[secdir] Secdir last call review of draft-ietf-httpbis-bcp56bis-12

Joseph Salowey via Datatracker <noreply@ietf.org> Sun, 25 July 2021 17:30 UTC

Return-Path: <noreply@ietf.org>
X-Original-To: secdir@ietf.org
Delivered-To: secdir@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 2F4C23A32E9; Sun, 25 Jul 2021 10:30:26 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Joseph Salowey via Datatracker <noreply@ietf.org>
To: <secdir@ietf.org>
Cc: draft-ietf-httpbis-bcp56bis.all@ietf.org, ietf-http-wg@w3.org, last-call@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 7.35.0
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <162723422613.4754.2816752947598222075@ietfa.amsl.com>
Reply-To: Joseph Salowey <joe@salowey.net>
Date: Sun, 25 Jul 2021 10:30:26 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/HbWgQY1V9rXXA0o9dcvSoutoIzw>
Subject: [secdir] Secdir last call review of draft-ietf-httpbis-bcp56bis-12
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 25 Jul 2021 17:30:26 -0000

Reviewer: Joseph Salowey
Review result: Has Issues

I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the
IESG.  These comments were written primarily for the benefit of the
security area directors.  Document editors and WG chairs should treat
these comments just like any other last call comments.

The summary of the review is has issues

The document is well written and very useful.  There are a few issues I think
need to be addressed.

Major Issues:

+ I had trouble with section 4.12 Client Authentication which states:

"Applications can use HTTP authentication Section 11 of
[I-D.ietf-httpbis-semantics] to identify clients. The Basic authentication
scheme [RFC7617] MUST NOT be used unless the underlying transport is
authenticated, integrity-protected and confidential (e.g., as provided the
"HTTPS" URI scheme, or another using TLS). The Digest scheme [RFC7616] MUST NOT
be used unless the underlying transport is similarly secure, or the chosen hash
algorithm is not "MD5"."

I'm not sure what the "or chosen hash algorithm is not "MD5" is meant to say. 
What I think the document should say is:

The Digest scheme [RFC7616] MUST NOT be used unless the underlying transport is
similarly secure. The "MD5" digest algorithm MUST NOT be used.

+ There is a security consideration that I think the document should cover. 
Many HTTP based protocols make heavy use of bearer tokens, such as session
cookies, for authentication and authorization purposes.  This means that an
attacker that can eavesdrop on HTTP communications can often escalate their
privilege to perform operations on resources.   I think you could add this to
the security considerations:

" Section 4.4.2 requires support for 'https' URLs, and discourages the use of
'http' URLs, to provide authentication, integrity and confidentiality, as well
as mitigate pervasive monitoring attacks.  Many HTTP based protocols make heavy
use of bearer tokens, such as session cookies, for authentication and
authorization purposes.  This means that an attacker that can eavesdrop on HTTP
communications can often escalate their privilege to perform operations on
resources. "

Minor Issues:

+ Section 4.5.1 - This could be a good place to mention RFC-8470 on TLS 1.3
early data which can also be a source of GET request replay