[OAUTH-WG] Re: Call for adoption - PIKA

Giuseppe De Marco <demarcog83@gmail.com> Thu, 27 June 2024 00:21 UTC

Return-Path: <demarcog83@gmail.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 155B5C180B4A for <oauth@ietfa.amsl.com>; Wed, 26 Jun 2024 17:21:18 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.856
X-Spam-Level:
X-Spam-Status: No, score=-1.856 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id I7HwFhIzAzjb for <oauth@ietfa.amsl.com>; Wed, 26 Jun 2024 17:21:14 -0700 (PDT)
Received: from mail-ed1-x533.google.com (mail-ed1-x533.google.com [IPv6:2a00:1450:4864:20::533]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 12D0BC169415 for <oauth@ietf.org>; Wed, 26 Jun 2024 17:21:14 -0700 (PDT)
Received: by mail-ed1-x533.google.com with SMTP id 4fb4d7f45d1cf-57d203d4682so1162250a12.0 for <oauth@ietf.org>; Wed, 26 Jun 2024 17:21:13 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1719447672; x=1720052472; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=XR9sAqHDDlDxerG5Ub9fnTmzd5bRGTwnqkD2u+Nb1x4=; b=hoPhkglybgHouktQ4yLA97XsOmanFmCjnIwlzzUzyCRKy0uFCYHpQCWmgFWL8UNSiC 5lu1TwBP+yedGoW3Rl5oyCj0mdDRyW915j10kjL+ngh3IwVOjKQMrfM7tgxpjmPslx+O 3mrHxZAOJk7ttnkX5XPSHOAsZ2CjX+XZOKlS2A1GTO0rQhuTS0HltzAL8o9diY7BgSbM 9KEHGFCLM6CLM5JqDFW0tBHmHoNipkKE0sSTTds1gWCvNSXUwwczmlf3n0MFgsETfwbd /Mj3zoQsGDyp989RPoXrH7FAvph5ImkLOxEzQ7ng9GhyGHC2o7DDaFZuPoCBpxUrrkre ShRQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1719447672; x=1720052472; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=XR9sAqHDDlDxerG5Ub9fnTmzd5bRGTwnqkD2u+Nb1x4=; b=ucoClH4OtnONb8Mx9QbI0050LlNqKWi8BLsPkFlCqdn3eN/6JrIfSVp6bLH4zgs+jg CmnjZbj73oyt74UAGq0g9qZ8SybEqg2tdiq2G3Fs3EhXYalloqpg5Aon2fUeikumDYru WW7Ny2L8Na3l+Uzz4PiaogcxnACzI/AVJPIdS8G5Oxh/TByDgufNXGvj9xuNWS5lTpKg g0FvKydMxC+B2c6yP+ZAD1upooyBuJfME1yMyeSRAprl3gEU9a/sjBV4YaBqjaxWyDXX aGEIDva0San1Q36PUTdUIRO2J9sOdcZIwQHjumpmiAPeOqK+9vJS56I+cha/3HhJ5ZQR 33Zg==
X-Gm-Message-State: AOJu0YxQ4dub3x27NYkTuTsTkO6umhNoD+QkcMFnW+fLk6v16RM+MDzm KxzIb+iU/Q28ahoLgoun9oTvMD4/g6UFvvqzJoijjil78cQ6ShiUzZTWIRfXT9ahcOK3lJUosMy /lvkKmYvkxAd5ExflAcumrGpmf5ss/y/9
X-Google-Smtp-Source: AGHT+IF5zo4f5/RAXJPpGm82noKMacp/JuFWCrxAbyiUWje4+SrbQGGlrbxRrs3z9/IK75J9vbcuMf/M34XCROZrWSA=
X-Received: by 2002:a50:aa9d:0:b0:57d:ef3:c3b7 with SMTP id 4fb4d7f45d1cf-57d4580ab11mr9147026a12.36.1719447671437; Wed, 26 Jun 2024 17:21:11 -0700 (PDT)
MIME-Version: 1.0
References: <CADNypP9GmF4vp1uzLXK0YYZAHUDjK7RHbhEb4MCXkB7N3Oq4+w@mail.gmail.com> <CAL02cgQYom9P+yGMODkHNE125mZnQxRdUTNQbP4ck4y48cgGTA@mail.gmail.com> <SJ0PR02MB7439E4391F43BC7D045859F2B7D52@SJ0PR02MB7439.namprd02.prod.outlook.com> <CACsn0cnW-N984ErjkLiqGx014GikupYWEJ-VPhOg7oD3Vaa=bQ@mail.gmail.com> <CAOgPGoCZ95hhj5KNQVpAB8d4nfOEXY=ozwNmj690k9iepXjcfA@mail.gmail.com> <CAFje9PhELRPFQux6ffaOtyXDw0xnqF=ijZo74UwTXTZ3E8ECOw@mail.gmail.com> <CAEM=y+VuRjXY0xt3R3HsmZJamg=r=+qhyoO2vqRog=ta_8u+ow@mail.gmail.com>
In-Reply-To: <CAEM=y+VuRjXY0xt3R3HsmZJamg=r=+qhyoO2vqRog=ta_8u+ow@mail.gmail.com>
From: Giuseppe De Marco <demarcog83@gmail.com>
Date: Thu, 27 Jun 2024 02:20:59 +0200
Message-ID: <CAP_qYy=WiSfZ8Bh=eUU_8FR816+SY2ziA9zEdaocZp0qhAyhcg@mail.gmail.com>
To: Ethan Heilman <eth3rs@gmail.com>
Content-Type: multipart/alternative; boundary="000000000000aa8294061bd41b3c"
Message-ID-Hash: 3D6FY4G3ROSQYIN4QCIMTXDUPYXU4OX4
X-Message-ID-Hash: 3D6FY4G3ROSQYIN4QCIMTXDUPYXU4OX4
X-MailFrom: demarcog83@gmail.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-oauth.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: oauth <oauth@ietf.org>
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [OAUTH-WG] Re: Call for adoption - PIKA
List-Id: OAUTH WG <oauth.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/FkJ-SrPDXm_abtRFmgTvdA_MFXQ>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Owner: <mailto:oauth-owner@ietf.org>
List-Post: <mailto:oauth@ietf.org>
List-Subscribe: <mailto:oauth-join@ietf.org>
List-Unsubscribe: <mailto:oauth-leave@ietf.org>

Hi Ethan,

I have experience implementing LDAP clients with SASL and SSL, SAML2 SP,
IDP, MDQ, as well as OpenID Connect RP, OP, and RS. It's clear that X.509
is foundational to our digital infrastructure, making implementation
straightforward due to the widespread availability of supporting libraries.

However, X.509 has not addressed all issues; it would be unwise to ignore
its limitations and pretend it fits all needs perfectly.

I can be an advocate for PIKA and am eager to delve deeper into the
technical trust requirements envisioned by the PIKA working group
participants. A new specification should aim to tackle the unresolved
issues.

Consider this real-world example to illustrate a point: Space Attack
Spoofing eIDs [1]. The article highlights a vulnerability due to the lack
of mechanisms for validating endpoints, which opens the door to
Man-in-the-Middle (MITM) attacks through spoofing.

>From my perspective, part of the solution lies in the trust framework
employed. Even with a vulnerability at one point, having trusted endpoints
could prevent the attack's success. If endpoints were cryptographically
attested through verifiable metadata certified by a trusted third party, or
through a trusted distribution method or trusted policy processing, the
attack would likely fail. The attacker would not be able to redirect data
to fraudulent endpoints.

Regardless of the technology, data format, or other elements used, these
may not align with our personal preferences or comfort levels, I am
interested in discussing the level of technical trust evaluation we aim to
incorporate into PIKA. Specifically, which problems are we aiming to solve,
and which are we deliberately excluding from the scope of this new
specification.

When selecting a technology for implementation, it is essential to assess
whether it addresses real-world challenges effectively. I am here to
investigate if PIKA meets these criteria currently or in the foreseeable
future, and to understand the roadmap for its development, if available.
This evaluation is vital for trusting a specification.

I was too verbose, I am sorry.
Giuseppe

[1]
https://ctrlalt.medium.com/space-attack-spoofing-eids-password-authenticated-connection-establishment-11561e5657b1

Il giorno mer 26 giu 2024 alle ore 19:08 Ethan Heilman <eth3rs@gmail.com>
ha scritto:

> I strongly support this draft and would have immediate uses for PIKA
> if standardized.
>
> As someone who builds OIDC relying party software I am not worried
> about the X.509 certificate requirement, nor do I consider dependence
> on X.509s or the Web PKI to be an onerous requirement. I already have
> to deal with parsing and creating X.509 certificates in my relying
> party software.
>
> Given that JWK Set URI's use the Web PKI to authenticate the JWKs they
> serve via HTTPS, it only seems natural we would use that very same
> system, the Web PKI, to authenticate JWKs directly.
>
> Thanks,
> Ethan
>
>
> On Tue, Jun 25, 2024 at 8:46 PM Kristina Yasuda
> <yasudakristina@gmail.com> wrote:
> >
> > Sorry to chime in late as well…
> > I support adoption of this draft. I have read the thread and to me it
> seems like there is a mechanism being proposed that solved a concrete
> problem in a simple manner. Some of the discussion can happen after the
> draft is adopted.
> > Best,
> > Kristina
> >
> >
> > On Wed, Jun 26, 2024 at 7:49 AM Joseph Salowey <joe@salowey.net> wrote:
> >>
> >> Sorry to chime in late here. I'm in favor of adopting this draft.
> While I realize that X.509 isn't for everyone, there is an established
> community of users out there that overlaps with OAUTH users.  I think there
> are needs to both separate the distribution of the keys from the
> establishment of trust in those keys and in the auditability of the process
> of distribution.  I think this draft establishes a deployable mechanism
> based on existing technology.  X.509 is a good starting point and
> additional mechanisms can be added as needed.
> >>
> >> Cheers,
> >>
> >> Joe
> >>
> >> On Tue, Jun 25, 2024 at 3:12 PM Watson Ladd <watsonbladd@gmail.com>
> wrote:
> >>>
> >>> On Tue, Jun 25, 2024 at 2:56 PM Michael Jones
> >>> <michael_b_jones@hotmail.com> wrote:
> >>> >
> >>> > The other critique I voiced of the approach is that the
> application-level X.509 certificate can be used to secure the HOST part of
> the issuer, but not the entire issuer, since in general, the issuer will
> contain a PATH.  Yes, the service hosting the issuers controls all the
> paths, as Richard replied earlier, but it’s not the service who is the
> attacker that this enables.  The attackers that not securing the PATH
> enables are the tenants themselves.
> >>> >
> >>> >
> >>> >
> >>> > An attacker could host a tenant at the service and get an X.509
> certificate securing the HOST part of its issuer.  However, because a
> legitimate tenant at another path shares the same HOST, the attacker can
> copy its X.509 certificate chain and utilize a substitution attack to make
> unauthorized statements about the victim tenant – statements that were not
> made by the hosting service.
> >>> >
> >>> >
> >>> >
> >>> > This attack was not addressed, and I believe is intrinsic to the
> decision not to protect the entire issuer value.
> >>> >
> >>> >
> >>> >
> >>> > I believe that adopting this draft would result in this attack
> occurring in practice.
> >>>
> >>> To be clear, drafts get modified by the WG after adoption so adoption
> >>> is not the same thing as WGLC.
> >>>
> >>> However, I'm not sure I understand your attack scenario. If we have a
> >>> "tenant" distinguished by a path, there is already a security issue
> >>> with giving it the X509 certificate. It could then imitate any other
> >>> tenant on that server already. That's why we use reverse proxies and
> >>> put the certificate only on the proxying machines.
> >>>
> >>> Sincerely,
> >>> Watson
> >>>
> >>>
> >>>
> >>> --
> >>> Astra mortemque praestare gradatim
> >>>
> >>> _______________________________________________
> >>> OAuth mailing list -- oauth@ietf.org
> >>> To unsubscribe send an email to oauth-leave@ietf.org
> >>
> >> _______________________________________________
> >> OAuth mailing list -- oauth@ietf.org
> >> To unsubscribe send an email to oauth-leave@ietf.org
> >
> > _______________________________________________
> > OAuth mailing list -- oauth@ietf.org
> > To unsubscribe send an email to oauth-leave@ietf.org
>
> _______________________________________________
> OAuth mailing list -- oauth@ietf.org
> To unsubscribe send an email to oauth-leave@ietf.org
>