Re: [OAUTH-WG] [oauth] Re: Consideration about oauth_verifier
Ethan Jewett <esjewett@gmail.com> Fri, 25 September 2009 18:14 UTC
Return-Path: <esjewett@gmail.com>
X-Original-To: oauth@core3.amsl.com
Delivered-To: oauth@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 5D55D3A6A7E for <oauth@core3.amsl.com>; Fri, 25 Sep 2009 11:14:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.299
X-Spam-Level:
X-Spam-Status: No, score=-2.299 tagged_above=-999 required=5 tests=[AWL=-0.300, BAYES_00=-2.599, J_CHICKENPOX_23=0.6]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kJ+PT95y1PLT for <oauth@core3.amsl.com>; Fri, 25 Sep 2009 11:14:45 -0700 (PDT)
Received: from mail-vw0-f196.google.com (mail-vw0-f196.google.com [209.85.212.196]) by core3.amsl.com (Postfix) with ESMTP id 474863A6A7A for <oauth@ietf.org>; Fri, 25 Sep 2009 11:14:45 -0700 (PDT)
Received: by vws34 with SMTP id 34so2004303vws.32 for <oauth@ietf.org>; Fri, 25 Sep 2009 11:15:53 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :date:message-id:subject:from:to:cc:content-type; bh=BR8syKDcSvvREycYjnnkVWG3MexhskH3r02EqG8IEtA=; b=ZYau/0I2Ls6TGz2Fu7gx28gIfMuvpW3WPQBor2oeZ7xFZqy2FlZ45f5fbsKyAy56DU 3SyexJNZkq3lAs44a/B+WRrQIGYZREPNELcXP36P0Eg1gXhfaGvkN0oUNWVYBI1a2gKz XcrB2jERamwf66sYtDJXRkYfe6jaSDPVm6OZU=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; b=d4OA+UQaFwixzLTp1WVNseasSvAy9cSE3LGjSdWHJRY4Z/6GteDcmqV/lSyJTbkbzD 4oRcxYxk/VB8BEB7m6NF2SAPTsuBzkqpwwAjBVIF+EpGYxIQNtnif0f+pyCzpi/hHbod cJZL6/nk/6eQdpjK6sh5qEFjJFaVrHVsrFBOI=
MIME-Version: 1.0
Received: by 10.220.78.205 with SMTP id m13mr795754vck.61.1253902552742; Fri, 25 Sep 2009 11:15:52 -0700 (PDT)
In-Reply-To: <f98165700909251103k41f728d2y7fd3058c0dd828e2@mail.gmail.com>
References: <5ad3ea8b-1c05-471d-8c77-2d3404302623@l34g2000vba.googlegroups.com> <29fb00360909250848k722c308dv2ec1f76b5f1e104d@mail.gmail.com> <68f4a0e80909251039h1dd3f2e4ud33a27c3982cc371@mail.gmail.com> <f98165700909251103k41f728d2y7fd3058c0dd828e2@mail.gmail.com>
Date: Fri, 25 Sep 2009 13:15:52 -0500
Message-ID: <68f4a0e80909251115j556c73e0yd9166afe9ef50e4e@mail.gmail.com>
From: Ethan Jewett <esjewett@gmail.com>
To: oauth@googlegroups.com, oauth@ietf.org
Content-Type: text/plain; charset="ISO-8859-1"
Subject: Re: [OAUTH-WG] [oauth] Re: Consideration about oauth_verifier
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 25 Sep 2009 18:14:46 -0000
Hi Breno, True, and I'd forgotten about that nuance.So I suppose consumers/clients should no longer relying on cookies at their callback URLs, but actually requiring the user to log in again over a protected connection (outside of the OAuth flow). I'm starting to think that there might not be enough guidance on this topic in the actual spec as there are a lot of places that a client/consumer implementor can still go wrong and appear to be in compliance. I'm cc'ing the IETF list, as it seems that would be the forum to get further guidance into the spec. Ethan On Fri, Sep 25, 2009 at 1:03 PM, Breno <breno.demedeiros@gmail.com> wrote: > Hi Ethan, > > I agree with the assessment, i.e., that XSRF protections can in theory > prevent against interception attacks. In practice, however, a MitM attacker > would typically have access to cookies and so in practice would 'own' the > user's account at the consumer already. No matter how you look at it, a MitM > attacker is too powerful a scenario. > > On Fri, Sep 25, 2009 at 10:39 AM, Ethan Jewett <esjewett@gmail.com> wrote: >> >> Hi Breno and Simone, >> >> I disagree. I believe that in order to perform a MITM attack against >> properly implemented 1.0a, the MITM would need to intercept the >> response *and* be able to prove to the consumer that it is the user >> that originally requested access. In other words, it would have to >> already own the user account on the consumer, meaning that a MITM >> attack would not be necessary at all. >> >> By "properly implemented", I mean that the consumer application checks >> that the user who is redirected back to the consumer is the same user >> that initiated the authentication request, usually by requiring the >> user to be logged in at the callback URL. >> >> Looking back at the spec, this is probably not clear in the body of >> the spec, but is addressed in the security considerations section. For >> example: >> http://tools.ietf.org/html/draft-ietf-oauth-web-delegation-01#section-8.6 >> >> Ethan >> >> On Fri, Sep 25, 2009 at 10:48 AM, Breno de Medeiros <breno@google.com> >> wrote: >> > >> > Hi Simone, >> > >> > Yes, interception is possible. Note, however, that the URL to return >> > the user to is signed in the consumer's initial request, so it is not >> > possible to mis-direct the user. So to intercept the response the >> > attacker needs to perform a Man-in-the-Middle attack. Typical >> > protections against MitM can then be used (e.g., use SSL at the >> > provider and consumer endpoints). >> > >> > >> > >> > On Fri, Sep 25, 2009 at 7:46 AM, Simone <simonx287@hotmail.com> wrote: >> >> >> >> Hi. I would ask you a thing about the unguessable parameter >> >> oauth_verifier. >> >> In the attack at the core 1.0 specification the intruder not have to >> >> intercept anything but only constructs a link for the victim. >> >> In the new version of the protocol core 1.0A, when the service >> >> provider redirects the user to the consumer with the parameter >> >> oauth_verifier, if an intruder intercepts this message with the >> >> oauth_verifier, since the message is in clear, cannot the intruder use >> >> the oauth_verifier and come back him to the consumer for continue a >> >> previous session of the protocol, realizing an attack similar to the >> >> that found in the core 1.0 specification? Is there the assumption that >> >> the message in the redirection (from the user to the consumer) is not >> >> intercepted? >> >> Sure the attack is more difficult than the first one because now are >> >> need some interceptions, but is possible, or not? >> >> > >> >> >> > >> > >> > >> > -- >> > --Breno >> > >> > +1 (650) 214-1007 desk >> > +1 (408) 212-0135 (Grand Central) >> > MTV-41-3 : 383-A >> > PST (GMT-8) / PDT(GMT-7) >> > >> > > >> > >> >> > > > > -- > Breno de Medeiros > > > --~--~---------~--~----~------------~-------~--~----~ > You received this message because you are subscribed to the Google Groups > "OAuth" group. > To post to this group, send email to oauth@googlegroups.com > To unsubscribe from this group, send email to > oauth+unsubscribe@googlegroups.com > For more options, visit this group at > http://groups.google.com/group/oauth?hl=en > -~----------~----~----~----~------~----~------~--~--- > >
- Re: [OAUTH-WG] [oauth] Re: Consideration about oa… Ethan Jewett