Re: [kitten] Replacing Kerberos
Nico Williams <nico@cryptonector.com> Mon, 27 February 2023 03:12 UTC
Return-Path: <nico@cryptonector.com>
X-Original-To: kitten@ietfa.amsl.com
Delivered-To: kitten@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8EE9BC151B1A for <kitten@ietfa.amsl.com>; Sun, 26 Feb 2023 19:12:56 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=cryptonector.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2f1Sn2AXCuNQ for <kitten@ietfa.amsl.com>; Sun, 26 Feb 2023 19:12:52 -0800 (PST)
Received: from dragonfly.birch.relay.mailchannels.net (dragonfly.birch.relay.mailchannels.net [23.83.209.51]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 83440C151B18 for <kitten@ietf.org>; Sun, 26 Feb 2023 19:12:52 -0800 (PST)
X-Sender-Id: dreamhost|x-authsender|nico@cryptonector.com
Received: from relay.mailchannels.net (localhost [127.0.0.1]) by relay.mailchannels.net (Postfix) with ESMTP id B15EE5C1629; Mon, 27 Feb 2023 03:12:51 +0000 (UTC)
Received: from pdx1-sub0-mail-a277.dreamhost.com (unknown [127.0.0.6]) (Authenticated sender: dreamhost) by relay.mailchannels.net (Postfix) with ESMTPA id 3B1495C15AA; Mon, 27 Feb 2023 03:12:51 +0000 (UTC)
ARC-Seal: i=1; s=arc-2022; d=mailchannels.net; t=1677467571; a=rsa-sha256; cv=none; b=0Pb2kN2gNi4EuCJbgwVkUCGf4LJ631kQsGzxtUhd30EmmKf19yBcI07nl/GEzfej1+rlq0 vrUKLemggUG1Lt9u/sI3eL2zLi4NiH7LyrpuSYZgXcAE62My/GT6DT+HYwkmTO3bcknKfc nB34varhOg55qkb+0UK81CLjVINtSmkJfjKQrQXpqfQijZNUDLET9+7VgKVMi6byfAbiWM cgy9VYmxdliJMmj3XSGWXmA49+2Dd+RHhbZQwDKEC78LtMqXzVfXv4LeAG5NM6Jv79HpWe ar07jojTNfBo7ED/JBFdBYA9yS9QK6pDITQkJCu/JqR/bwMkyiMueBa7JzYfIQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=mailchannels.net; s=arc-2022; t=1677467571; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=X99wG+WMq49zlbGdvkeytsJqkOBnS6mySylCpMJI7qU=; b=i5YUAPWTlMIKGOs4wF+ZO02Ahp/g87vTXM6LDPcE2BryWIMW+Ftp+uHaFISK6hguWLJc7k Baun99t8YGOCcY2V8K7rfmGl6qxDR+x/n3o+02HwM7IKFjAdDAES9qZ6X/exoZhWi6ADVK qvLJWKrGIV5KFLWqPpwKbTQPSuP4wSozljeZ5SB8o+XKVZdYN2eKhSadJdJ6Jitcf+B0Re YmouecbeJA5DlBxPUl/ESifzQ0RcbPQoh3tKB1ThjCBoMgIC0jZa4A/DId7r5TKkNWBohl S99I6uR2l00IPgalQAX5ycvTDG9NkC1QjzHGfEt9H297qpVRiYmMGI8jD+lhhQ==
ARC-Authentication-Results: i=1; rspamd-5db48964c-9shrn; auth=pass smtp.auth=dreamhost smtp.mailfrom=nico@cryptonector.com
X-Sender-Id: dreamhost|x-authsender|nico@cryptonector.com
X-MC-Relay: Neutral
X-MailChannels-SenderId: dreamhost|x-authsender|nico@cryptonector.com
X-MailChannels-Auth-Id: dreamhost
X-Wiry-Fumbling: 03ce4a2a4cecb91d_1677467571486_883640694
X-MC-Loop-Signature: 1677467571485:3952420950
X-MC-Ingress-Time: 1677467571485
Received: from pdx1-sub0-mail-a277.dreamhost.com (pop.dreamhost.com [64.90.62.162]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384) by 100.109.138.62 (trex/6.7.1); Mon, 27 Feb 2023 03:12:51 +0000
Received: from gmail.com (075-081-095-064.res.spectrum.com [75.81.95.64]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) (Authenticated sender: nico@cryptonector.com) by pdx1-sub0-mail-a277.dreamhost.com (Postfix) with ESMTPSA id 4PQ5Ck4wsMzC7; Sun, 26 Feb 2023 19:12:50 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cryptonector.com; s=dreamhost; t=1677467571; bh=X99wG+WMq49zlbGdvkeytsJqkOBnS6mySylCpMJI7qU=; h=Date:From:To:Cc:Subject:Content-Type:Content-Transfer-Encoding; b=DWS6AkBr5nEg++mMTWpzS06elBceyNP0W1bpkLtdqctbFCu4vHVrVKCKe6xxVidpM Znt/iqMrqQlcHTB5EGrilZ3oM2PQ1raFAtzrryaTrvTfcCHt+1P5dbGrT89ZGfRXa/ QuqPRmiWTKBpQwD3/ZLA1CpKpWunJZVfsDq9XRGVzscY8pjuXgOzzBia/Ez1xUTDq5 cNfTa5LzC1hfyfCBTwIqyTBmLLm8/nmmE+Gw4VJ16a+HKl7xweTNTYdvaignAxda8K 2w0ETNWYmfBd7q5xEWdkWt7bjnn4lZQ9nNPYXXStvBMm68KyQUfCYyi4bfkkDos066 2eeog0Hzu5HAg==
Date: Sun, 26 Feb 2023 21:12:48 -0600
From: Nico Williams <nico@cryptonector.com>
To: Erin Shepherd <erin.shepherd@e43.eu>
Cc: "kitten@ietf.org" <kitten@ietf.org>
Message-ID: <Y/wfsAuAL+SzsaPy@gmail.com>
References: <MW4PR21MB1970A9D254B943A1763C55FF9CA09@MW4PR21MB1970.namprd21.prod.outlook.com> <de4cbe7b-85b5-7001-3a8c-74787990c6e0@secure-endpoints.com> <eb9fa7a4-a00d-f388-27aa-3624df8ce4f2@secure-endpoints.com> <MW4PR21MB197060FB388E7922FAADEB079CA19@MW4PR21MB1970.namprd21.prod.outlook.com> <Y/GFY3wTO+TBg638@gmail.com> <134D46FA-1E2A-4DB0-9B8D-6897136972CA@e43.eu> <Y/fNaFUq3YMjhahD@gmail.com> <3254E2DC-A6A8-4071-B3EB-BBD73056547C@e43.eu>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <3254E2DC-A6A8-4071-B3EB-BBD73056547C@e43.eu>
Archived-At: <https://mailarchive.ietf.org/arch/msg/kitten/eiIBq8LvNDCfQr3tPj98i8U5TX0>
Subject: Re: [kitten] Replacing Kerberos
X-BeenThere: kitten@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Common Authentication Technologies - Next Generation <kitten.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/kitten>, <mailto:kitten-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/kitten/>
List-Post: <mailto:kitten@ietf.org>
List-Help: <mailto:kitten-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/kitten>, <mailto:kitten-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 27 Feb 2023 03:12:56 -0000
On Mon, Feb 27, 2023 at 01:29:13AM +0100, Erin Shepherd wrote: > > What I meant above by "the ability to use this mechanism as a TLS 1.3 > > PSK" is that TLS applications should be able to use Kerberos / Kerberos > > replacement in TLS a la RFC 2712 (which is essentially obsolete and > > broken). > > So effectively a standardised way of using it as a TLS keying material importer? > Makes a lot of sense. Sort of, yeah, but it's best to think of it as a PSK. > > [...] > > Of course. (I do wonder how many GSS-API applications actually handle > reordered messages though…) As far as Internet protocols go, only NFS (over UDP). NFSv4 obsoletes running over UDP, so in a way not even NFS. > > I hear you. A GSS per-msg tokens only library using OCB only should be > > very light-weight. A TLS/DTLS thing would impose a great deal more in > > the way of dependencies on Heimdal and MIT Kerberos (for example), and > > still needs a bit more (see above), so it's not terribly appealing (but > > if I end up on the rough side of consensus on that it's not the end of > > the world). > > I think this is a bit of a symptom here of the existing GSS-API > implementations being an outgrowth of Kerberos implementations. > Despite the defacto standardisation on Kerberos derived message > tokens, they’re not really exposed as a reusable API Everything to do with per-message tokens can be standardized so any GSS mechanisms can use it, and it need not share any cryptosystem details with Kerberos. > One thing I would really like, as an aside, is a proxy mech > which allows delegating all the context establishment business > to an external process but just returns the master keys to the > caller. GSS does not preclude this! Indeed, the way NFS implementations commonly work is that you have a kernel-mode GSS layer that "upcalls" to a userland "gssd" process to do all the context establishment, then when that's done the gssd transfers the session keys to the kernel where the per-message functions run. > This is an implementation matter though It is. > >> I suspect we’d end up with multiple ways of getting our TGT equivalent > >> for this system, but maybe that’s not the worst thing in the world (in > >> fact it’s probably just pragmatic) > > > > More negotiation headaches, but of the kind that we've discussed good > > fixes for in this thread already, so I think it's OK. > > I was thinking just specifically for our hypothetical “Kerberos > replacement” mechanism: > > Authentication to our KDC should just be able to reuse the “direct” > GSS-API mechanisms (SCRAM, etc) The KDC/IdP/whatever-trusted-third-party protocols themselves should just use TLS, or even just HTTPS (so, TLS). That's because everyone has a TLS implementation, and the more we can reuse what everyone has -and the more we can simplify everything else- the more likely it is that there will be implementations of the new thing. HTTP really needs a redirect-for-authentication mechanism. I've an Internet-Draft about that. Basically, a 401 w/ Location: or a 3xx with WWW-Authenticate, where Authorization: and WWW-Authenticate: headers must be copied from redirect response to redirected request. User- agents will typically need to have a list of origins trusted for this. The idea is to be able to have a really dumb user-agent that can still enable a) secure communication between the origins involved, b) any HTTP authentication scheme can work on the return request, c) everything can be over HTTPS, d) everything is simple for the user-agent. (This is inspired by the PowerShell HTTP CLI, which has an option to enable copying of Authorization: headers from redirect responses to redirected requests. HTTP normally forbids copying of _any_ redirect response headers to redirected requests. I've a Negotiate-as-a-service proof of concept showing that a user-agent can use Negotiate using a redirect scheme and without having to have an implementation of Negotiate. This is completely generic as to HTTP auth schemes, too.) > We should have a proxy-to-“kdc"-via-server mechanism Out Of The Box As you noted, that's an implementation detail, but it's certainly worth mentioning it informatively. > A bit of me wonders if things should just always be proxied via the > server to the server’s “KDC", EAP/RADIUS style; it certainly reduces > the complexity in terms of configuring endpoints with cross-realm > trust information. I prefer to not add I/O requirements on the server side. Even in 2023 there still many thread-per-client, synchronous code applications. So much so that a common pattern is to have a reverse proxy do all these things (e.g., exchanging OIDC codes for tokens) so as to offload the application. That at least does mean that adding I/O requirements on the server side is not the end of the world, but it does still add friction. Nico --
- Re: [kitten] [EXTERNAL] Re: Windows Intent to rev… Greg Hudson
- [kitten] Windows Intent to revive and implement I… Steve Syfuhs (AP)
- Re: [kitten] Windows Intent to revive and impleme… Luke Howard Bentata
- Re: [kitten] Windows Intent to revive and impleme… Greg Hudson
- Re: [kitten] Windows Intent to revive and impleme… josh.howlett
- Re: [kitten] Windows Intent to revive and impleme… Luke Howard Bentata
- Re: [kitten] Windows Intent to revive and impleme… Jeffrey Altman
- Re: [kitten] Windows Intent to revive and impleme… Jeffrey Altman
- Re: [kitten] [EXTERNAL] Re: Windows Intent to rev… Steve Syfuhs (AP)
- Re: [kitten] [EXTERNAL] Re: Windows Intent to rev… Nico Williams
- Re: [kitten] [EXTERNAL] Re: Windows Intent to rev… Nico Williams
- Re: [kitten] [EXTERNAL] Re: Windows Intent to rev… Steve Syfuhs (AP)
- Re: [kitten] [EXTERNAL] Re: Windows Intent to rev… Luke Howard
- Re: [kitten] [EXTERNAL] Re: Windows Intent to rev… Nico Williams
- Re: [kitten] [EXTERNAL] Re: Windows Intent to rev… Luke Howard Bentata
- Re: [kitten] [EXTERNAL] Re: Windows Intent to rev… Steve Syfuhs (AP)
- Re: [kitten] [EXTERNAL] Re: Windows Intent to rev… Luke Howard Bentata
- Re: [kitten] [EXTERNAL] Re: Windows Intent to rev… Luke Howard Bentata
- Re: [kitten] [EXTERNAL] Re: Windows Intent to rev… Steve Syfuhs (AP)
- Re: [kitten] [EXTERNAL] Re: Windows Intent to rev… Nico Williams
- [kitten] Replacing Kerberos (Re: Windows Intent t… Nico Williams
- Re: [kitten] [EXTERNAL] Re: Windows Intent to rev… Simo Sorce
- Re: [kitten] [EXTERNAL] Re: Windows Intent to rev… Simo Sorce
- Re: [kitten] [EXTERNAL] Re: Windows Intent to rev… Ken Hornstein
- Re: [kitten] [EXTERNAL] Re: Windows Intent to rev… Nico Williams
- Re: [kitten] [EXTERNAL] Re: Windows Intent to rev… Paul Romero
- Re: [kitten] [EXTERNAL] Re: Windows Intent to rev… Nico Williams
- Re: [kitten] [EXTERNAL] Re: Windows Intent to rev… Nico Williams
- Re: [kitten] Replacing Kerberos (Re: Windows Inte… Luke Howard
- Re: [kitten] Replacing Kerberos (Re: Windows Inte… Nico Williams
- Re: [kitten] [EXTERNAL] Re: Windows Intent to rev… Steve Syfuhs (AP)
- Re: [kitten] [EXTERNAL] Re: Windows Intent to rev… Nico Williams
- Re: [kitten] [EXTERNAL] Re: Windows Intent to rev… Nico Williams
- Re: [kitten] [EXTERNAL] Re: Windows Intent to rev… Luke Howard Bentata
- Re: [kitten] [EXTERNAL] Re: Windows Intent to rev… Nico Williams
- Re: [kitten] [EXTERNAL] Re: Windows Intent to rev… Luke Howard
- Re: [kitten] [EXTERNAL] Re: Windows Intent to rev… Nico Williams
- Re: [kitten] [EXTERNAL] Re: Windows Intent to rev… Steve Syfuhs (AP)
- Re: [kitten] [EXTERNAL] Re: Windows Intent to rev… Steve Syfuhs (AP)
- Re: [kitten] [EXTERNAL] Re: Windows Intent to rev… Nico Williams
- Re: [kitten] [EXTERNAL] Re: Windows Intent to rev… Steve Syfuhs (AP)
- Re: [kitten] [EXTERNAL] Re: Windows Intent to rev… Nico Williams
- Re: [kitten] [EXTERNAL] Re: Windows Intent to rev… Andrew Bartlett
- Re: [kitten] [EXTERNAL] Re: Windows Intent to rev… Simo Sorce
- Re: [kitten] [EXTERNAL] Re: Windows Intent to rev… Nico Williams
- Re: [kitten] [EXTERNAL] Re: Windows Intent to rev… Steve Syfuhs (AP)
- Re: [kitten] [EXTERNAL] Re: Windows Intent to rev… Nico Williams
- Re: [kitten] [EXTERNAL] Re: Windows Intent to rev… Nico Williams
- Re: [kitten] [EXTERNAL] Re: Windows Intent to rev… Steve Syfuhs (AP)
- Re: [kitten] [EXTERNAL] Re: Windows Intent to rev… Nico Williams
- Re: [kitten] [EXTERNAL] Re: Windows Intent to rev… Steve Syfuhs (AP)
- Re: [kitten] [EXTERNAL] Re: Windows Intent to rev… Nico Williams
- Re: [kitten] [EXTERNAL] Re: Windows Intent to rev… Nico Williams
- [kitten] Updates to IAKERB (Re: Windows Intent to… Nico Williams
- Re: [kitten] Updates to IAKERB (Re: Windows Inten… Nico Williams
- Re: [kitten] Replacing Kerberos Erin Shepherd
- Re: [kitten] Replacing Kerberos Nico Williams
- Re: [kitten] Replacing Kerberos D.Rogers
- Re: [kitten] Replacing Kerberos Nico Williams
- Re: [kitten] Replacing Kerberos Nico Williams
- Re: [kitten] Replacing Kerberos Erin Shepherd
- Re: [kitten] Replacing Kerberos Watson Ladd
- Re: [kitten] Replacing Kerberos Nico Williams
- Re: [kitten] Replacing Kerberos Simo Sorce