Re: Web Keys and HTTP Signatures

Stephen Farrell <stephen.farrell@cs.tcd.ie> Thu, 18 April 2013 14:03 UTC

Return-Path: <ietf-http-wg-request@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D79F621F855A for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Thu, 18 Apr 2013 07:03:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.499
X-Spam-Level:
X-Spam-Status: No, score=-6.499 tagged_above=-999 required=5 tests=[AWL=4.100, BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tltubs3Mgjrf for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Thu, 18 Apr 2013 07:03:21 -0700 (PDT)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) by ietfa.amsl.com (Postfix) with ESMTP id E164221F85FC for <httpbisa-archive-bis2Juki@lists.ietf.org>; Thu, 18 Apr 2013 07:03:20 -0700 (PDT)
Received: from lists by frink.w3.org with local (Exim 4.72) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1USpPu-0002Oi-9b for ietf-http-wg-dist@listhub.w3.org; Thu, 18 Apr 2013 14:02:26 +0000
Resent-Date: Thu, 18 Apr 2013 14:02:26 +0000
Resent-Message-Id: <E1USpPu-0002Oi-9b@frink.w3.org>
Received: from maggie.w3.org ([128.30.52.39]) by frink.w3.org with esmtp (Exim 4.72) (envelope-from <stephen.farrell@cs.tcd.ie>) id 1USpPq-0002Na-PD for ietf-http-wg@listhub.w3.org; Thu, 18 Apr 2013 14:02:22 +0000
Received: from mercury.scss.tcd.ie ([134.226.56.6]) by maggie.w3.org with esmtp (Exim 4.72) (envelope-from <stephen.farrell@cs.tcd.ie>) id 1USpPl-0001rv-N3 for ietf-http-wg@w3.org; Thu, 18 Apr 2013 14:02:22 +0000
Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id 412CFBE5F; Thu, 18 Apr 2013 15:01:56 +0100 (IST)
Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NiZGWjZnJOks; Thu, 18 Apr 2013 15:01:56 +0100 (IST)
Received: from [IPv6:2001:770:10:203:cd09:7301:31dd:57e4] (unknown [IPv6:2001:770:10:203:cd09:7301:31dd:57e4]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id 20D85BE51; Thu, 18 Apr 2013 15:01:56 +0100 (IST)
Message-ID: <516FFCD4.8070701@cs.tcd.ie>
Date: Thu, 18 Apr 2013 15:01:56 +0100
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130329 Thunderbird/17.0.5
MIME-Version: 1.0
To: Amos Jeffries <squid3@treenet.co.nz>
CC: ietf-http-wg@w3.org
References: <516F14E1.5040503@digitalbazaar.com> <9DF0F237-62DC-4E82-A545-B09C6083849B@tzi.org> <CADcbRRN2XWa9QwuaXAoxjMdkcguvQiiGq934RXU=-1ntzGpWNQ@mail.gmail.com> <255B9BB34FB7D647A506DC292726F6E1150C90E93E@WSMSG3153V.srv.dir.telstra.com> <CABkgnnXoY3iOH7M=A5hCo+eTnDiPODvgmdnDay0AKUo4PsuoMg@mail.gmail.com> <516FF833.1000401@digitalbazaar.com> <516FFB5D.4000904@treenet.co.nz>
In-Reply-To: <516FFB5D.4000904@treenet.co.nz>
X-Enigmail-Version: 1.5.1
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Received-SPF: none client-ip=134.226.56.6; envelope-from=stephen.farrell@cs.tcd.ie; helo=mercury.scss.tcd.ie
X-W3C-Hub-Spam-Status: No, score=-3.5
X-W3C-Hub-Spam-Report: AWL=-2.985, RP_MATCHES_RCVD=-0.556
X-W3C-Scan-Sig: maggie.w3.org 1USpPl-0001rv-N3 501dbc463bde6fb3687816701ad2e77f
X-Original-To: ietf-http-wg@w3.org
Subject: Re: Web Keys and HTTP Signatures
Archived-At: <http://www.w3.org/mid/516FFCD4.8070701@cs.tcd.ie>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/17333
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

On 04/18/2013 02:55 PM, Amos Jeffries wrote:
> On 19/04/2013 1:42 a.m., Manu Sporny wrote:
>> On 04/17/2013 08:00 PM, Martin Thomson wrote:
>>> Yeah, that's a pretty bad.  Switching two date-formatted headers
>>> might be a simple thing to gain advantage on.  (Last-Modified and
>>> Date, might work to poison a cache with old content if the cache
>>> isn't rigorous about checking Date).  It seems like a simple fix
>>> would be to include the list of headers under the signature as the
>>> first item.
>> Carsten, James, Martin - good catch, thanks. We had assumed that the
>> implementation included the headers names as well as the values in the
>> data being digitally signed. As Dave Lehn pointed out, this is a work in
>> progress, but we wanted to get something out as sooner than later.
>>
>> The attack is only possible if a message is passed over a non-secure
>> channel, right? That is, the spec is clear about passing all messages
>> over HTTPS. Granted, that's not an excuse for the approach taken and it
>> should be fixed, but the attack is only possible if messages are sent
>> over an insecure channel, correct?
> 
> We had this argument out in the Bearer auth discussions. HTTPS is just
> one layer of security, it can (and routinely is) broken into by
> transparent proxies.
> 
> Your auth scheme needs to be as self-contained as possible and take
> advantage of every little bit of security that it can do without relying
> on external layers such as the SSL/TLS layer. It is better to be
> doubly-strong when HTTPS works than to depend on it alone break at the
> first sign of trouble.
> 
> IMO signed message schemes like this stand a far better chance of being
> rolled out if they work on plain-HTTP. There are a number of web
> applications and service which require security without the sledgehammer
> and limitations of TLS.

And in the "other relevant work" thread, aside from httpauth
(where I'm a co-author on a similar-ish proposal [1] and be
happy to chat about it, maybe the http-auth list is better
though), there's also work to use DKIM-like headers for
iSchedule [2]. I've not read this though (yet) to see if
they're all really that different or not.

Cheers,
S.

[1] http://tools.ietf.org/html/draft-farrell-httpbis-hoba
[2] http://tools.ietf.org/html/draft-desruisseaux-ischedule