IETF Logo Mail Archive

Re: [kitten] SCRAM and draft-ietf-kitten-tls-channel-bindings-for-tls13

Ludovic BOCQUET <lbxmpp@live.com> Tue, 25 May 2021 18:37 UTC

Return-Path: <lbxmpp@live.com>
X-Original-To: kitten@ietfa.amsl.com
Delivered-To: kitten@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D9DF83A18DC for <kitten@ietfa.amsl.com>; Tue, 25 May 2021 11:37:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.102
X-Spam-Level:
X-Spam-Status: No, score=-0.102 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HK_RANDOM_ENVFROM=0.998, HK_RANDOM_FROM=0.998, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=live.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tWAOs3XW52qU for <kitten@ietfa.amsl.com>; Tue, 25 May 2021 11:37:38 -0700 (PDT)
Received: from NAM12-BN8-obe.outbound.protection.outlook.com (mail-bn8nam12olkn2091.outbound.protection.outlook.com [40.92.21.91]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 33A293A18E0 for <kitten@ietf.org>; Tue, 25 May 2021 11:37:38 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=ee7vdHmqdLndZesFLpH+GeZ9fslXy9M1WgFzBfPT2meTXk9e2A6N+As3jBXKdRwJ7H+Y/rqw6GuDFZakXxr9NfC8VZPjblPPy94U4GcrVH6rJUw8RQx0BQDfEMzzU0K13el+DkQhW1LyllTzh9OGqEKwbkTvJI/uYEV6NBuQ7QrYo11fiKLKBzicQOgLoZ9fbSXrbHDK0koep83C/n/8YkYJgCtuXvc+hBWmbSw0BKJCq4EtkzcpgWvaAY83lyFZxIJhOeoiOT0DmDxaX5GionoPDDern6iQzCtdgZoBedD9kFD1vilP/ER/9ZBxFG59pDQLhzI3URiQbYTHryMxwg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=MklywWL7q7RJvN50bseZkaKRR7tobhKSsgsp55Yqok8=; b=HpjebssQnsbWFSTxNqpcezFChVNvntefxnrJaqzinadMg50K7QSLP0rrgjRR253HzhLnA3R/DqkFBC0XuY7ZIyz1h5mYdPQ60TQiGZck35gi9QQzNNpFge5GGbgYEM5BsCWBO3HUK9NmyANS8zaZadBr6saVpI2VhYvy9ahAkO5nnDDSohaXaXPzd9ABrhpBdffckyjC4grY5dmlHO6+uGNDPKnvXufpSzVbehYXDErWydYtSpzIUYvzDnSOxPdfu9BUeta9ZfYjw7emKiGZlCvAvgwdm5X+4lTdd+bMyDGbZWj0EqFf7HQkbZHgCWbQ0yM8B/RR8zDhxC7B/kDEhg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none; dkim=none; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=live.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=MklywWL7q7RJvN50bseZkaKRR7tobhKSsgsp55Yqok8=; b=daH5c5iCjMnN8pkLjT4zX3pbZ4V/7Ot2IqHR5g/5rk+0X2bAn20ytxKbmhJgmaVBzwxMzVKL5uSo0BxQOTobDIxG7rBlsl4HKjZA7k3nv+w0gDbKwb3AWufuhcLY5ES4TJ5vpuQhV7Q5H4K/tCMHBb26+x3EcXy/Yq5eRl3PTQbcihrI6IeerxjY0/7kW8DcguE6NQTEM6viYzP5x3XH1DID6uOFlYd27FuvXdeV22jDhTBshJ9ZA9kv65l9vyz/ho1LPqslkMg8EyOFWAucpSW10nbLDzS+VPm2boAxbEi/+d6fE9xvXV79SpEiRa6NrGX6QXG7ZDn++P+Cu0yfTQ==
Received: from DM6NAM12FT050.eop-nam12.prod.protection.outlook.com (2a01:111:e400:fc64::4c) by DM6NAM12HT167.eop-nam12.prod.protection.outlook.com (2a01:111:e400:fc64::259) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4150.11; Tue, 25 May 2021 18:37:33 +0000
Received: from DM5PR14MB1308.namprd14.prod.outlook.com (2a01:111:e400:fc64::4d) by DM6NAM12FT050.mail.protection.outlook.com (2a01:111:e400:fc64::215) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4150.11 via Frontend Transport; Tue, 25 May 2021 18:37:33 +0000
Received: from DM5PR14MB1308.namprd14.prod.outlook.com ([fe80::91ce:2aa0:4dd9:a8b3]) by DM5PR14MB1308.namprd14.prod.outlook.com ([fe80::91ce:2aa0:4dd9:a8b3%8]) with mapi id 15.20.4129.036; Tue, 25 May 2021 18:37:33 +0000
From: Ludovic BOCQUET <lbxmpp@live.com>
To: Simon Josefsson <simon=40josefsson.org@dmarc.ietf.org>, Alexey Melnikov <alexey.melnikov@isode.com>
CC: KITTEN Working Group <kitten@ietf.org>
Thread-Topic: [kitten] SCRAM and draft-ietf-kitten-tls-channel-bindings-for-tls13
Thread-Index: AQHXIzylrNZgzT6xskWI8z4wz8W8uarzHxeAgAATP3GAAbAcxg==
Importance: high
X-Priority: 1
Date: Tue, 25 May 2021 18:37:33 +0000
Message-ID: <DM5PR14MB1308C899E6C6FF6E26436DA3B8259@DM5PR14MB1308.namprd14.prod.outlook.com>
References: <874kgztvs4.fsf@latte.josefsson.org> <313a79cb-b58e-4098-b79e-2030c4e77c15@www.fastmail.com> <87v99cs9cb.fsf@latte.josefsson.org> <d0100358-5870-5ca0-6b8f-9f3c94edce25@isode.com>, <87sg2c5bbt.fsf@latte.josefsson.org>
In-Reply-To: <87sg2c5bbt.fsf@latte.josefsson.org>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-incomingtopheadermarker: OriginalChecksum:974174528926746A737D16AC75F956FF1F547608ED6DCDCF9569ECFCDB0325F9; UpperCasedChecksum:382486798964221F36EE23248877D418A9F9E2FD8F7BC751FC96A05F043ED1F2; SizeAsReceived:7154; Count:47
x-ms-exchange-messagesentrepresentingtype: 1
x-tmn: [WZvS2f6Nnxvz/6WIVfiJmVma0WhFc35C]
x-ms-publictraffictype: Email
x-incomingheadercount: 47
x-eopattributedmessage: 0
x-ms-office365-filtering-correlation-id: 4fa22bb9-f86f-444b-bc66-08d91fac2910
x-ms-traffictypediagnostic: DM6NAM12HT167:
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: HupONFM/BHAQMIgqQWZsB5Ef/HgN/ZntvlAbNTCp6iLIZx6vHslELQAMoLJ8LoWAQDEDamUVEDc10FudZvpaFutMxGfaCDI4ZAfMpN7kMmEOfYyfHQLC+KzIBWxYpelLQiikXWd9s++v/VzCzp/s1hhU8OySfCT9jRYxoGnAMnufIV4wRM+yA144IkjypAdOYBiH81kjLRBug4a1QtVMBn93AW0+WioODSmCvVv9xn+UHm29JANFIOTR9q25JiaJ3MK+AvCPVOQYC8BObNzdFqbv3M1zsMSFoqldxgekD8A/PjCWLpdRjsIAhT9YyoYI20l6GkZFYon6GGz3IYA64SeFeySPhxCOtKLU0kkkP8nTFMKlteOj++WAWIsrETtGTdddEw1VWLlscoRQpZRz33RRZS7LB/0mHN3xdrbsor1ISKKuULVbbv7j4kQZv5tlt3yLD6Q7Q6ccoFZXjOBPIebL8HSLFxvCM9HEecvP+6k=
x-ms-exchange-antispam-messagedata: KoJyW+l4iXdj2rI7ylWd9b+Mp67j4lrgwL5z+6siXxoX9oLssqn9StmMzHsgJ/RB+CK9eA09v+lf3KtTqNzBajbiUaXaPJAo0zCjlM7kp9VahDNupPkeInrU51UqMvzUPmGfn782bfVsHAzuZLayUg==
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_DM5PR14MB1308C899E6C6FF6E26436DA3B8259DM5PR14MB1308namp_"
MIME-Version: 1.0
X-OriginatorOrg: live.com
X-MS-Exchange-CrossTenant-AuthAs: Anonymous
X-MS-Exchange-CrossTenant-AuthSource: DM6NAM12FT050.eop-nam12.prod.protection.outlook.com
X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 00000000-0000-0000-0000-000000000000
X-MS-Exchange-CrossTenant-Network-Message-Id: 4fa22bb9-f86f-444b-bc66-08d91fac2910
X-MS-Exchange-CrossTenant-originalarrivaltime: 25 May 2021 18:37:33.2484 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Internet
X-MS-Exchange-CrossTenant-id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa
X-MS-Exchange-CrossTenant-rms-persistedconsumerorg: 00000000-0000-0000-0000-000000000000
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6NAM12HT167
Archived-At: <https://mailarchive.ietf.org/arch/msg/kitten/zqMw-i9KgAITHGoWCDlPmfdNJ1g>
Subject: Re: [kitten] SCRAM and draft-ietf-kitten-tls-channel-bindings-for-tls13
X-BeenThere: kitten@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Common Authentication Technologies - Next Generation <kitten.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/kitten>, <mailto:kitten-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/kitten/>
List-Post: <mailto:kitten@ietf.org>
List-Help: <mailto:kitten-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/kitten>, <mailto:kitten-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 25 May 2021 18:37:43 -0000

Thanks Simon to confirm my remark about "RFC5929" that I have said here:

  *   https://mailarchive.ietf.org/arch/msg/kitten/sN0K0gROlztsQhHwoz2Ydxp4EFg/

Can you look my other points too?

Thanks in advance.

Regards,

BOCQUET Ludovic

________________________________
From: Kitten <kitten-bounces@ietf.org> on behalf of Simon Josefsson <simon=40josefsson.org@dmarc.ietf.org>
Sent: Monday, May 24, 2021 4:46 PM
To: Alexey Melnikov <alexey.melnikov@isode.com>
Cc: KITTEN Working Group <kitten@ietf.org>
Subject: Re: [kitten] SCRAM and draft-ietf-kitten-tls-channel-bindings-for-tls13

Alexey Melnikov <alexey.melnikov@isode.com> writes:

> Hi Simon/Sam,
>
> Picking up an old thread that you had in March 2021:
>
> On 27/03/2021 19:08, Simon Josefsson wrote:
>> "Sam Whited" <sam@samwhited.com> writes:
>>
>>> I don't really know what "Updates" means in this context, so I just put
>>> an RFC that uses tls-unique. The point wasn't so much that it changes
>>> any normative text, but that this document should be discoverable from
>>> 5802 so that if you read "tls-unique" then go up to the top and see
>>> "Updated by <new TLS 1.3 unique CB RFC>" you have a chance at finding
>>> and implementing this instead.
>> That makes sense, but to me it isn't clear how I would actually
>> implement SCRAM (or GS2) when your draft is approved.  Are you
>> suggesting to replace tls-unique with something else?  There seems to be
>> some guidance missing.  There is backwards compatibility concerns with
>> changing the default channel binding.
>
> After thinking about this with my implementor's hat on, I agree. This
> new requirement can be either in SCRAM update (if we ever do one) or
> this document. Adding it to this document seems quicker (and also the
> right thing) to me. Maybe as a strawman proposal:
>
>   When a client/server implementation supports TLS 1.3 and
> SCRAM-*-PLUS, require support for "tls-exporter". Leave "tls-unique"
> as mandatory-to-implement for older versions of TLS.
>
> What do you think?

I think this is reasonable.  TLS 1.3 does not support tls-unique, so
SCRAM-PLUS under TLS 1.3 is not well specified today.

I believe the document should have a 'Updates: RFC 5929' too.

Another thing that could be lifted from
https://datatracker.ietf.org/doc/html/draft-josefsson-sasl-tls-cb-02
would to add the following to the Security Considerations:

   The derived data MUST NOT be used for any other purpose than channel
   bindings as described in [RFC5056].

/Simon

>
> Best Regards,
>
> Alexey
>
>> /Simon
>>
>>> On Thu, Mar 25, 2021, at 05:41, Simon Josefsson wrote:
>>>> Thanks for draft-ietf-kitten-tls-channel-bindings-for-tls13!  It is
>>>> not clear to me that it would actually modify anything for SCRAM/GS2,
>>>> would it?  Those documents still reference 'tls-uniqe' and things will
>>>> still be broken, as far as I can tell.  Should the new draft update
>>>> the SCRAM/GS2 specs?  I believe the channel binding flexibility in
>>>> SCRAM/GS2 has been one complexity that has prevented adoption, but
>>>> solving that may be too late but we may be able to solve the security
>>>> issues.  I see that there is an 'Updates: 5802' but I can't find any
>>>> text describing what is intendted to be changed.
>>>>
>>>> _______________________________________________
>>>> Kitten mailing list
>>>> Kitten@ietf.org
>>>> https://www.ietf.org/mailman/listinfo/kitten
> _______________________________________________
> Kitten mailing list
> Kitten@ietf.org
> https://www.ietf.org/mailman/listinfo/kitten
>

v2.23.0 | Report a Bug | By Email