Re: [OAUTH-WG] New Version Notification for draft-fett-oauth-dpop-03.txt

Neil Madden <> Mon, 25 November 2019 11:38 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id BC52F120916 for <>; Mon, 25 Nov 2019 03:38:34 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id CNfbDG54NRQq for <>; Mon, 25 Nov 2019 03:38:31 -0800 (PST)
Received: from ( [IPv6:2a00:1450:4864:20::435]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 9A9AC12090F for <>; Mon, 25 Nov 2019 03:38:31 -0800 (PST)
Received: by with SMTP id 4so14299854wro.7 for <>; Mon, 25 Nov 2019 03:38:31 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=google; h=from:message-id:mime-version:subject:date:in-reply-to:cc:to :references; bh=/v0LaG61G/emenflRv6agSFi7zx4b4sboqf3fqcrxdI=; b=Baw46aZphZSbP9ShIuyl3ADxAb/j8P4Dv6AgYOI9UHUVPSO1Kh2n0fdhlTFkWpCa/k Ws+9zKRqMJFHx5o3pN1ogCYRgfNSR9z6a4IG+adCN4tDizv/0iW1M6fAVVYQhIN2mkJL +1UcESsSfuBSyCw8myHCUJiOJap3NuRaNt/xQ=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=x-gm-message-state:from:message-id:mime-version:subject:date :in-reply-to:cc:to:references; bh=/v0LaG61G/emenflRv6agSFi7zx4b4sboqf3fqcrxdI=; b=n7k284nhnD54prwuQO3MoeSfRz2Lwo01EEd4g1LA7i0GtNA80sOB+dM58UrH7TaW1x oVWtQSM9Ge+RYsOIHzr+cHbKDMaslGsIEAnSYvDg0MMe44+jSgUwwM1+kFTfXPM8WjN6 oc1H/Mk9UVYgub3FKq4eP43HIiVZ5VcXXYkZt1Fmkz59AW2wCZLd83+9FoB3Cu/L7sxF palgjVAa45XNCkxa2DfH77gLDXZ+UiixbULBedvWRz8fPJ7kc7OQRZXQIf/oBHm4qT8E CW/JQRgW00w10c+JMlVtjYWbvnarndXulDnFp1dcpJdguSDYY4QXGwT6w5vUXCLVJ+1L ru/A==
X-Gm-Message-State: APjAAAWTTzhpGVC5ouLtl+rYK8PxjeN3mgvPka7P0vGjMATbSlaB4JU5 l7qqwa4ctz+gpFe9ObLp63ST/jY+DkE=
X-Google-Smtp-Source: APXvYqxz14HdeFwldRBI1Gf6LSCgHirGU5jXI28nBq8xro4TEzygRTBycnW+GyVcbF0RcYe/MIGqkw==
X-Received: by 2002:adf:ce05:: with SMTP id p5mr31690456wrn.48.1574681909711; Mon, 25 Nov 2019 03:38:29 -0800 (PST)
Received: from [] ( []) by with ESMTPSA id f67sm8504323wme.16.2019. (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 25 Nov 2019 03:38:28 -0800 (PST)
From: Neil Madden <>
Message-Id: <>
Content-Type: multipart/alternative; boundary="Apple-Mail=_02E67FDA-3A98-49C5-ACBC-AB2191732265"
Mime-Version: 1.0 (Mac OS X Mail 13.0 \(3601.0.10\))
Date: Mon, 25 Nov 2019 11:38:27 +0000
In-Reply-To: <>
Cc: Torsten Lodderstedt <>, oauth <>
To: Dave Tonge <>
References: <> <> <>
X-Mailer: Apple Mail (2.3601.0.10)
Archived-At: <>
Subject: Re: [OAUTH-WG] New Version Notification for draft-fett-oauth-dpop-03.txt
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: OAUTH WG <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Mon, 25 Nov 2019 11:38:35 -0000

Hi Dave,

> On 25 Nov 2019, at 08:28, Dave Tonge <> wrote:
> Hi Neil and Torsten
> I agree that the risk is about token theft / leakage. My understanding is that we should assume that at some point access tokens will be leaked, e.g.Facebook: <>
I think this example is interesting because DPoP (or mTLS) wouldn't have prevented it. The access tokens in this case were deliberately issued by Facebook to the wrong user to implement the "View As" feature, so PoP wouldn't prevent this as the tokens weren't stolen/leaked they were mis-issued and incorrectly scoped. (As I understand it the incorrect access token "had the permissions of the mobile app" - i.e. incorrect scope. It wasn't actually a token issued to the mobile app).

> If access tokens were cryptographically sender-constrained, then leaked/stolen access tokens would be useless.
> I take your point that some of the ways in which an access token would leak, would also leak the dPOP headers, this is why section 9.1 has the recommendations around `iat` and `jti`. While this doesn't eliminate the risk, it does reduce it.
> So my perspective is that dPOP allows sender-constrained access tokens in scenarios where mutual tls / token binding is not possible. This is a good protection against token leakage / theft.

My perspective is that it's the claims that are doing the heavy lifting here. The signature is, by definition, valid for all RSes. Given that the claims (restrictions really) are the important bit there are simpler ways to achieve this - macaroons being my preference.

Some broader points about the uses and costs of PoP tokens:

In a backend microservice architecture, service to service calls are often authorized by service account tokens. These tokens often have significantly higher privileges compared to normal users because the same token is used for every request. So PoP-binding these tokens makes a lot of sense because compromise of one of these tokens has a large blast radius. It's also much easier to achieve PoP-bound tokens in a closed ecosystem - e.g., just spin up a service mesh with automatic mTLS between all service instances and bind your access tokens to those certs.

For some deployment models like IoT that have much riskier threat profiles, it can also make sense to do PoP because tokens might pass through various protocol-translating proxies and over riskier communication channels. In this case you're probably willing to accept a bit of extra complexity because you accept that as part of the cost of operating securely in these environments. (Or you don't and your internet-enabled lightbulbs become a botnet). But you almost certainly have power and resource budgets that you need to keep within, so amortizing the cost of any public key crypto over many requests is crucial.

But for web-based SPAs and so on, I'm not sure the cost/benefit trade off is really that good. The biggest threat for tokens being stolen/misused is still XSS, and DPoP does nothing to protect against that. It also doesn't protect against many other ways that tokens leak in browsers - e.g. if a token leaks in your browser history then the threat is that the attacker is physically using your device, in which case they also have access to your DPoP keys. In the cases like the Facebook breach, where highly automated mass compromise was achieved, I think we're lacking evidence that PoP would help there either.

The single most important thing we can do to protect web-based apps is to encourage the principle of least privilege. Every access token should be as tightly constrained as possible - in scope, in audience, and in expiry time. Ideally at the point of being issued - which is why I think any next-gen OAuth must support issuing multiple fine-grained access tokens. Where tokens can't be constrained at the point of issue, then the client should be able to constrain them afterwards at the point of use. They could do this via DPoP, but for all the reasons I've mentioned before I think macaroons make more sense here.

For mobile apps however, where the situation is much better than for SPAs, DPoP may have real value. A mobile app can realistically generate keys within a secure enclave that requires local user authentication to access (enforced by the hardware), and there's typically no risk of XSS. Mobile phones are at risk of attacks by physically present attackers (e.g., being left unlocked while you go for a bathroom break), so DPoP could add real value here by making it much harder to use those apps without the user's consent - against even quite determined and sophisticated attackers.

If there is support in the WG to move the draft forward, then I'm happy that I've made the points I wanted to make. I would still like to see a much expanded rationale section with a precise description of the threats intended to be protected against and the limitations of the approach. I'd also like to see consideration for allowing reuse of a DPoP proof token for several requests, to amortize the cost. And I'd like to see the ability for DPoP tokens to be scope-constrained and expiry-constrained (i.e., timeout set by the client) as additional optional ways to lock it down.

-- Neil