Re: [kitten] Fwd: I-D Action: draft-melnikov-scram-2fa-00.txt

Alexey Melnikov <alexey.melnikov@isode.com> Sat, 02 May 2020 13:12 UTC

Return-Path: <alexey.melnikov@isode.com>
X-Original-To: kitten@ietfa.amsl.com
Delivered-To: kitten@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C72A93A1185 for <kitten@ietfa.amsl.com>; Sat, 2 May 2020 06:12:18 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=isode.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LeQdtv5LFOSV for <kitten@ietfa.amsl.com>; Sat, 2 May 2020 06:12:17 -0700 (PDT)
Received: from waldorf.isode.com (waldorf.isode.com [62.232.206.188]) by ietfa.amsl.com (Postfix) with ESMTP id 33D913A116A for <kitten@ietf.org>; Sat, 2 May 2020 06:12:17 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; t=1588425136; d=isode.com; s=june2016; i=@isode.com; bh=6pEadRgQt1OEHeRTSkVcPKm1q0TMjMnNTFiDTA4m1UY=; h=From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version: In-Reply-To:References:Content-Type:Content-Transfer-Encoding: Content-ID:Content-Description; b=He1RLwN7J8/yENRcfQcf+NAAq535OKL8eu7V65jvJzGAgwTInWiYhP3W1Mqdlfw7FcUnrj nDGCsjzaCY2VTyIMH11nY+YXWhMpvq0r25bAfviQHp+9Vr66trGJyChP/8iihjo0OcPOfv 9J0++KsbXjRMyoriM0zB5Qy+iU+KQpA=;
Received: from [192.168.0.8] (0546c907.skybroadband.com [5.70.201.7]) by waldorf.isode.com (submission channel) via TCP with ESMTPSA id <Xq1xrwBqwaPW@waldorf.isode.com>; Sat, 2 May 2020 14:12:15 +0100
From: Alexey Melnikov <alexey.melnikov@isode.com>
To: Simon Josefsson <simon@josefsson.org>
Cc: kitten@ietf.org
References: <158462386052.13384.7911173297625270492@ietfa.amsl.com> <1330abb0-f0ae-3399-0486-4d7f7ff63267@isode.com> <87tv20bkid.fsf@latte.josefsson.org>
Autocrypt: addr=alexey.melnikov@isode.com; prefer-encrypt=mutual; keydata= mQENBFWQBiQBCADFmiucA1/FCqO+LUOm/Xf2+NpPuSbPcLAWd0x1K1V4F1WTPScSolQ/u0y8 faozrF3uQXZxInvmLJOALfOqm4lfg8CN2BqAxMrlCqka1Ku8UJ9A6kOGaZWlBKUmiIjVng9D 91k8MRare9dE5b0Yj33mUO/ifhC+np0H7CXpB6E2IzvAUkgWCPlXEVO6ffV1Xr+J/UeArqoF Fj1RoMN+Kc701e3GzKHpuryng66Jx9+k7daOSgWNF1zOU1JCJKIZ1uHIlzro1y0KtvWTwwM1 331q72HWESG0NatDnu1QotxxFHLDQFsHZ59A5yvIdyeZvjuEr9paorNVIk7Esg4THaljABEB AAG0K0FsZXhleSBNZWxuaWtvdiA8YWxleGV5Lm1lbG5pa292QGlzb2RlLmNvbT6JATkEEwEI ACMFAlWQBiQCGw8HCwkIBwMCAQYVCAIJCgsEFgIDAQIeAQIXgAAKCRBdp82zsCM7iDACB/4q EiLSBhpjDJ+pm1f6IXQvtTW3YGrca0kidZ0yX/qn30bkRtFsjXJVOspKENzBhZCI5bX/Si0I qKkR0DqnuJqchVzKXl25HfMvA2w2KRr8VFLFWMnCB4/jnaMWWQ4EV1MqbyFXl3m0LwZ1U4rd EQLvzPTNd8tqyy093rN53jTl0FmBAEHYzbUHsYB6wx8gqJBFkIGEgPHftZboJ/8ywo983YBQ /8Brb8awV3PeonmHc7W9QMKoN37U9VLbXOvAZVDvJ4QI1P/P3Uad1tkkeyuCcluuPe2M7CjK HF8zQHYGSCz70NY+MhbfhgT5WMjPuW5ls+Q1yES257+lmRkx3eyT
Message-ID: <727175a4-4ba0-c3ea-7e09-f21b0f589bf4@isode.com>
Date: Sat, 2 May 2020 14:12:15 +0100
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:68.0) Gecko/20100101 Thunderbird/68.7.0
In-Reply-To: <87tv20bkid.fsf@latte.josefsson.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
Content-Language: en-US
Archived-At: <https://mailarchive.ietf.org/arch/msg/kitten/Fh-6neJKD2SaIZhEX0rSq9jAIr4>
Subject: Re: [kitten] Fwd: I-D Action: draft-melnikov-scram-2fa-00.txt
X-BeenThere: kitten@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Common Authentication Technologies - Next Generation <kitten.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/kitten>, <mailto:kitten-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/kitten/>
List-Post: <mailto:kitten@ietf.org>
List-Help: <mailto:kitten-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/kitten>, <mailto:kitten-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 02 May 2020 13:12:19 -0000

Hi Simon,

On 03/04/2020 17:29, Simon Josefsson wrote:
> Thanks for working on this.  What we discovered with the OpenID/SAML
> SASL mechanisms was that a major challenge was to resolve how to resume
> sessions in a SASLy way.  To be more specific, the challenge is that a
> lot of client applications (IMAP in particlar) expect to be able to open
> several sessions to the server.  Having a user perform manual steps per
> session won't work, and from a quick look at your document, it looks
> like this problem isn't resolve here either.  What is needed is some way
> to perform the 2FA authentication once, and then be able to refer to
> that authentication in a new SASL authentication step.  With re-newed
> energy and interest in this, I beliece we can do better now though.
> Some ideas:
>
> 1) Specify how TLS resumption of a SASL authenticated session should
> assume the same SASL authentication/authorization identity.
I don't think this will fly, as TLS resumption is usually unaware of
SASL state. At least this is how it is commonly implemented in Email
clients or servers.
> 2) Specify how EXTERNAL (or some new mechanism) is to be used to
> "resume" an earlier 2FA authenticated SASL session.
I don't think SASL EXTERNAL is a good fit here. I think David Cridland's
CLIENTKEY
<https://tools.ietf.org/id/draft-cridland-kitten-clientkey-00.txt> is
what you describe and I agree that we should pursue standardizing it.
> 3) Describe how OAUTH could be used to achieve this.
Right, on my to do list. If somebody would like to volunteer to co-edit
with me, that would speed things up.
> 4) Extend your proposal to generate a magic cookie after successful
> authentication that can be provided instead of the 2FA code next time.
Sure, I can add this.
> The problem is not exactly how to do it: it is to describe one
> well-agreed on method that all application implementers can follow, to
> get interoperability.
>
> I believe it is a bad idea to implement a generic 2FA mechanism on top
> of SCRAM, it will be too flexible with bad interop as a result.
> Instead, implement specific 2FA methods so things become easily
> implementable.  Your document could be a SCRAM-OATH-TOTP rather than
> SCRAM-2FA.  OATH-HOTP/TOTP, U2F, FIDO2, etc each have different
> behaviours that make it difficult to support in a generic protocol.

With addition of SCRAM-SHA-256, SCRAM-SHA-512 and possibly SCRAM-SHA-3,
I am worried about combinatorial explosion of names of SCRAM variants,
that need to accommodate both new hash algorithms and 2FA methods. Maybe
we should just settle on a small (or just 1) 2FA for now, but make it
swappable for  something better in the future?


Best Regards,

Alexey