

David

On Wed, Oct 19, 2022 at 6:59 AM Ben Schwartz <bemasc@google.com> wrote:

>
>
> On Tue, Oct 18, 2022 at 5:49 PM David Schinazi <dschinazi.ietf@gmail.com>
> wrote:
>
>> Hi Ben,
>>
>> I don't think confidential HTTP resources are a solved problem. The
>> unguessable path approach you describe is similar to a shared secret (à la
>> symmetric cryptography) but there is no equivalent for
>> asymmetric cryptography.
>>
>
> I would appreciate some explanation of why asymmetric cryptography is
> helpful in Unprompted Authentication.
>
> Normally, asymmetric signatures are used to prevent the verifier, or an
> onlooker, from impersonating the signer.  However, that consideration does
> not apply here, because the exchange is already confidential (thanks to
> "https") between the verifier (the origin) and the signer (the client) so
> there are no (untrusted) onlookers, and there is only one potential
> verifier (the origin itself).
>
> Another possible threat would be an onlooker on the "bootstrap" path. e.g.
> the email exchange in which the client learned about this confidential
> resource.  However, such an onlooker has already learned about the
> existence of the resource, thus defeating the confidentiality protection,
> so it must be excluded from the threat model.
>
> If client keys are reused across multiple origins, this could justify the
> use of asymmetric cryptography, but that would be a bad idea anyway for
> linkability reasons.
>
> If I were trying to make the strongest case for Unprompted Authentication,
> it would be that "unguessable" URLs tend to leak in browser history,
> whereas other authorization credentials are more easily protected.  This
> could justify the new HTTP header, but it doesn't imply any use of
> asymmetric crypto.
>
>
>> While I think your draft is interesting and worth discussing, I think the
>> technology overlap isn't big enough to warrant discussing the two drafts
>> together - they're separate proposals with different goals.
>>
>
> They're definitely separate, and use unrelated technology.  I do think the
> ultimate goals overlap considerably.
>
>>

v2.23.0 | Report a Bug | By Email