[OAUTH-WG] Re: We cannot trust Issuers

Watson Ladd <watsonbladd@gmail.com> Wed, 31 July 2024 17:31 UTC

Return-Path: <watsonbladd@gmail.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DADABC14F60D for <oauth@ietfa.amsl.com>; Wed, 31 Jul 2024 10:31:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.105
X-Spam-Level:
X-Spam-Status: No, score=-2.105 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Jll0OzwHN_gF for <oauth@ietfa.amsl.com>; Wed, 31 Jul 2024 10:31:25 -0700 (PDT)
Received: from mail-wr1-x42b.google.com (mail-wr1-x42b.google.com [IPv6:2a00:1450:4864:20::42b]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5821BC14F5FB for <oauth@ietf.org>; Wed, 31 Jul 2024 10:31:25 -0700 (PDT)
Received: by mail-wr1-x42b.google.com with SMTP id ffacd0b85a97d-368526b1333so773906f8f.1 for <oauth@ietf.org>; Wed, 31 Jul 2024 10:31:25 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1722447083; x=1723051883; darn=ietf.org; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=7dEynmVAaOXyhjSCaRGDsiqxTQmaOnEg89wDNO+b7Uw=; b=C1rIU1As6D4tLchJAoMbXAFwUAqaqYxJzb5wyErM79vYL+NlMZ4QOruIQxJhFyucLU FzbyQw4Ys0v8L9j0PMMOlgddXxkRW+qTKpFGLguhHPss0w2LYHsOQZIZvp+IXMn7pWzk 0at/6ofbmczlnEMGBI0HQlMW20Sp5p40/rzABiFm1pWOo2q7zl36GocnD6PG5gxHsOoj JPycK9m5r7mweHKWZ+1zILPdoRwj4Z5/iYjf5Yb0vQUU0DNKNCg4OkGBtJfOZf5RbzYv tjxSB6tNQOZVN6HQisSfxDbChSKv6GH61VW+Kou2uF2QOvfM5mISfVWTw/pBfEOYXTH7 DBVw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1722447083; x=1723051883; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=7dEynmVAaOXyhjSCaRGDsiqxTQmaOnEg89wDNO+b7Uw=; b=flhlinxCsXCqA2+B3hG9g/g0sfmyeNLaC3AcWrGGZfr9eUrFeBE00ScCX9snSTFk4m p/7YFOMy/VEyL8Fk2uVTEqjU/gLkFF2l+GdFnx0wCV9Y0A54pCzWEGeiOZ9tnE0OlPpj 7BsmsMzzNwrUevK/eflKeQ9xko5o9DhqiaZhxH4z0uYst7UdY6SiU4JHHy3fRVx8qzu+ XD8fGoTmWo71iOu4OvrqLGuQzN6JG+93fGMxNIJuJh8lGwZYcyCPGt+OG4w+sKgvU2/o fvQcVj/VhTVYPglwrhryUES1sPNukBUBEY6JMD6fDl7XzrTNsz4/z8HTBaiClVhugTLL fCpg==
X-Forwarded-Encrypted: i=1; AJvYcCVVu/UJWkmgsyOAgheycvT6/q5JsbFilN4px6g6f+GSnCgtlxAT0iB+CTwJBkSFre4ZFczzoqlZpRFVBmLLGw==
X-Gm-Message-State: AOJu0YwY3taS/ptISRs/7t0hVDOQm8l7oKkAhRQ+QNOmiWvkQ5ruxfli M5n9yejCSVahC5AV7hN6Qys+uDzWpRe+dp4brIUVzrnrpieXqof69Hr3SCl8YoF3zlSaouWI6Yy TfeCb9kdRcu7HAy5aKwAomMtzohY=
X-Google-Smtp-Source: AGHT+IH+opG0By//4fMRKeqCj8qqI4r0QoggmH0igNKFYccTMmUvGABoI31IXB8uxMn8cvf3KMwxXWzQ7X0+iiwxoMA=
X-Received: by 2002:adf:f7c8:0:b0:368:4488:66f8 with SMTP id ffacd0b85a97d-36b8c8fdc35mr4321984f8f.23.1722447083063; Wed, 31 Jul 2024 10:31:23 -0700 (PDT)
MIME-Version: 1.0
References: <CACsn0cmy03viT6wboUZeVu_8Yf-m7As0rxcjpda2W_Xw6ohKNg@mail.gmail.com> <CAANoGhLsm1yqJvKuPEH_is-ep60EVNfLfi17T9M17KJFfAFiNQ@mail.gmail.com> <CACsn0ckXZVPznV8cq4sMm1axCzMfd_M8FQ9BnMa5TTvPgZ8emg@mail.gmail.com> <CAL02cgRPc8Ef8LjL4pNOCOmApSNaCSZSekmxxcps7yAZ6ZhdqA@mail.gmail.com> <c464d1fc1530c267bf9ecc64ef3e5723c171829d.camel@mnt.se> <CA+k3eCQom6=o+fSYWRd+qWZnWqki3Enij1X8tYhn75Ksuz=jvA@mail.gmail.com>
In-Reply-To: <CA+k3eCQom6=o+fSYWRd+qWZnWqki3Enij1X8tYhn75Ksuz=jvA@mail.gmail.com>
From: Watson Ladd <watsonbladd@gmail.com>
Date: Wed, 31 Jul 2024 10:31:11 -0700
Message-ID: <CACsn0cno1Lq5BN0ZwqDdPXrGgjAo_xjVH3mUGJa9CQu_F8Y6wA@mail.gmail.com>
To: Brian Campbell <bcampbell@pingidentity.com>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Message-ID-Hash: D6ZHKRGDULWRPMSINIWV6OBUZAEFASFN
X-Message-ID-Hash: D6ZHKRGDULWRPMSINIWV6OBUZAEFASFN
X-MailFrom: watsonbladd@gmail.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-oauth.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: IETF oauth WG <oauth@ietf.org>
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [OAUTH-WG] Re: We cannot trust Issuers
List-Id: OAUTH WG <oauth.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/-nmcr36-4qg7NuoXhiuP1nwJonQ>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Owner: <mailto:oauth-owner@ietf.org>
List-Post: <mailto:oauth@ietf.org>
List-Subscribe: <mailto:oauth-join@ietf.org>
List-Unsubscribe: <mailto:oauth-leave@ietf.org>

I've opened https://github.com/oauth-wg/oauth-selective-disclosure-jwt/pull/448
as a step torwads this.

On Wed, Jul 31, 2024 at 5:31 AM Brian Campbell
<bcampbell@pingidentity.com> wrote:
>
>
>
> On Tue, Jul 23, 2024 at 11:15 AM Leif Johansson <leifj@mnt.se> wrote:
>>
>> On Mon, 2024-07-22 at 19:43 -0400, Richard Barnes wrote:
>> > I would observe that any solution based on garden-variety digital
>> > signature (not something zero-knowledge like BBS / JWP) will have
>> > problems with issuer/verifier collusion.  One-time tokens and batch
>> > issuance don't help.  There is no such thing as SD-JWT with
>> > issuer/verifier collusion resistance.  At best you could have SD-JWP.
>> >
>> > I don't think this needs to be a blocker on SD-JWT.  There are use
>> > cases that don't require issuer/verifier collusion resistance.  We
>> > should be clear on the security considerations and warn people away
>> > who care about issuer/verifier collusion resistance, and accelerate
>> > work on SD-JWP if that's an important property to folks.
>> >
>>
>>
>> +1 on this
>
>
> I'm generally a +1 on this too.  There is an attempt at a discussion around unlinkablity in the privacy considerations at https://www.ietf.org/archive/id/draft-ietf-oauth-selective-disclosure-jwt-10.html#name-unlinkability currently. Concrete suggestions to that text about how to better frame the risks and difficulties around Issuer/Verifier Unlinkability (perhaps especially with respect to something like a government issuer compelling collusion from verifiers) would be welcome for consideration.
>
> CONFIDENTIALITY NOTICE: This email may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited.  If you have received this communication in error, please notify the sender immediately by e-mail and delete the message and any file attachments from your computer. Thank you.



-- 
Astra mortemque praestare gradatim