IETF Logo Mail Archive

Re: [OAUTH-WG] New Version Notification for draft-fett-oauth-dpop-03.txt

Filip Skokan <panva.ip@gmail.com> Fri, 22 November 2019 08:04 UTC

Return-Path: <panva.ip@gmail.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E6C301200B5 for <oauth@ietfa.amsl.com>; Fri, 22 Nov 2019 00:04:49 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.997
X-Spam-Level:
X-Spam-Status: No, score=-1.997 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tmQDT8NinmbG for <oauth@ietfa.amsl.com>; Fri, 22 Nov 2019 00:04:47 -0800 (PST)
Received: from mail-ot1-x330.google.com (mail-ot1-x330.google.com [IPv6:2607:f8b0:4864:20::330]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 199C01208F8 for <oauth@ietf.org>; Fri, 22 Nov 2019 00:04:47 -0800 (PST)
Received: by mail-ot1-x330.google.com with SMTP id 94so5422982oty.8 for <oauth@ietf.org>; Fri, 22 Nov 2019 00:04:47 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=TiR9odxSh2MUEi7lG+obngZK4v4pPjXBLZ+07X7pW0E=; b=E6j1OizquW7MDXwqZA5b1GCSxoVlA5+oxtw3jxDWIYZnK/p90MB2WM39H0corDwxOQ UT4ZbqLe57YZ3UM749vCJJ4Z2HpJh/NWS/GaZVERSlrAevEr/2y5tK81hJRjHr+brAxm jRFAvaGAa1OyqEVJHBaMFkz65GibjKr0b5VBtIexnwz9stTVI0xo/GqqiD1uod5vOTjE Z5fyp9EbkxWb1qGB+pfAcSwSwHlpWGTLqOjyElNxPGOWE62Is4qmtttkT8eBfNa4bPXJ a8iYwVAOMRFLN7k095+F/aRBL0w7Wh0zJ2mCz2BRhkwTQiqiLvd6FFvT5ZnCUpodAUyc 6qeA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=TiR9odxSh2MUEi7lG+obngZK4v4pPjXBLZ+07X7pW0E=; b=j3r6x0WA8xwNHmImqN6vsKYSv2RMbn6r4ocVIJxjdF7M78unb/3xo8Cic12jqAO0u9 tkqk7o+4Ko/T/7naM1TkNrb/8yborih1Rjd+R9w4x2FslNR0T06CgkMArkVsALRo9GnC nfOeReT0Q57rQ0PuVDs1dM4cVihxtLzGixU87X4DpJt7vgfS459lp7SUoJftpv+148nS Ixdmdgujx2flbL/LlLWlPiHuA9GZBOcuUZK1lx6NVtKA/FhrzcEv8luAiS5MNJUCHMlC /vz9Zaz2ZvNnuNBH9GE1grsVeKmBJns+6dCU3N8SMm+WDOR9uxYm9rZmh41yRLViKov/ L+zw==
X-Gm-Message-State: APjAAAV5ALBfCq5AJ1T/mhfM5lzZMWsqV6Os5nLLzJwiWAnwCwE7hInV jyYUA+I67g40IOlnvYRT4Its3AAIyrafyrZ/sA==
X-Google-Smtp-Source: APXvYqxL7CV73Kd+nOcrP0jDst49Nk93Jli/MM8tIUvc1h7u57esRiR4qfqr4xmy5m7JCFwvo0N8+HhFhfXxIEvjBBY=
X-Received: by 2002:a9d:5e0f:: with SMTP id d15mr8631478oti.96.1574409886238; Fri, 22 Nov 2019 00:04:46 -0800 (PST)
MIME-Version: 1.0
References: <2EF412B8-AF8C-4642-9BE0-1B528B0C63D5@amazon.com> <288343F2-ACF0-43E0-8577-26AF45330E5C@forgerock.com> <CAD9ie-u_SM+1hRuBWR7zBGSi4Ex59Ht0SzoVTeFuWTRc3cFJXw@mail.gmail.com> <6DECA422-AACC-4DAA-8CD2-FF57CE02DE3E@mit.edu> <0235F8A2-83C4-4804-8805-F50305E263BB@lodderstedt.net>
In-Reply-To: <0235F8A2-83C4-4804-8805-F50305E263BB@lodderstedt.net>
From: Filip Skokan <panva.ip@gmail.com>
Date: Fri, 22 Nov 2019 09:04:34 +0100
Message-ID: <CALAqi_-pFN+WG9hMq4yx91+dyXGFBQVa3x=QkLFZzfn42OgyxQ@mail.gmail.com>
To: Torsten Lodderstedt <torsten=40lodderstedt.net@dmarc.ietf.org>
Cc: Justin Richer <jricher@mit.edu>, oauth <oauth@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000000b140597eade51"
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/Kb1YwFCKpYUW727lK0jakaoxrLI>
Subject: Re: [OAUTH-WG] New Version Notification for draft-fett-oauth-dpop-03.txt
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 22 Nov 2019 08:04:50 -0000

I agree with Torsten,

plus we're getting sender-constrained refresh tokens for said public
clients and SPAs so that the AS doesn't have to (according to the browser
based apps draft) rotate them, we all know the pain SPA developers have
with those.

S pozdravem,
*Filip Skokan*


On Fri, 22 Nov 2019 at 08:54, Torsten Lodderstedt <torsten=
40lodderstedt.net@dmarc.ietf.org> wrote:

>
>
> > On 22. Nov 2019, at 15:24, Justin Richer <jricher@mit.edu> wrote:
> >
> > I’m going to +1 Dick and Annabelle’s question about the scope here. That
> was the one major thing that struck me during the DPoP discussions in
> Singapore yesterday: we don’t seem to agree on what DPoP is for. Some
> (including the authors, it seems) see it as a quick point-solution to a
> specific use case. Others see it as a general PoP mechanism.
> >
> > If it’s the former, then it should be explicitly tied to one specific
> set of things. If it’s the latter, then it needs to be expanded.
>
> as a co-author of the DPoP draft I state again what I said yesterday: DPoP
> is a mechanism for sender-constraining access tokens sent from SPAs only.
> The threat to be prevented is token replay.
>
> The general mechanism for sender constrained access token should be
> TLS-based as recommended by the Security BCP (see
> https://tools.ietf.org/html/draft-ietf-oauth-security-topics-13#section-3.2
> ).
>
> Why: that’s the easiest way from a client developer's perspective.
>
> Application level signatures, on the other hand, are inherently more
> fragile as illustrated by the OAuth 1 experience. They also require
> additional effort (and state) on the server side to implement replay
> detection.
>
> As kind of an entertaining read I added two posts/threads from 2010, when
> this WG discussed whether TLS/SSL should be the primary OAuth 2.0 security
> mechanism.
>
> https://mailarchive.ietf.org/arch/msg/oauth/crVvDNtbdN0E0ccmk5fLdNS66v0
>
> https://mailarchive.ietf.org/arch/browse/oauth/?gbt=1&index=xvlxuly1DjQiZgWZpHwgj7q2k0g
>
> The decision to go with TLS only was, in my opinion, one of the key
> success factors that made OAuth 2 so incredibly successful.
>
> To re-state: From my perspective, DPoP is intended to be used by SPA
> developers only for token replay detection (or better put to provide RSs
> with the pre-requisites to do so).
>
> Why? Because we unfortunately currently lack a TLS-based mechanism for
> sender-constraining.
>
> Building it on asymmetrical crypto only makes it easier to implement and
> to handle than methods based on shared secrets.
>
> I also think we must look for alternative methods to enable TLS-based
> methods in the browser.
>
>
> >
> > I’ll repeat what I said at the mic line: My take is that we should
> explicitly narrow down DPoP so that it does exactly one thing and solves
> one narrow use case. And for a general solution? Let’s move that discussion
> into the next major revision of the protocol where we’ll have a bit more
> running room to figure things out.
> >
> >  — Justin
> >
> >> On Nov 22, 2019, at 3:13 PM, Dick Hardt <dick.hardt@gmail.com> wrote:
> >>
> >>
> >>
> >> On Fri, Nov 22, 2019 at 3:08 PM Neil Madden <neil.madden@forgerock.com>
> wrote:
> >> On 22 Nov 2019, at 01:42, Richard Backman, Annabelle <
> richanna@amazon.com> wrote:
> >>> There are key distribution challenges with that if you are doing
> validation at the RS, but validation at the RS using either approach means
> you’ve lost protection against replay by the RS. This brings us back to a
> core question: what threats are in scope for DPoP, and in what contexts?
> >>
> >> Agreed, but validation at the RS is premature optimisation in many
> cases. And if you do need protection against that the client can even
> append a confirmation key as a caveat and retrospectively upgrade a bearer
> token to a pop token. They can even do transfer of ownership by creating
> copies of the original token bound to other certificates/public keys.
> >>
> >> While validation at the RS may be an optimization in many cases, it is
> still a requirement for deployments.
> >>
> >> I echo Annabelle's last question: what threats are in scope (and out of
> scope) for DPoP?
> >>
> >>
> >> _______________________________________________
> >> OAuth mailing list
> >> OAuth@ietf.org
> >> https://www.ietf.org/mailman/listinfo/oauth
> >
> > _______________________________________________
> > OAuth mailing list
> > OAuth@ietf.org
> > https://www.ietf.org/mailman/listinfo/oauth
>
> _______________________________________________
> OAuth mailing list
> OAuth@ietf.org
> https://www.ietf.org/mailman/listinfo/oauth
>

v2.23.0 | Report a Bug | By Email