IETF Logo Mail Archive

Re: Signing Set-Cookie

Nick Harper <ietf@nharper.org> Wed, 01 June 2022 23:23 UTC

Return-Path: <ietf-http-wg-request+bounce-httpbisa-archive-bis2juki=lists.ie@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8D57DC14F721 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Wed, 1 Jun 2022 16:23:18 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.659
X-Spam-Level:
X-Spam-Status: No, score=-7.659 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HEADER_FROM_DIFFERENT_DOMAINS=0.25, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id D94blVojYwIs for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Wed, 1 Jun 2022 16:23:14 -0700 (PDT)
Received: from lyra.w3.org (lyra.w3.org [128.30.52.18]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 67424C15948C for <httpbisa-archive-bis2Juki@lists.ietf.org>; Wed, 1 Jun 2022 16:23:13 -0700 (PDT)
Received: from lists by lyra.w3.org with local (Exim 4.92) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1nwXeA-0002P5-He for ietf-http-wg-dist@listhub.w3.org; Wed, 01 Jun 2022 23:21:02 +0000
Resent-Date: Wed, 01 Jun 2022 23:21:02 +0000
Resent-Message-Id: <E1nwXeA-0002P5-He@lyra.w3.org>
Received: from titan.w3.org ([128.30.52.76]) by lyra.w3.org with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from <nharper@nharper.org>) id 1nwXe9-0002Nu-9q for ietf-http-wg@listhub.w3.org; Wed, 01 Jun 2022 23:21:01 +0000
Received: from mail-oi1-f180.google.com ([209.85.167.180]) by titan.w3.org with esmtps (TLS1.3:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.92) (envelope-from <nharper@nharper.org>) id 1nwXe7-0006uu-Sv for ietf-http-wg@w3.org; Wed, 01 Jun 2022 23:21:01 +0000
Received: by mail-oi1-f180.google.com with SMTP id v9so4600725oie.5 for <ietf-http-wg@w3.org>; Wed, 01 Jun 2022 16:20:59 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=UAobtEGMUITaiJamjiImEtUkqJ/OR/Lb85RQ5H8y8Is=; b=wXN6BdF3PP7dUF9yEOWodE4J7pdv7QGenJIzc0qEfXSXY7X08i52j4td/t48zKC/iM 9ytwAtQJvXJvQVQEzqJMdaIfLA+P41bBjuajIwMikv0xWLMpFQA0hWuTTgNpU+3ZR6ZN xKgROKjUz5devJPjke8nupz6DoIDU63WFpRG2MGOxc6IrTC2Dg01tb30JZZyZDnb3Vx/ 39MkZShzdrUYCX1yX4pxNa5hUdK4YGn+/Px25vaEsFZOA6gqqgpBrgTaIifjs4L7BSWZ 3S/BE6pAT38rsz9KRvuFOB2+/YGeEQM94bJJY15btWT93iO+d5Za1sH7VEls3aYPJkGi UJaQ==
X-Gm-Message-State: AOAM53032IO3cAWL9WAkaZ4vgrxURCYtDb7zQ2qUA2OUhbGd08o7Rj6V 1VtsPkLGzqDdckbuXwARjucT/wdvyBW1STVkYueXVM5PFZGKQQ==
X-Google-Smtp-Source: ABdhPJxuiWECc37WPLxsHygmZ7+xYufexdABqIxe1Lo99z1KnKbfmFsSjf4GQu2QVV4wGrQCN3y1VTQaxShOr+eRhzY=
X-Received: by 2002:a05:6808:347:b0:32b:b968:6ff8 with SMTP id j7-20020a056808034700b0032bb9686ff8mr1079736oie.243.1654125648152; Wed, 01 Jun 2022 16:20:48 -0700 (PDT)
MIME-Version: 1.0
References: <A0601849-2870-4150-9926-5FA706D7F6DE@mit.edu>
In-Reply-To: <A0601849-2870-4150-9926-5FA706D7F6DE@mit.edu>
From: Nick Harper <ietf@nharper.org>
Date: Wed, 01 Jun 2022 16:20:37 -0700
Message-ID: <CACcvr==K0gjhOaBaxt8vK80UYo1tAHVrh78yCcAEMvwx4tT=ag@mail.gmail.com>
To: Justin Richer <jricher@mit.edu>
Cc: HTTP Working Group <ietf-http-wg@w3.org>
Content-Type: multipart/alternative; boundary="000000000000ac231e05e06b23a5"
Received-SPF: none client-ip=209.85.167.180; envelope-from=nharper@nharper.org; helo=mail-oi1-f180.google.com
X-W3C-Hub-Spam-Status: No, score=-3.9
X-W3C-Hub-Spam-Report: BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01, W3C_AA=-1, W3C_WL=-1
X-W3C-Scan-Sig: titan.w3.org 1nwXe7-0006uu-Sv cac70b18c04be41dc1db803edf0c36c0
X-Original-To: ietf-http-wg@w3.org
Subject: Re: Signing Set-Cookie
Archived-At: <https://www.w3.org/mid/CACcvr==K0gjhOaBaxt8vK80UYo1tAHVrh78yCcAEMvwx4tT=ag@mail.gmail.com>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/40061
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <https://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

A Set-Cookie header could have a comma in it (e.g. in the Expires= or Path=
parts), which means that it's probably possible for two different
combinations of Set-Cookie headers to be concatenated/canonicalized to the
same value. I'm not certain there's an attack here, but this seems
potentially problematic enough that this should be given more consideration.

On Wed, Jun 1, 2022 at 2:39 PM Justin Richer <jricher@mit.edu> wrote:

> The Set-Cookie header syntax is weird in that it doesn’t allow for
> concatenation in the normal List syntax. The Signature spec relies on this
> concatenation for the combination of values of headers that show up
> multiple times. This discrepancy is called out in this issue:
>
> https://github.com/httpwg/http-extensions/issues/1183
>
> However, on further investigation, I don’t think this actually causes a
> problem. The concatenation process outlined in Signatures still works on
> multiple Set-Cookie values, the only weird thing is that the RESULT of that
> process cannot itself be parsed as a valid Set-Cookie header.
>
> But the thing is, it doesn’t have to be parsed. It just has to exist as a
> string in the signature base, and be re-created by both signer and verifier
> in a consistent way.
>
> I’m planning on closing this issue with a note in the appropriate section
> of the signature spec, but if there’s something I’m missing about this,
> please chime in.
>
>  — Justin
>

v2.23.0 | Report a Bug | By Email