IETF Logo Mail Archive

Re: [secdir] Security review of draft-ietf-oauth-dyn-reg-management-12

Justin Richer <jricher@MIT.EDU> Fri, 03 April 2015 17:22 UTC

Return-Path: <jricher@mit.edu>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 56C741ACE05; Fri, 3 Apr 2015 10:22:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.211
X-Spam-Level:
X-Spam-Status: No, score=-4.211 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id aXmik45isBbQ; Fri, 3 Apr 2015 10:22:26 -0700 (PDT)
Received: from dmz-mailsec-scanner-4.mit.edu (dmz-mailsec-scanner-4.mit.edu [18.9.25.15]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 72A1D1ACE07; Fri, 3 Apr 2015 10:22:26 -0700 (PDT)
X-AuditID: 1209190f-f79d16d000000d3d-1f-551ecc51e8db
Received: from mailhub-auth-4.mit.edu ( [18.7.62.39]) (using TLS with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by dmz-mailsec-scanner-4.mit.edu (Symantec Messaging Gateway) with SMTP id EE.69.03389.15CCE155; Fri, 3 Apr 2015 13:22:25 -0400 (EDT)
Received: from outgoing.mit.edu (outgoing-auth-1.mit.edu [18.9.28.11]) by mailhub-auth-4.mit.edu (8.13.8/8.9.2) with ESMTP id t33HMOrE018906; Fri, 3 Apr 2015 13:22:24 -0400
Received: from artemisia.richer.local (static-96-237-195-53.bstnma.fios.verizon.net [96.237.195.53]) (authenticated bits=0) (User authenticated as jricher@ATHENA.MIT.EDU) by outgoing.mit.edu (8.13.8/8.12.4) with ESMTP id t33HMLIr016145 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Fri, 3 Apr 2015 13:22:22 -0400
Mime-Version: 1.0 (Mac OS X Mail 8.2 \(2070.6\))
Content-Type: multipart/signed; boundary="Apple-Mail=_8E97A495-BD92-430C-884D-37D134560AAE"; protocol="application/pgp-signature"; micalg="pgp-sha256"
X-Pgp-Agent: GPGMail 2.5b6
From: Justin Richer <jricher@MIT.EDU>
In-Reply-To: <CABrd9SRVeW5ieSyZSZ3ykT2taZAfKnC7nhnRAf=+BSUKnT-L5A@mail.gmail.com>
Date: Fri, 03 Apr 2015 13:22:20 -0400
Message-Id: <951E5D91-BC5D-48CC-8B9C-D88804FB5B87@mit.edu>
References: <CABrd9STmvLWy_Bz7e+pN_0vANxajtD+fMzVM+trwn6+k50Mifw@mail.gmail.com> <118C77E9-FAD2-48C1-A6E1-4D20D219449F@mit.edu> <CABrd9SRVeW5ieSyZSZ3ykT2taZAfKnC7nhnRAf=+BSUKnT-L5A@mail.gmail.com>
To: Ben Laurie <benl@google.com>
X-Mailer: Apple Mail (2.2070.6)
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFrrIKsWRmVeSWpSXmKPExsUixG6nrht4Ri7UoPOzoMWGz9fYLM71dTFb zPgzkdniw8KHLA4sHgs2lXosWfKTyePL5c9sAcxRXDYpqTmZZalF+nYJXBkdb1ezFnwXq/i+ eT9LA+MW4S5GTg4JAROJv39XsUPYYhIX7q1n62Lk4hASWMwksXfeb1YIZwOjRPePw2wgVUIC D5gkvixNBbGFBdwkNrYsA+vmFTCQmHvqCxNIA7PAFEaJXxv2MUKMlZJoen0MzGYTUJWYv/IW E4jNKRAosWjeblYQm0VAReLg0252iOYmRonZi68wQky1kth7eT8jxBlHGCV+Xt/HApIQEVCQ uPqvB8jmANogL9GzKX0Co+AsJIfMQnYISIJZQFti2cLXzBC2psT+7uUsELa8xPa3c6DilhKL Z96AittK3OpbwARh20k8mraIdQEjxypG2ZTcKt3cxMyc4tRk3eLkxLy81CJdE73czBK91JTS TYyg2OKU5N/B+O2g0iFGAQ5GJR7eB4FyoUKsiWXFlbmHGCU5mJREeXVPAIX4kvJTKjMSizPi i0pzUosPMaoA7Xq0YfUFRimWvPy8VCURXubDQHW8KYmVValF+TBl0hwsSuK8m37whQgJpCeW pGanphakFsFkZTg4lCR4X50CahQsSk1PrUjLzClBSDNxcB5ilODgARrOdRpkeHFBYm5xZjpE /hSjopQ471SQZgGQREZpHlwvLCW+YhQHekuY9wtIFQ8wncJ1vwIazAQ02GGeNMjgkkSElFQD I7uVU0HHtXNXszZKbda+8eY930ublatmbbgnu3YTw8tAJ/OuC5s/R19b/urSorQov7Q7ZYLz Zi+3KehbuCHviJi9z5/FbKq3foYr1+nkhbzurkuxsk3htN5i9jPwlq+xa6Cy5ELrbsOWX693 HtD4oKlsEP9e+Y7j/S+2ak/tVnD6fztXGTfhlBJLcUaioRZzUXEiAEWYr4xkAwAA
Archived-At: <http://mailarchive.ietf.org/arch/msg/secdir/1Q3tQomINyRLUQVY64gGZx-H8g8>
X-Mailman-Approved-At: Fri, 03 Apr 2015 11:10:13 -0700
Cc: draft-ietf-oauth-dyn-reg-management.all@tools.ietf.org, The IESG <iesg@ietf.org>, "secdir@ietf.org" <secdir@ietf.org>
Subject: Re: [secdir] Security review of draft-ietf-oauth-dyn-reg-management-12
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 03 Apr 2015 17:22:28 -0000

> 
>>> Issue: " Since the client configuration endpoint is an OAuth 2.0 protected
>>>  resource, it SHOULD have some rate limiting on failures to prevent
>>>  the registration access token from being disclosed though repeated
>>>  access attempts."
>>> 
>>> I am not sure what this is getting at. Limits on key re-use? Some kind
>>> of BEAST defence? Something else?
>>> 
>>> Without some quantification of the threat, it seems hard to act on
>>> this requirement.
>> 
>> The rate limiting is going to take a number of different forms depending on the platform and deployment characteristics of the authorization server, so we don’t recommend any particular approach. This is also something that’s going to be changing quickly over the years, and instead of prescribing a specific solution we thought it better to describe the problem here and say that it must be mitigated.
> 
> Solution to what? This is precisely my issue - you haven't described
> the problem, you've described a solution to some problem I'm finding
> hard to guess.
> 
> In other words: how could the registration access token be disclosed
> through repeated access attempts?

An attacker could keep poking at a client configuration endpoint with random self-generated tokens until it finds one that works. There’s no oracle attack or other portion that lets the attacker know they’re getting closer to a good token, just a basic repeated hammering of a protected resource This problem is mitigated by having a sufficiently random token (as recommended in RFC6750 and RFC6819) as well as rate-limiting the connections to the endpoint (also suggested by RFC6819). This is fairly common advice for any endpoint protected by a secret (in this case, an OAuth token). Is there a better way to state this so that it’s more clear to developers what they should look out for?

Thanks,
 — Justin

v2.23.0 | Report a Bug | By Email