Re: [OAUTH-WG] draft-campbell-oauth-tls-client-auth-00 feedback
Sean Leonard <dev+ietf@seantek.com> Thu, 17 November 2016 00:51 UTC
Return-Path: <dev+ietf@seantek.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 586E9129606 for <oauth@ietfa.amsl.com>; Wed, 16 Nov 2016 16:51:31 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VCi6YYrtVbsF for <oauth@ietfa.amsl.com>; Wed, 16 Nov 2016 16:51:23 -0800 (PST)
Received: from mxout-07.mxes.net (mxout-07.mxes.net [216.86.168.182]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 222471295D6 for <oauth@ietf.org>; Wed, 16 Nov 2016 16:51:22 -0800 (PST)
Received: from dhcp-898b.meeting.ietf.org (unknown [31.133.137.139]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by smtp.mxes.net (Postfix) with ESMTPSA id D29A022E253; Wed, 16 Nov 2016 19:51:15 -0500 (EST)
Content-Type: multipart/alternative; boundary="Apple-Mail=_20357369-F08F-4AC3-860A-94D1A49D119F"
Mime-Version: 1.0 (Mac OS X Mail 9.3 \(3124\))
From: Sean Leonard <dev+ietf@seantek.com>
In-Reply-To: <CA+k3eCS6H1OL2B+gRbAhHNwk5f+QQk5R2my49mpTVJZ+9BSMUQ@mail.gmail.com>
Date: Thu, 17 Nov 2016 09:51:20 +0900
Message-Id: <97B6E31A-4B35-4CC4-B409-66C64A11A07D@seantek.com>
References: <6021A3BB-356B-4A02-AF0A-C6E8A0166609@seantek.com> <CA+k3eCS6H1OL2B+gRbAhHNwk5f+QQk5R2my49mpTVJZ+9BSMUQ@mail.gmail.com>
To: Brian Campbell <bcampbell@pingidentity.com>
X-Mailer: Apple Mail (2.3124)
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/ovgMw-Wepp32Xh29xeyXiYV23i0>
Cc: oauth <oauth@ietf.org>
Subject: Re: [OAUTH-WG] draft-campbell-oauth-tls-client-auth-00 feedback
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 17 Nov 2016 00:51:31 -0000
> On Nov 17, 2016, at 8:17 AM, Brian Campbell <bcampbell@pingidentity.com> wrote: > > inline... > > On Wed, Nov 16, 2016 at 1:47 AM, Sean Leonard <dev+ietf@seantek.com <mailto:dev+ietf@seantek.com>> wrote: > Hello OAuth folks: > > I have some feedback about draft-campbell-oauth-tls-client-auth-00. Overall I think it is a good, concise effort, and should be adopted as a WG item. Sorry that it didn’t get addressed in the WG meeting. > > Thanks Sean. Some things at the WG meeting ran long and it fell off the back of the list. The slides that would have been presented are in the meeting materials https://www.ietf.org/proceedings/97/slides/slides-97-oauth-sessb-tls-client-auth-00.pdf <https://www.ietf.org/proceedings/97/slides/slides-97-oauth-sessb-tls-client-auth-00.pdf> if anyone wants to take a look (there's not a whole lot to them though). > > > Section 1 mentions “shared secret” as the default in OAuth 2.0, but this draft provides an alternative that (implicitly) does not require a shared secret between the client and server components. However, this draft does not elaborate on the advantages of avoiding shared secrets: the advantages should be addressed in Section 1 or in the Security Considerations. In particular, a lot of enterprise scenarios seem to do intentional man-in-the-middle attacks (aka endpoint termination) for “logging” and “auditing” purposes: see the IETF 97 TLS WG meeting materials <slides-97-tls-tls-visibility-inside-the-data-center>. These same enterprise use cases are significant motivators for eliminating shared secrets on the wire. > > I agree that Section 1 could say more about the motivation/advantages over the shared client secret. I'll look to expand on that in future revisions. Specific proposed text is always welcome too. > > Section 5.2 discusses some ideas about associating/binding a certificate to a client identifier (client_id). I understand that in many use cases, the certificate and public key will be long-lived and issued by an authority prior to the client’s contact with the AS; in a minority of use cases (such as IoT devices), the AS will also issue certificates to clients. > > The best and most flexible way to do this is to define an attribute, let’s say “oauthClientID”, of type VisibleString, which can be multi-valued. By defining it as an attribute, it can be put in at least four useful protocol slots: > 1. Subject Directory Attributes (RFC 5280 Section 4.2.1.8): this is where metadata about the subject goes that is not part of the distinguished name. > 2. Subject attributes: this is when you want the client_id to be bound more authoritatively to the certificate, i.e., the utility and lifetime of the certificate == the lifetime of the client/AS association. > 3. LDAP attributes: this is where metadata about the subject is associated together with the certificate, but not part of the certificate (which is usually in the userCertificate attribute for the LDAP entry). > 4. “other places” where metadata gets associated with certificates, such as crypto tokens and databases (LDAP, of course, is just a type of database). > > By making the attribute multi-valued, one can associate multiple client_ids with one certificate, which means that the same certificate/keypair can be used with multiple services. > > Creating a new attribute is strongly preferable to reusing a field such as “commonName”, since commonName is overused and can lead to conflicts (compare with SSL’s legacy use of commonName). subjectAltName is also not preferable because the client_id itself is not really a globally unique name; it’s closer to a serial number or random (but not secret) string. To make it globally unique it needs to be combined with an identifier for the AS, and that makes such a structure more complicated. Furthermore, subjectAltName is specific to being inside a certificate; it does not have semantics outside of a certificate, whereas a generic directory attribute has equal semantics inside and outside of certificates. > > I believe that the specifics of if and how a client id is represented in a certificate is well beyond the scope of this document. But maybe some considerations or guidance about using an attribute would be appropriate in describing one possible way to do the binding between client and certificate, if you wanted to propose some specific text. Sure, I can propose some specific text along those lines. I will try to supply something over the next few weeks. Best regards, Sean > > > Editorial: there is a typo: Section 5.2: “specifc” should be “specific”. > > Will fix. Thanks. > > > > Regards, > > Sean > _______________________________________________ > OAuth mailing list > OAuth@ietf.org <mailto:OAuth@ietf.org> > https://www.ietf.org/mailman/listinfo/oauth <https://www.ietf.org/mailman/listinfo/oauth> >
- [OAUTH-WG] draft-campbell-oauth-tls-client-auth-0… Sean Leonard
- Re: [OAUTH-WG] draft-campbell-oauth-tls-client-au… Brian Campbell
- Re: [OAUTH-WG] draft-campbell-oauth-tls-client-au… Sean Leonard