Re: #1207: Signature Negotiation and Want-Signature
squid3@treenet.co.nz Tue, 27 July 2021 12:34 UTC
Return-Path: <ietf-http-wg-request+bounce-httpbisa-archive-bis2juki=lists.ie@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 357A63A24ED for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Tue, 27 Jul 2021 05:34:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.897
X-Spam-Level:
X-Spam-Status: No, score=-2.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HEADER_FROM_DIFFERENT_DOMAINS=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uOVQBSyQwI-M for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Tue, 27 Jul 2021 05:34:32 -0700 (PDT)
Received: from lyra.w3.org (lyra.w3.org [128.30.52.18]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3B86C3A2501 for <httpbisa-archive-bis2Juki@lists.ietf.org>; Tue, 27 Jul 2021 05:34:31 -0700 (PDT)
Received: from lists by lyra.w3.org with local (Exim 4.92) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1m8MFc-0005lH-Ee for ietf-http-wg-dist@listhub.w3.org; Tue, 27 Jul 2021 12:32:00 +0000
Resent-Date: Tue, 27 Jul 2021 12:32:00 +0000
Resent-Message-Id: <E1m8MFc-0005lH-Ee@lyra.w3.org>
Received: from mimas.w3.org ([128.30.52.79]) by lyra.w3.org with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from <squid3@treenet.co.nz>) id 1m8MFa-0005kU-Je for ietf-http-wg@listhub.w3.org; Tue, 27 Jul 2021 12:31:58 +0000
Received: from [101.98.39.247] (helo=treenet.co.nz) by mimas.w3.org with esmtp (Exim 4.92) (envelope-from <squid3@treenet.co.nz>) id 1m8MFY-00083W-BW for ietf-http-wg@w3.org; Tue, 27 Jul 2021 12:31:58 +0000
Received: from webmail.treenet.co.nz (rio [127.0.0.1]) by treenet.co.nz (Postfix) with ESMTPA id BEF30300181 for <ietf-http-wg@w3.org>; Wed, 28 Jul 2021 00:31:37 +1200 (NZST)
MIME-Version: 1.0
Date: Wed, 28 Jul 2021 00:31:37 +1200
From: squid3@treenet.co.nz
To: ietf-http-wg@w3.org
In-Reply-To: <B9DFE3B9-A4B5-4749-ADF9-F4369689E223@mit.edu>
References: <B9DFE3B9-A4B5-4749-ADF9-F4369689E223@mit.edu>
User-Agent: Roundcube Webmail/1.4.11
Message-ID: <5c226215e9b57b703f4b08c6d6cf7eda@treenet.co.nz>
X-Sender: squid3@treenet.co.nz
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 8bit
Received-SPF: pass client-ip=101.98.39.247; envelope-from=squid3@treenet.co.nz; helo=treenet.co.nz
X-W3C-Hub-Spam-Status: No, score=-4.1
X-W3C-Hub-Spam-Report: BAYES_00=-1.9, RDNS_NONE=0.793, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, W3C_AA=-1, W3C_IRA=-1, W3C_WL=-1
X-W3C-Scan-Sig: mimas.w3.org 1m8MFY-00083W-BW dd96b8f88566a4e39013c034ef0176dd
X-Original-To: ietf-http-wg@w3.org
Subject: Re: #1207: Signature Negotiation and Want-Signature
Archived-At: <https://www.w3.org/mid/5c226215e9b57b703f4b08c6d6cf7eda@treenet.co.nz>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/39087
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <https://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>
On 2021-07-24 08:52, Justin Richer wrote: > The editors of the signatures draft are looking at what it would take > to add a negotiation feature to the Message Signatures draft, as > it’s been requested a number of times and tracked specifically in > http-extensions issue #1207. I want to give our rough strawman here > and gather feedback, which we’ll then incorporate into a more > concrete PR. None of this is meant to be spec-level text, but we’re > looking for feedback on the approach, applicability, and extent of > this feature. > FWIW, I support the spec containing this feature. It is always nice to have a spec to follow instead of having to deal with interoperability problems caused by ad-hoc developer ideas. > > A few core open questions we aren’t sure on (or, quite frankly, the > editors disagree on where to start): > > - When multiple values are sent, is this an AND or an OR of > parameters? Do I have to send something that fits only one, or one for > each, or one for all of them, or … ? I propose that the values are independent. So that an agent can require one signature, and offer to accept others for better cross-validation if provided. I can forsee some corporate/national policy requiring algorithm A which is outdated/insecure trying to operate in a world that has migrated to some better algorithm B already. Giving developers and admin the ability to say "require A, also check B" > - Could a signature response include additional fields as opposed to > just what’s listed? So let’s say I ask for (a b c), is it OK if I > get (a b c d) in response? IMO that should be a clear MUST NOT. Since (d) was not suggested to be part of the signature there is no way for intermediaries to know that they MUST NOT alter its value. One should thus expect (d) to be different in recipient and sender views of the world. As a result, any signature they try to calculate from their different values can only be expected to mismatch. > Ordering of the signed elements isn’t an > issue here with how signatures are generated, more an issue of set > math. > - Similarly, what about parameters on the signed request? Can I fill > in a “keyid" if none is specified? What about “alg”? I would > assume “created” would always be added. Could I substitute a > parameter value? > - How do we handle error conditions if the responder is unable to > fulfill the parameters of the requested signature? Should this be > handled with an all out error or could we reply “successfully” but > have a separate signature that doesn’t meet parameters? > - Bikeshedding: should this be Want-Signature? Accept-Signature? > Really-Need-You-To-Sign-This? > I propose that it may be useful to define both Accept-* and Want-* header names (or whatever equivalents) to manage the optional vs mandatory difference in use-cases of security vs transmission correctness validation. * Accept-Signature being an OPTIONAL sign. Sender SHOULD/MAY/ought-to sign using this signature pattern, but recipient(s) will not reject messages that lack it simply because of that lack. As a bonus intermediaries can add these if they want validation across certain hops. * Want-Signature being MUST sign. Recipient MUST reject the message if the signature is not provided. MUST NOT be touched by intermediaries. > And finally this brings up another higher-level question: how does > this align with, or possibly subsume, the > http-origin-signed-responses[3] work from WEBPACK? Now that Message > Signatures more properly covers responses and has clearer algorithm > and key identifiers, the kinds of signed exchange defined in that > draft are more able to be expressed using Message Signatures. This > “Want-Signature” element is perhaps the last missing piece, as the > WEBPACK proposal defines an “Accept-Signature” header with similar > functions. > > Thanks, > > — Justin > > [1] https://github.com/httpwg/http-extensions/issues/1207 > [2] > https://httpwg.org/http-extensions/draft-ietf-httpbis-message-signatures.html#section-2.3.11 > [3] > https://wicg.github.io/webpackage/draft-yasskin-http-origin-signed-responses.html AYJ
- #1207: Signature Negotiation and Want-Signature Justin Richer
- Re: #1207: Signature Negotiation and Want-Signatu… squid3
- Re: #1207: Signature Negotiation and Want-Signatu… Justin Richer