IETF Logo Mail Archive

RE: Origin-signed responses

Lucas Pardue <Lucas.Pardue@bbc.co.uk> Wed, 06 September 2017 19:55 UTC

Return-Path: <ietf-http-wg-request+bounce-httpbisa-archive-bis2juki=lists.ie@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 87DED126B71 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Wed, 6 Sep 2017 12:55:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.899
X-Spam-Level:
X-Spam-Status: No, score=-6.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HEADER_FROM_DIFFERENT_DOMAINS=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id C_YAZrmsi4dN for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Wed, 6 Sep 2017 12:55:04 -0700 (PDT)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 84582124E15 for <httpbisa-archive-bis2Juki@lists.ietf.org>; Wed, 6 Sep 2017 12:55:04 -0700 (PDT)
Received: from lists by frink.w3.org with local (Exim 4.89) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1dpgND-0006QT-SC for ietf-http-wg-dist@listhub.w3.org; Wed, 06 Sep 2017 19:52:31 +0000
Resent-Date: Wed, 06 Sep 2017 19:52:31 +0000
Resent-Message-Id: <E1dpgND-0006QT-SC@frink.w3.org>
Received: from mimas.w3.org ([128.30.52.79]) by frink.w3.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.89) (envelope-from <Lucas.Pardue@bbc.co.uk>) id 1dpgN4-0006PN-9s for ietf-http-wg@listhub.w3.org; Wed, 06 Sep 2017 19:52:22 +0000
Received: from mailout0.telhc.bbc.co.uk ([132.185.161.179]) by mimas.w3.org with esmtps (TLS1.2:DHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.89) (envelope-from <Lucas.Pardue@bbc.co.uk>) id 1dpgN2-0004AT-TO for ietf-http-wg@w3.org; Wed, 06 Sep 2017 19:52:22 +0000
Received: from BGB01XI1008.national.core.bbc.co.uk (bgb01xi1008.national.core.bbc.co.uk [10.161.14.22]) by mailout0.telhc.bbc.co.uk (8.15.2/8.15.2) with ESMTP id v86Jpv1w027931; Wed, 6 Sep 2017 20:51:57 +0100 (BST)
Received: from BGB01XUD1012.national.core.bbc.co.uk ([10.161.14.10]) by BGB01XI1008.national.core.bbc.co.uk ([10.161.14.22]) with mapi id 14.03.0319.002; Wed, 6 Sep 2017 20:51:57 +0100
From: Lucas Pardue <Lucas.Pardue@bbc.co.uk>
To: Jeffrey Yasskin <jyasskin@google.com>
CC: HTTP Working Group <ietf-http-wg@w3.org>
Thread-Topic: Origin-signed responses
Thread-Index: AQHTI0D1bNGPyvEj4E2jhCq3mpGgO6KgPnPB///2zoCAABMdEYAH4YIAgAAfHnk=
Date: Wed, 06 Sep 2017 19:51:57 +0000
Message-ID: <7CF7F94CB496BF4FAB1676F375F9666A37766C6F@bgb01xud1012>
References: <CANh-dXkbqBpGUrr-dXceQ5HzDjC6mSrrudTKjWwaBQcSO584ug@mail.gmail.com> <7CF7F94CB496BF4FAB1676F375F9666A37766651@bgb01xud1012> <CANh-dX=AFEmJ-yuHxnSYycxN2Rv8V40LzwYeDHGtgZEoJeVHog@mail.gmail.com> <7CF7F94CB496BF4FAB1676F375F9666A3776666B@bgb01xud1012>, <CANh-dX=ocTOOq1xnTEf9Da5vPEaXo3qJu3QDD00T4nsuoMx_7A@mail.gmail.com>
In-Reply-To: <CANh-dX=ocTOOq1xnTEf9Da5vPEaXo3qJu3QDD00T4nsuoMx_7A@mail.gmail.com>
Accept-Language: en-GB, en-US
Content-Language: en-GB
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [172.19.161.211]
x-exclaimer-md-config: c91d45b2-6e10-4209-9543-d9970fac71b7
x-tm-as-product-ver: SMEX-11.0.0.4255-8.100.1062-23308.001
x-tm-as-result: No--13.146700-0.000000-31
x-tm-as-user-approved-sender: Yes
x-tm-as-user-blocked-sender: No
Content-Type: multipart/alternative; boundary="_000_7CF7F94CB496BF4FAB1676F375F9666A37766C6Fbgb01xud1012_"
MIME-Version: 1.0
Received-SPF: pass client-ip=132.185.161.179; envelope-from=Lucas.Pardue@bbc.co.uk; helo=mailout0.telhc.bbc.co.uk
X-W3C-Hub-Spam-Status: No, score=-3.7
X-W3C-Hub-Spam-Report: AWL=0.050, BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001, W3C_NW=0.5
X-W3C-Scan-Sig: mimas.w3.org 1dpgN2-0004AT-TO b08406c6a7d89b7ed845650b1f4605b1
X-Original-To: ietf-http-wg@w3.org
Subject: RE: Origin-signed responses
Archived-At: <http://www.w3.org/mid/7CF7F94CB496BF4FAB1676F375F9666A37766C6F@bgb01xud1012>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/34437
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

Hi Jeffrey,

You make a good observation. draft-pardue-quic-http-mcast-01 skips some details, we have an implementation that does some additional things that aren't explain anywhere (yet). Since this is Alt-Svc, we try to follow those security expectations in our implementation, to form a bit of a closed loop. The sender's signature keyID is in the form of a certificate that is valid for the sender's source IP and the origin.

Is that similar to draft-yasskin-http-origin-signed-responses?

draft-cavage-http-signatures leaves the usage of KeyId open, so looking ahead we'd have to profile or mandate our approach. If your proposal is stricter, that could help simplify things for us in terms of documentation and getting wider adoption/support.

Lucas
________________________________
From: Jeffrey Yasskin [jyasskin@google.com]
Sent: 06 September 2017 19:47
To: Lucas Pardue
Cc: HTTP Working Group
Subject: Re: Origin-signed responses

Thanks. In draft-pardue-quic-http-mcast-01 you do have enough of a channel in the Alt-Svc header to transmit a signing key, so you could use draft-cavage-http-signatures, but the spec and examples show the public key being identified alongside the signature, which isn't enough to establish that the expected sender is actually the one that signed the message.

draft-yasskin-http-origin-signed-responses would be harder to use incorrectly inside higher-level protocols, since it insists that the key is trusted for the example.com<http://example.com> domain.

Jeffrey

On Fri, Sep 1, 2017 at 10:36 AM, Lucas Pardue <Lucas.Pardue@bbc.co.uk<mailto:Lucas.Pardue@bbc.co.uk>> wrote:
We've written up some of it in the I-D draft-pardue-quic-http-mcast. Section 6 and appendix B are particularly relevant.

We expect the checks to happen in the application code, running in or above a HTTP UA of some sort. E.g. an app that incorporates libcurl, or JavaScript application code executing in a browser.

Lucas
________________________________________
From: Jeffrey Yasskin [jyasskin@google.com<mailto:jyasskin@google.com>]
Sent: 01 September 2017 18:18
To: Lucas Pardue
Cc: HTTP Working Group
Subject: Re: Origin-signed responses

On Fri, Sep 1, 2017 at 10:04 AM, Lucas Pardue <Lucas.Pardue@bbc.co.uk<mailto:Lucas.Pardue@bbc.co.uk>> wrote:
> Hi Jeffrey,
>
> I spotted this yesterday and found it an interesting read, so thanks for starting a discussion.
>
> Your draft references draft-cavage-http-signatures, which we have been using on a project to add some authenticity to HTTP/2 pushed content. I'm still processing your draft but can see how it might complement our approach or help satisfy the higher goal.
>

I'm glad to hear it. :) What kind of software winds up checking that
authenticity? How do you transmit the public key? Do you need to
revoke keys or prevent downgrade attacks? (I'd be happy to read a
document about this, if you have one, rather than making you retype it
on the mailing list.)

Thanks,
Jeffrey

v2.23.0 | Report a Bug | By Email