Re: [kitten] Fwd: I-D Action: draft-melnikov-scram-2fa-00.txt

Alexey Melnikov <> Sat, 02 May 2020 13:12 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id C72A93A1185 for <>; Sat, 2 May 2020 06:12:18 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id LeQdtv5LFOSV for <>; Sat, 2 May 2020 06:12:17 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTP id 33D913A116A for <>; Sat, 2 May 2020 06:12:17 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; t=1588425136;; s=june2016;; bh=6pEadRgQt1OEHeRTSkVcPKm1q0TMjMnNTFiDTA4m1UY=; h=From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version: In-Reply-To:References:Content-Type:Content-Transfer-Encoding: Content-ID:Content-Description; b=He1RLwN7J8/yENRcfQcf+NAAq535OKL8eu7V65jvJzGAgwTInWiYhP3W1Mqdlfw7FcUnrj nDGCsjzaCY2VTyIMH11nY+YXWhMpvq0r25bAfviQHp+9Vr66trGJyChP/8iihjo0OcPOfv 9J0++KsbXjRMyoriM0zB5Qy+iU+KQpA=;
Received: from [] ( []) by (submission channel) via TCP with ESMTPSA id <>; Sat, 2 May 2020 14:12:15 +0100
From: Alexey Melnikov <>
To: Simon Josefsson <>
References: <> <> <>
Autocrypt:; prefer-encrypt=mutual; keydata= mQENBFWQBiQBCADFmiucA1/FCqO+LUOm/Xf2+NpPuSbPcLAWd0x1K1V4F1WTPScSolQ/u0y8 faozrF3uQXZxInvmLJOALfOqm4lfg8CN2BqAxMrlCqka1Ku8UJ9A6kOGaZWlBKUmiIjVng9D 91k8MRare9dE5b0Yj33mUO/ifhC+np0H7CXpB6E2IzvAUkgWCPlXEVO6ffV1Xr+J/UeArqoF Fj1RoMN+Kc701e3GzKHpuryng66Jx9+k7daOSgWNF1zOU1JCJKIZ1uHIlzro1y0KtvWTwwM1 331q72HWESG0NatDnu1QotxxFHLDQFsHZ59A5yvIdyeZvjuEr9paorNVIk7Esg4THaljABEB AAG0K0FsZXhleSBNZWxuaWtvdiA8YWxleGV5Lm1lbG5pa292QGlzb2RlLmNvbT6JATkEEwEI ACMFAlWQBiQCGw8HCwkIBwMCAQYVCAIJCgsEFgIDAQIeAQIXgAAKCRBdp82zsCM7iDACB/4q EiLSBhpjDJ+pm1f6IXQvtTW3YGrca0kidZ0yX/qn30bkRtFsjXJVOspKENzBhZCI5bX/Si0I qKkR0DqnuJqchVzKXl25HfMvA2w2KRr8VFLFWMnCB4/jnaMWWQ4EV1MqbyFXl3m0LwZ1U4rd EQLvzPTNd8tqyy093rN53jTl0FmBAEHYzbUHsYB6wx8gqJBFkIGEgPHftZboJ/8ywo983YBQ /8Brb8awV3PeonmHc7W9QMKoN37U9VLbXOvAZVDvJ4QI1P/P3Uad1tkkeyuCcluuPe2M7CjK HF8zQHYGSCz70NY+MhbfhgT5WMjPuW5ls+Q1yES257+lmRkx3eyT
Message-ID: <>
Date: Sat, 2 May 2020 14:12:15 +0100
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:68.0) Gecko/20100101 Thunderbird/68.7.0
In-Reply-To: <>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
Content-Language: en-US
Archived-At: <>
Subject: Re: [kitten] Fwd: I-D Action: draft-melnikov-scram-2fa-00.txt
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Common Authentication Technologies - Next Generation <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Sat, 02 May 2020 13:12:19 -0000

Hi Simon,

On 03/04/2020 17:29, Simon Josefsson wrote:
> Thanks for working on this.  What we discovered with the OpenID/SAML
> SASL mechanisms was that a major challenge was to resolve how to resume
> sessions in a SASLy way.  To be more specific, the challenge is that a
> lot of client applications (IMAP in particlar) expect to be able to open
> several sessions to the server.  Having a user perform manual steps per
> session won't work, and from a quick look at your document, it looks
> like this problem isn't resolve here either.  What is needed is some way
> to perform the 2FA authentication once, and then be able to refer to
> that authentication in a new SASL authentication step.  With re-newed
> energy and interest in this, I beliece we can do better now though.
> Some ideas:
> 1) Specify how TLS resumption of a SASL authenticated session should
> assume the same SASL authentication/authorization identity.
I don't think this will fly, as TLS resumption is usually unaware of
SASL state. At least this is how it is commonly implemented in Email
clients or servers.
> 2) Specify how EXTERNAL (or some new mechanism) is to be used to
> "resume" an earlier 2FA authenticated SASL session.
I don't think SASL EXTERNAL is a good fit here. I think David Cridland's
<> is
what you describe and I agree that we should pursue standardizing it.
> 3) Describe how OAUTH could be used to achieve this.
Right, on my to do list. If somebody would like to volunteer to co-edit
with me, that would speed things up.
> 4) Extend your proposal to generate a magic cookie after successful
> authentication that can be provided instead of the 2FA code next time.
Sure, I can add this.
> The problem is not exactly how to do it: it is to describe one
> well-agreed on method that all application implementers can follow, to
> get interoperability.
> I believe it is a bad idea to implement a generic 2FA mechanism on top
> of SCRAM, it will be too flexible with bad interop as a result.
> Instead, implement specific 2FA methods so things become easily
> implementable.  Your document could be a SCRAM-OATH-TOTP rather than
> SCRAM-2FA.  OATH-HOTP/TOTP, U2F, FIDO2, etc each have different
> behaviours that make it difficult to support in a generic protocol.

With addition of SCRAM-SHA-256, SCRAM-SHA-512 and possibly SCRAM-SHA-3,
I am worried about combinatorial explosion of names of SCRAM variants,
that need to accommodate both new hash algorithms and 2FA methods. Maybe
we should just settle on a small (or just 1) 2FA for now, but make it
swappable for  something better in the future?

Best Regards,