Re: [pkix] Time in CMC requests
Anders Rundgren <anders.rundgren.net@gmail.com> Wed, 27 October 2021 01:34 UTC
Return-Path: <anders.rundgren.net@gmail.com>
X-Original-To: pkix@ietfa.amsl.com
Delivered-To: pkix@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 275213A1A7B for <pkix@ietfa.amsl.com>; Tue, 26 Oct 2021 18:34:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.429
X-Spam-Level:
X-Spam-Status: No, score=-5.429 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, NICE_REPLY_A=-3.33, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7Je0zcEbf_yX for <pkix@ietfa.amsl.com>; Tue, 26 Oct 2021 18:34:22 -0700 (PDT)
Received: from mail-wm1-x329.google.com (mail-wm1-x329.google.com [IPv6:2a00:1450:4864:20::329]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 20B1A3A1A7A for <pkix@ietf.org>; Tue, 26 Oct 2021 18:34:22 -0700 (PDT)
Received: by mail-wm1-x329.google.com with SMTP id j205so1104328wmj.3 for <pkix@ietf.org>; Tue, 26 Oct 2021 18:34:22 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=message-id:date:mime-version:user-agent:subject:content-language:to :references:from:in-reply-to:content-transfer-encoding; bh=7f9AQJ16l1Ce5k4HO1BfaYpaG0dtIl9VfZ9s6l1EGPg=; b=SLbtVbsN8sBtYs7OyJfaBiiw9UYVjD7bxThiYnjNP09Ve6ltu2MByibZfiYGpiTcJ7 mif+Q7RqzFGjcmx8F358xlKnHv2jLKtRSHJmYxu1l7VSNPZQ9F+IHx+yQ5wgW73jZFqR OWCeH5xmLIAHomvGbFSGnoDx+KOZ4IJT1KXB3vytSMzMP8aqh5a4d2CbAO/NZ3Ahdvjv F0y1Hyti3wnvXnz/O2gOFzRSSQkELhPiHPTou9Ly347PAguynTgPvFwaeDbcrNy0XyN2 5OO1Tshgw0f9k+2rxzdZKnQYmiWNp+8iTixqOt3a+ru2eZyiaaQxxMdLTPjpCcVIxoHo QJEw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:message-id:date:mime-version:user-agent:subject :content-language:to:references:from:in-reply-to :content-transfer-encoding; bh=7f9AQJ16l1Ce5k4HO1BfaYpaG0dtIl9VfZ9s6l1EGPg=; b=CQbvJmIh9ou7M5cUWfdcUaG4OYiuPSEMha8O2Qj0ZTJPFvU09ZwxtJpjQAVWYNf0Kb ruBT2CI+M5G6SWKzteiSzSgRKGoxyqKaLDQb9hp1KmvD7dLaF1NImXdYqjMJ4y4BOmn5 NG9SQaAdpWTYvx4YRBw7iMu0k4Csqo6lIzonO1V5URSGhFI32/34hM6MFf63Jqq9fNu2 sZDvsbCfCgPJinYUiXf1+dHMQt3v3NJiqr6JrCJssxBUykdkcUSiLUJBUGbu0fZmHWUF a8o0uz+DH2na9vglwiAxeIgkQQyArHJbRJ9RoPp/k3pKu3A03w7BquxlqnI4khGWI+m0 40NQ==
X-Gm-Message-State: AOAM532tDEGhAgsvJRreF/d2OP1pSF03eagn61IJUI88zIbL4iPf4Y4V Zgfck+XpsKFZfyFC8jtcs0k=
X-Google-Smtp-Source: ABdhPJy1qan3LmztbUtNaS5zBS0an4BvdXXHyeFV1tcoH9KuLH/W83AcAGS3r4ScIkV0lLu5dSKGdQ==
X-Received: by 2002:a05:600c:19cd:: with SMTP id u13mr2429859wmq.148.1635298459119; Tue, 26 Oct 2021 18:34:19 -0700 (PDT)
Received: from [192.168.1.67] (25.131.146.77.rev.sfr.net. [77.146.131.25]) by smtp.googlemail.com with ESMTPSA id o23sm2272772wms.18.2021.10.26.18.34.18 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Tue, 26 Oct 2021 18:34:18 -0700 (PDT)
Message-ID: <5df66209-ccb2-fb41-8732-aafd17147e16@gmail.com>
Date: Wed, 27 Oct 2021 03:34:14 +0200
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Thunderbird/91.2.1
Content-Language: en-US
To: Stefan Santesson <stefan@aaa-sec.com>, IETF PKIX <pkix@ietf.org>
References: <401334e3-fbd1-497a-2313-0a39bd04f608@aaa-sec.com> <ef7c90b7-64d2-9cf7-7181-0491e555a56c@gmail.com> <94eef0bd-13af-1f35-ecaa-3becdffa79ad@aaa-sec.com>
From: Anders Rundgren <anders.rundgren.net@gmail.com>
In-Reply-To: <94eef0bd-13af-1f35-ecaa-3becdffa79ad@aaa-sec.com>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/pkix/YWj_0DJIyczkul_gqAx6N1cMiJo>
Subject: Re: [pkix] Time in CMC requests
X-BeenThere: pkix@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: PKIX Working Group <pkix.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/pkix>, <mailto:pkix-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/pkix/>
List-Post: <mailto:pkix@ietf.org>
List-Help: <mailto:pkix-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/pkix>, <mailto:pkix-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 27 Oct 2021 01:34:25 -0000
On 2021-10-26 21:36, Stefan Santesson wrote: > Thanks Anders, > > I think that max age (and max future) is redundant as it can simply be a > local policy for the CA who decides for itself how long it will store > nonces for old requests. hi Stefan, totally agree; this is exactly what the sample code does as well. Anders > > I would certainly not allow the requester to set this policy in the > request as they could suggest infinite time. > > I want to stay away from structure in data where none was intended as it > makes it hard to distinguish support or non support in a clean way. > > I'm leaning towards a custom control attribute for request time and an > open interface for replay protection that may use this information if > its available. > > /Stefan > > > On 2021-10-26 19:15, Anders Rundgren wrote: >> Hi Stefan, >> >> Yes, time-stamped nonces is the way to go. >> >> The only addition needed is a MAX_AGE (and MAX_FUTURE) check to keep >> the bag in shape. >> I recently did this for a similar use case: >> https://github.com/fido-web-pay/specification/blob/gh-pages/replay-cache-java.md >> >> >> Anders >> >> On 2021-10-26 18:29, Stefan Santesson wrote: >>> We have an implementation of CMC (RFC 5272) that I need to use, but I >>> got stuck on replay protection. >>> >>> CMC says that replay protection is handled by the use of nonce values. >>> >>> However, without any time information when the request was created, I >>> would have to validate against an infinitely large bag of previous >>> nonces. >>> >>> Was this an oversight in the design, or am I missing something? >>> >>> Is there any control message defined elsewhere that holds a time when >>> the CMC request was created? >>> >>> >>> My current options (as I need replay protection in this particular case) >>> is either to abuse the nonce data and use a byte encoded timestamp as >>> nonce, or to create a new control attribute with time information. >>> >>> Any suggestions? >>> >>> >>> >>
- [pkix] Time in CMC requests Stefan Santesson
- Re: [pkix] Time in CMC requests Anders Rundgren
- Re: [pkix] Time in CMC requests Stefan Santesson
- Re: [pkix] Time in CMC requests Anders Rundgren