Re: I-D Action:draft-ietf-sasl-channel-bindings-00.txt
Kurt Zeilenga <Kurt.Zeilenga@isode.com> Tue, 14 April 2009 20:55 UTC
Return-Path: <owner-ietf-sasl@mail.imc.org>
X-Original-To: ietfarch-sasl-archive-Zoh8yoh9@core3.amsl.com
Delivered-To: ietfarch-sasl-archive-Zoh8yoh9@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 388F73A659C for <ietfarch-sasl-archive-Zoh8yoh9@core3.amsl.com>; Tue, 14 Apr 2009 13:55:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.757
X-Spam-Level:
X-Spam-Status: No, score=-2.757 tagged_above=-999 required=5 tests=[AWL=-0.158, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VtAicy4k7t2i for <ietfarch-sasl-archive-Zoh8yoh9@core3.amsl.com>; Tue, 14 Apr 2009 13:55:26 -0700 (PDT)
Received: from balder-227.proper.com (properopus-pt.tunnel.tserv3.fmt2.ipv6.he.net [IPv6:2001:470:1f04:392::2]) by core3.amsl.com (Postfix) with ESMTP id 21A553A6973 for <sasl-archive-Zoh8yoh9@ietf.org>; Tue, 14 Apr 2009 13:55:25 -0700 (PDT)
Received: from balder-227.proper.com (localhost [127.0.0.1]) by balder-227.proper.com (8.14.2/8.14.2) with ESMTP id n3EKr9GO055882 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Tue, 14 Apr 2009 13:53:09 -0700 (MST) (envelope-from owner-ietf-sasl@mail.imc.org)
Received: (from majordom@localhost) by balder-227.proper.com (8.14.2/8.13.5/Submit) id n3EKr9W4055881; Tue, 14 Apr 2009 13:53:09 -0700 (MST) (envelope-from owner-ietf-sasl@mail.imc.org)
X-Authentication-Warning: balder-227.proper.com: majordom set sender to owner-ietf-sasl@mail.imc.org using -f
Received: from rufus.isode.com (rufus.isode.com [62.3.217.251]) by balder-227.proper.com (8.14.2/8.14.2) with ESMTP id n3EKqv90055864 for <ietf-sasl@imc.org>; Tue, 14 Apr 2009 13:53:08 -0700 (MST) (envelope-from Kurt.Zeilenga@isode.com)
Received: from [172.16.2.151] (shiny.isode.com [62.3.217.250]) by rufus.isode.com (submission channel) via TCP with ESMTPSA id <SeT3pwB=fhNw@rufus.isode.com>; Tue, 14 Apr 2009 21:52:55 +0100
Cc: Nicolas Williams <Nicolas.Williams@sun.com>, ietf-sasl@imc.org
Message-Id: <EBC09043-FEB6-430C-AB6C-A8D4604E7FE8@isode.com>
From: Kurt Zeilenga <Kurt.Zeilenga@isode.com>
To: Jeffrey Hutzelman <jhutz@cmu.edu>
In-Reply-To: <B4DFA14A33CD85356CCBFFA3@atlantis.pc.cs.cmu.edu>
Subject: Re: I-D Action:draft-ietf-sasl-channel-bindings-00.txt
Date: Tue, 14 Apr 2009 13:52:52 -0700
References: <20090409231501.75B6E3A6AEF@core3.amsl.com> <A7DE3439-7E79-4C1A-9EA1-68FE572E4E22@Isode.com> <20090413211924.GB1500@Sun.COM> <F7E5046B-54A0-4751-A4EA-3240EB5E63F3@isode.com> <20090413230720.GI1500@Sun.COM> <0A36FCDE-8A23-4544-AB61-DA139C5E738D@isode.com> <20090414030530.GO1500@Sun.COM> <DF1844C9-680A-4EC4-AC6A-D2BA5335E243@isode.com> <8D94304B5CEB38D7F22AB08D@atlantis.pc.cs.cmu.edu> <914DEC42-43A3-4AD5-B8F7-058A8D2D8898@isode.com> <20090414175446.GI1500@Sun.COM> <CEC5F0CA-D754-4080-B20E-5FF67C20F3AF@isode.com> <B4DFA14A33CD85356CCBFFA3@atlantis.pc.cs.cmu.edu>
X-Mailer: Apple Mail (2.930.3)
MIME-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"; format="flowed"; delsp="yes"
Content-Transfer-Encoding: 7bit
Sender: owner-ietf-sasl@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-sasl/mail-archive/>
List-ID: <ietf-sasl.imc.org>
List-Unsubscribe: <mailto:ietf-sasl-request@imc.org?body=unsubscribe>
On Apr 14, 2009, at 12:37 PM, Jeffrey Hutzelman wrote: > > --On Tuesday, April 14, 2009 12:06:38 PM -0700 Kurt Zeilenga <Kurt.Zeilenga@isode.com > > wrote: > >> >> RFC 4422 purposed avoided detailing APIs. > > We're talking about abstractions, not API's. I argue that the I-D does detail interfaces (beyond what RFC 4422 says). It specifically discusses what and when channel binding information and mechanism information is to be passed between components of an implementation. In order to use SASL [RFC4422] with channel binding the client and server applications MUST provide a channel binding type and channel binding data to the selected SASL mechanism before the first mechanism's authentication message is produced (client side) or consumed (server side). This is unnecessarily prescriptive. > > >> It merely says that generally >> possible to abstract interfaces between application protocols and a >> framework and between a framework and a mechanisms. It leaves the >> particulars of what boundaries to draw between components of an >> implementation to the implementation, as well as the particulars of >> what >> is passed over those boundaries, and when, etc. > > Not really. It _claims_ to do that, but then it goes on to describe > what is expected of protocols and mechanisms. It _does_ create an > abstraction; if it didn't, it would be useless. Yes, but it's descriptive in nature, not prescriptive. I find the language in the I-D far too prescriptive. > > > For example, we know that mechanisms produce tokens which the > protocol is expected to transport back and forth, but whose format > and semantics are known only to the mechanism. And, we know that > the client and server sides of a mechanism always take turns > producing tokens, so that the protocol can transport them via a > challenge/response or request/reply sort of exchange. > > We know that mechanisms result in either success or failure, but > that it is up to the protocol to decide how to convey this from > server to client. In the case of success, mechanisms also produce > an authenticated name, whose syntax and semantics are mechanism- > specific(*). > > We also know that protocols may provide an authorization name, whose > syntax and semantics are known only to the protocol, but which the > mechanism is responsible for transporting from client to server, > possibly (preferably?) in a secure manner. > > We know that mechanisms may provide a facility for encryption and/or > integrity protection of application data exchange after the > authentication process completes. We know that when such a layer is > in use, it works by the protocol passing definite-length chunks of > protocol data ("buffers") to the mechanism, which transforms them > into buffers of protected data in a mechanism format. The protocol > is then responsible for transporting the protected buffers and > handing them to the mechanism on the far end, which transforms them > back into plain protocol data. > > > All of this, and more, we know because RFC4422 specifies these > things about the interaction between protocols and mechanisms, > without regard to which protocol and which mechanism. That is an > abstract interface. "Interface" does not always mean "C function > call API". Of course. I've tried to avoid use of the term API. > What draft-ietf-sasl-channel-bindings does is extend the abstract > interface defined by RFC4422 to encompass handling of channel > bindings. I argue that 1) no change to RFC 4422 is required to "handle channel bindings" (the I-D implies changes are required) 2) while adding some recommendations and considerations might be appropriate at this time, I generally think it premature to mandate particulars of channel binding in the SASL specification. > It does so by saying that mechanisms may support channel binding and > protocols may provide CB data to the mechanism. The I-D and its proponents appear to be arguing that changes to RFC 4422 are required for SCRAM, YAP and other mechanisms to be successfully implemented and deployed, and uses this 'requirement' to justify nearly a dozen mandates. I argue that the premise that changes to RFC 4422 are required is incorrect. No change to RFC 4422 is required for such mechanisms to be successfully implemented and deployed. So before we argue about individual mandates, I'd like the premise of the I-D to be restated. > When the mechanism supports CB and the protocol client and server > both provide CB data, then authentication succeeds only when the CB > data provided on both ends matches. Like the other items listed > above, this behavior is and should be independent of which protocol > and which mechanism is used. I might agree to such so long as we don't mandate the CB data be RFC 5056 CB data. Now maybe I read too much in the draft, but given that my suggested SHOULD was not well received by Nico, I assume I read the I-D correctly. >> No, we've (basically) decided that use of channel binding in SCRAM >> and GS >> should be negotiable. We haven't made any decision that all futures >> that support channel bindings must do so in a manner which is >> negotiable. > > >>> That means we MUST specify what channel >>> binding means in the context of SASL. >> >> In the context of SCRAM certainly. In general, no. > > No, if we do it at all, we must do it at the SASL layer. Attempting > to do it only at the SCRAM layer violates the abstraction, by > requiring every protocol to have mechanism-specific knowledge. RFC 4422 doesn't hide particulars of mechanism implementations from particulars of framework implementations from particulars of application protocol mechanisms. The RFC 4422 abstraction only allows for protocols and mechanisms to be specified independently. New mechanisms have always tended to introduce new data requirements which impact interfaces between components of an implementation. Such an introduction does not break the SASL conceptional model, the impact is simply an artifact of the conceptional model. RFC 4422 says: It is possible to design and implement this framework in ways that do abstract away particulars of similar mechanisms. Such a framework implementation, as well as mechanisms implementations, could be designed not only to be shared by multiple implementations of a particular protocol but to be shared by implementations of multiple protocols. So, from an RFC 4422 perspective, the differences in channel bindings between say it is possible to abstract away particulars of SCRAM and YAP channel binding, but that some future mechanism may not fit into that abstract. > That would defeat the point of having SASL in the first place. I guess we disagree on the point of SASL is. > > > >>> Did you read the sub-thread we had where Jeff H. commented that the >>> logic for selecting a channel binding type to use needed to be not >>> mechanism-specific? >> >> Yes, and I agree it need not be mechanism specific. However, I >> disagree >> that it need be the same in all mechanisms. > > Then you missed my point. The point is _not_ that it does not need > to be mechanism-specific. The point is that it _does_ need to _not_ > be mechanism-specific. This is how we avoid writing a hundred new > RFC's whenever someone designs a new mechanism. It's also how sane > application protocol implementors avoid having to change their > implementations for every new mechanism. I argue it is premature to view our channel binding solution to be the end-all solution to channel binding. > If you want to implement every combination of protocol x mechanism > separately, feel free. But don't deny me the abstraction that > allows me to instead implement each protocol once and each mechanism > once, Oh please. Nothing I suggest hinders your ability to abstract away the particulars of mechanisms and protocols. Folks have been doing this for ages. > and further to let someone else do most of that work while I reap > the benefits simply by changing configuration. > > Abstraction is _important_. > Modularity is _important_. I assume some implementors will continue to let you do such that. Nothing in RFC 4422 ever said implementors of SASL were required to abstract away the particulars of mechanisms. They simply choose to do so (and for good reason). What RFC 4422 did was leave the particulars of such abstractions to implementors. Whether and how a particular implementor chooses to abstract away any particular mechanism difference has been, and should continue to be, an implementation choice. > These things provide scalability, and thus feasibility. > These things make the difference between analysis that is too > complicated to be possible, and analysis that is simple enough to do. > > Having channel bindings work the same way for every protocol and for > every mechanism allows me to analyze how each protocol handles > channel bindings and how each mechanism handles channel bindings, > instead of having to separately analyze each combination. This > significantly improves my job in promoting the security of my site > and of the Internet. > > >> The point here is that any interface between components of an >> implementation are implementation details, not protocol details. RFC >> 4422 specifies protocol, not implementation details. > > RFC 4422 specifies almost no protocol. > It specifies an abstraction. A very limited abstraction. > > >> Your I-D gets into details which RFC 4422 left to implementors. For >> instance, it mandates what and when and how channel binding data is >> passed between two components of implementation. > > No, it mandates what and when and how channel binding data is passed > between abstract components in a (implied) block diagram, which may > or may not bear any resemblance to an actual implementation. In the > same way that RFC4422 mandates what and when and how mechanism > tokens or security layer buffers are passed between the same > abstract components. I guess we'll just have to agree to disagree.
- I-D Action:draft-ietf-sasl-channel-bindings-00.txt Internet-Drafts
- Re: I-D Action:draft-ietf-sasl-channel-bindings-0… Kurt Zeilenga
- Re: I-D Action:draft-ietf-sasl-channel-bindings-0… Nicolas Williams
- Re: I-D Action:draft-ietf-sasl-channel-bindings-0… Kurt Zeilenga
- Re: I-D Action:draft-ietf-sasl-channel-bindings-0… Simon Josefsson
- Re: I-D Action:draft-ietf-sasl-channel-bindings-0… Nicolas Williams
- Re: I-D Action:draft-ietf-sasl-channel-bindings-0… Nicolas Williams
- Re: I-D Action:draft-ietf-sasl-channel-bindings-0… Simon Josefsson
- Re: I-D Action:draft-ietf-sasl-channel-bindings-0… Kurt Zeilenga
- Re: I-D Action:draft-ietf-sasl-channel-bindings-0… Kurt Zeilenga
- Re: I-D Action:draft-ietf-sasl-channel-bindings-0… Nicolas Williams
- Re: I-D Action:draft-ietf-sasl-channel-bindings-0… Nicolas Williams
- Re: I-D Action:draft-ietf-sasl-channel-bindings-0… Nicolas Williams
- Re: I-D Action:draft-ietf-sasl-channel-bindings-0… Kurt Zeilenga
- Re: I-D Action:draft-ietf-sasl-channel-bindings-0… Alexey Melnikov
- Re: I-D Action:draft-ietf-sasl-channel-bindings-0… Simon Josefsson
- Re: I-D Action:draft-ietf-sasl-channel-bindings-0… Jeffrey Hutzelman
- Re: I-D Action:draft-ietf-sasl-channel-bindings-0… Nicolas Williams
- Re: I-D Action:draft-ietf-sasl-channel-bindings-0… Nicolas Williams
- Re: I-D Action:draft-ietf-sasl-channel-bindings-0… Kurt Zeilenga
- Re: I-D Action:draft-ietf-sasl-channel-bindings-0… Nicolas Williams
- Re: I-D Action:draft-ietf-sasl-channel-bindings-0… Kurt Zeilenga
- Re: I-D Action:draft-ietf-sasl-channel-bindings-0… Jeffrey Hutzelman
- Re: I-D Action:draft-ietf-sasl-channel-bindings-0… Nicolas Williams
- Re: I-D Action:draft-ietf-sasl-channel-bindings-0… Kurt Zeilenga
- Re: I-D Action:draft-ietf-sasl-channel-bindings-0… Kurt Zeilenga
- Re: I-D Action:draft-ietf-sasl-channel-bindings-0… Jeffrey Hutzelman
- Re: I-D Action:draft-ietf-sasl-channel-bindings-0… Kurt Zeilenga
- -02 posted (Re: I-D Action:draft-ietf-sasl-channe… Nicolas Williams
- Re: -02 posted (Re: I-D Action:draft-ietf-sasl-ch… Simon Josefsson
- Re: I-D Action:draft-ietf-sasl-channel-bindings-0… Kurt Zeilenga
- Re: I-D Action:draft-ietf-sasl-channel-bindings-0… Nicolas Williams
- Re: I-D Action:draft-ietf-sasl-channel-bindings-0… Jeffrey Hutzelman
- Re: I-D Action:draft-ietf-sasl-channel-bindings-0… Kurt Zeilenga
- Re: I-D Action:draft-ietf-sasl-channel-bindings-0… Alexey Melnikov
- Re: -02 posted (Re: I-D Action:draft-ietf-sasl-ch… Nicolas Williams
- Re: I-D Action:draft-ietf-sasl-channel-bindings-0… Jeffrey Hutzelman
- Re: I-D Action:draft-ietf-sasl-channel-bindings-0… Kurt Zeilenga
- Re: I-D Action:draft-ietf-sasl-channel-bindings-0… Kurt Zeilenga
- Re: I-D Action:draft-ietf-sasl-channel-bindings-0… Kurt Zeilenga
- Re: I-D Action:draft-ietf-sasl-channel-bindings-0… Nicolas Williams
- Re: I-D Action:draft-ietf-sasl-channel-bindings-0… Nicolas Williams
- Re: I-D Action:draft-ietf-sasl-channel-bindings-0… Kurt Zeilenga
- Re: I-D Action:draft-ietf-sasl-channel-bindings-0… Kurt Zeilenga
- Re: I-D Action:draft-ietf-sasl-channel-bindings-0… Nicolas Williams
- Re: -02 posted (Re: I-D Action:draft-ietf-sasl-ch… Simon Josefsson
- Re: I-D Action:draft-ietf-sasl-channel-bindings-0… Alexey Melnikov
- Re: I-D Action:draft-ietf-sasl-channel-bindings-0… Simon Josefsson
- Re: I-D Action:draft-ietf-sasl-channel-bindings-0… Nicolas Williams