Re: [kitten] Status of draft-ietf-kitten-sasl-oauth?
William Mills <wmills@yahoo-inc.com> Thu, 09 August 2012 23:48 UTC
Return-Path: <wmills@yahoo-inc.com>
X-Original-To: kitten@ietfa.amsl.com
Delivered-To: kitten@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 48DF821F867F for <kitten@ietfa.amsl.com>; Thu, 9 Aug 2012 16:48:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -17.549
X-Spam-Level:
X-Spam-Status: No, score=-17.549 tagged_above=-999 required=5 tests=[AWL=0.050, BAYES_00=-2.599, USER_IN_DEF_WHITELIST=-15]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RKNTxnZI7gvb for <kitten@ietfa.amsl.com>; Thu, 9 Aug 2012 16:48:20 -0700 (PDT)
Received: from nm6-vm0.bullet.mail.sp2.yahoo.com (nm6-vm0.bullet.mail.sp2.yahoo.com [98.139.91.206]) by ietfa.amsl.com (Postfix) with ESMTP id 746FC21F867D for <kitten@ietf.org>; Thu, 9 Aug 2012 16:48:20 -0700 (PDT)
Received: from [98.139.91.61] by nm6.bullet.mail.sp2.yahoo.com with NNFMP; 09 Aug 2012 23:48:17 -0000
Received: from [98.139.91.41] by tm1.bullet.mail.sp2.yahoo.com with NNFMP; 09 Aug 2012 23:48:17 -0000
Received: from [127.0.0.1] by omp1041.mail.sp2.yahoo.com with NNFMP; 09 Aug 2012 23:48:17 -0000
X-Yahoo-Newman-Property: ymail-3
X-Yahoo-Newman-Id: 119352.37880.bm@omp1041.mail.sp2.yahoo.com
Received: (qmail 71770 invoked by uid 60001); 9 Aug 2012 23:48:16 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo-inc.com; s=ginc1024; t=1344556096; bh=1duV3pFSXLHMbCTLdiE3qRHnUvkevC/bgVSEnGgdwFY=; h=X-YMail-OSG:Received:X-RocketYMMF:X-Mailer:References:Message-ID:Date:From:Reply-To:Subject:To:Cc:In-Reply-To:MIME-Version:Content-Type:Content-Transfer-Encoding; b=AzPOth3MSrrEjHJmRw4ARhIUznZ3ldpJj+w+Mb7srJjcu3aFoFMy0IWZO9+8Esr0US73acRomAuOjUEw+yX/bOjJ1BBGC8AcsFgZGB9xG3DgmNxk5ZAo0PDpF1SHtJAK6wfrJ+JU8cV3rAgxrEcy3HjD29cxBowjobxW6lvnMGU=
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=ginc1024; d=yahoo-inc.com; h=X-YMail-OSG:Received:X-RocketYMMF:X-Mailer:References:Message-ID:Date:From:Reply-To:Subject:To:Cc:In-Reply-To:MIME-Version:Content-Type:Content-Transfer-Encoding; b=W63zcs+KNkjwuytcmPq87CSPFki0XRjzjT/dTmO5pzEub3WF9WiqCjf8I0k22Xc0oQN1qZBZGUYzuU0m5AKlToLqBf1gKGPGl8P5ebEUArKhOMR3rCZRAfN7vmBawQ37bmc7NECIMkt1Pg7Sd1ote3pG8i1ExB8Lmvy77Adov5w=;
X-YMail-OSG: wWUZYesVM1nMg50i0Yu8kyxIs8fej7ZyZgy0DzYXRF92wGD x_aovNpg.qTtdZka2OmjJmHjkbZj2075W4.Uw60CwUHM95Rxj7__sJZm867g 8y5GUiXEgT81XLduryBRqKSCIGFEhMEwdcP4xqMDofslPAeG7BsfA.Zkmpsm tUBpIaV6tJ5WRFyhhp8S5GzXqv_1vAttCoxde_ht4dqPJScBKZh_XGtb7XLR stn89So4sNWORHJNXsvbWSc7WwX4_VYWrHxLxhQRKx4RYMb.ZRPJGI1S.4jh gHixVT9wnVs5A1Dv.He6Bw9lsP00mKq_oO5ckFojc1phDHIAGgXjOkeQSF6O Lniya9zLYp56q5I1zNhkAgjHFaWXT4luoBG3pfV.IE1kwL7ewDDAAg7eYTY1 p_NtlKZkN5tJNDSXFy8pYcRL9xvhWNRp.A16KxtkkbOMGB9S9DqMOEc7_Kwu Qm.TLReY-
Received: from [209.131.62.113] by web31813.mail.mud.yahoo.com via HTTP; Thu, 09 Aug 2012 16:48:16 PDT
X-RocketYMMF: william_john_mills
X-Mailer: YahooMailWebService/0.8.121.416
References: <CAPe4CjoPHN4QJWxXj_q39QuT3FuPmuw8L0WAYyGc0LOseF4teQ@mail.gmail.com> <1344548823.23915.YahooMailNeo__7438.20652501217$1344548833$gmane$org@web31808.mail.mud.yahoo.com> <87hasbd4yq.fsf@latte.josefsson.org>
Message-ID: <1344556096.48347.YahooMailNeo@web31813.mail.mud.yahoo.com>
Date: Thu, 09 Aug 2012 16:48:16 -0700
From: William Mills <wmills@yahoo-inc.com>
To: Simon Josefsson <simon@josefsson.org>
In-Reply-To: <87hasbd4yq.fsf@latte.josefsson.org>
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Cc: "kitten@ietf.org" <kitten@ietf.org>
Subject: Re: [kitten] Status of draft-ietf-kitten-sasl-oauth?
X-BeenThere: kitten@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: William Mills <wmills@yahoo-inc.com>
List-Id: Common Authentication Technologies - Next Generation <kitten.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/kitten>, <mailto:kitten-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/kitten>
List-Post: <mailto:kitten@ietf.org>
List-Help: <mailto:kitten-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/kitten>, <mailto:kitten-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 09 Aug 2012 23:48:21 -0000
Simon, Thanks for the review! Re: SASL entities: That's covered in 3.2.1 I hope. 3.2.1. Mapping to SASL Identities Some OAuth mechanisms can provide both an authorization identity and an authentication identity. An example of this is OAuth 1.0a [RFC5849] where the consumer key (oauth_consumer_key) identifies the entity using the token which equates to the SASL authentication identity, and is authenticated using the shared secret. The authorization identity in the OAuth 1.0a case is carried in the token (per the requirement above), which SHOULD be validated independently. The server MAY use a consumer key, a value derived from it, or other comparable identity in the OAuth authorization scheme as the SASL authentication identity. If an appropriate authentication identity is not available the server MUST use the authorization identity as the authentication identity. Re: GS2 header: I'll go read up on this, I hope it's easy :) Re: Channel Binding: Quite frankly I'd like to rip it out, but I was told originally it was required. I think the stance in the group on this has changed, but I'm not sure. It is certainly vulnerable to MITM in the Bearer case. An option would be to limit CB to usage when we have an auth profile that supports signing. Does it need to stay at this point? Regards, -bill >________________________________ > From: Simon Josefsson <simon@josefsson.org> >To: William Mills <wmills@yahoo-inc.com> >Cc: Ryan Troll <rtroll@googlers.com>; "kitten@ietf.org" <kitten@ietf.org> >Sent: Thursday, August 9, 2012 4:24 PM >Subject: Re: Status of draft-ietf-kitten-sasl-oauth? > >William Mills <wmills@yahoo-inc.com> writes: > >> There hasn't been a lot of action in any substantive way on the list >> on this draft, and I think it's pretty well baked. A working >> implementation is going to go a long way to nailing this down. >> >> Anyone out there with any significant objections or proposed should >> speak up "real soon now". > >I have reviewed the -03 document, and I believe there are some major >issues with it. > >MAJOR: > >* The protocol does not appear to be compatible with the GS2 framing, > thus the GSS-API mechanism the document defines would not be > wire-compatible with the SASL mechanism. The SASL packets needs to > use the GS2 header to be compatible. The examples reinforces my > readings, they don't begin with the GS2 header. Compare the SCRAM, > OPENID and SAML20 mechanism to see how this should be done. > >* I don't see where the mechanism transfers the SASL authorization > identity, which is required. This would be done by the GS2 header. > >* I don't follow how the channel binding data is integrity protected. > Unless I'm missing some keying, this seems to open up for a MITM to > fake channel binding. Section 3.2: > > In the OAUTH-PLUS mechanism the server examines the channel binding > data, extracts the channel binding unique prefix, and extracts the > raw channel biding data based on the channel binding type used. It > then computes it's own copy of the channel binding payload and > compares that to the payload sent by the client in the cbdata key/ > value. Those two must be equal for channel binding to succeed. > > Presumably the client is not authenticated when this is sent, so the > server might as well be talking to an attacker, which sends its own > channel binding data. > > I'm not sure I see how OAuth with bearer tokens could support channel > bindings at all? > >* Section 3.4 seems confusing. Quoting: > > If the specification for the underlying authorization scheme requires > a security layer, such as TLS [RFC5246], the server SHOULD only offer > a mechanism where channel binding can be enabled. > > Should "authorization scheme" be "application protocol"? > > Quoting further: > > The channel binding data is computed by the client based on it's > choice of preferred channel binding type. > > I think you want something similar to section 5.2 in RFC 5802 instead, > to leave the choise of preferred channel binding type up to the > application protocol profile (or resume back to a default). > > If the raw channel binding data is 500 > bytes or larger then a SHA-1 [RFC3174] hash of the raw channel > binding data is computed. > > SHA-1? This opens up for hash agility concerns. > > If the client is using tls-unique for a channel binding then the raw > channel binding data equals the first TLS finished message. > > There is subtlety with renegotiation here, I suggest to quote RFC 5929 > instead. > >/Simon > > >
- [kitten] Status of draft-ietf-kitten-sasl-oauth? Ryan Troll
- Re: [kitten] Status of draft-ietf-kitten-sasl-oau… William Mills
- Re: [kitten] Status of draft-ietf-kitten-sasl-oau… Simon Josefsson
- Re: [kitten] Status of draft-ietf-kitten-sasl-oau… Simon Josefsson
- Re: [kitten] Status of draft-ietf-kitten-sasl-oau… William Mills
- Re: [kitten] Status of draft-ietf-kitten-sasl-oau… William Mills
- Re: [kitten] Status of draft-ietf-kitten-sasl-oau… Simon Josefsson
- Re: [kitten] Status of draft-ietf-kitten-sasl-oau… Simon Josefsson
- Re: [kitten] Status of draft-ietf-kitten-sasl-oau… William Mills
- Re: [kitten] Status of draft-ietf-kitten-sasl-oau… William Mills
- Re: [kitten] Status of draft-ietf-kitten-sasl-oau… Simon Josefsson
- Re: [kitten] Status of draft-ietf-kitten-sasl-oau… Simon Josefsson
- Re: [kitten] Status of draft-ietf-kitten-sasl-oau… William Mills
- [kitten] Channel binding language changes Re: Sta… William Mills
- Re: [kitten] Channel binding language changes Re:… Nico Williams
- Re: [kitten] Channel binding language changes Re:… William Mills
- Re: [kitten] Channel binding language changes Re:… Martin Rex
- Re: [kitten] Channel binding language changes Re:… William Mills
- Re: [kitten] Channel binding language changes Re:… Nico Williams