IETF Logo Mail Archive

Re: [secdir] Security review of draft-ietf-oauth-dyn-reg-management-12

Justin Richer <jricher@mit.edu> Mon, 06 April 2015 20:15 UTC

Return-Path: <jricher@mit.edu>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 396B61A9115; Mon, 6 Apr 2015 13:15:04 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.21
X-Spam-Level:
X-Spam-Status: No, score=-4.21 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cNEgydxn4bIZ; Mon, 6 Apr 2015 13:14:56 -0700 (PDT)
Received: from dmz-mailsec-scanner-5.mit.edu (dmz-mailsec-scanner-5.mit.edu [18.7.68.34]) by ietfa.amsl.com (Postfix) with ESMTP id 651E41A90FD; Mon, 6 Apr 2015 13:14:56 -0700 (PDT)
X-AuditID: 12074422-f79cb6d000000d7b-ed-5522e93ee5c9
Received: from mailhub-auth-2.mit.edu ( [18.7.62.36]) (using TLS with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by dmz-mailsec-scanner-5.mit.edu (Symantec Messaging Gateway) with SMTP id B1.C9.03451.F39E2255; Mon, 6 Apr 2015 16:14:55 -0400 (EDT)
Received: from outgoing.mit.edu (outgoing-auth-1.mit.edu [18.9.28.11]) by mailhub-auth-2.mit.edu (8.13.8/8.9.2) with ESMTP id t36KEnRx004175; Mon, 6 Apr 2015 16:14:50 -0400
Received: from [10.66.204.91] ([64.236.138.4]) (authenticated bits=0) (User authenticated as jricher@ATHENA.MIT.EDU) by outgoing.mit.edu (8.13.8/8.12.4) with ESMTP id t36KEjju031733 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Mon, 6 Apr 2015 16:14:47 -0400
Mime-Version: 1.0 (Mac OS X Mail 8.2 \(2070.6\))
Content-Type: multipart/signed; boundary="Apple-Mail=_E2F58AE3-467B-4CCB-8878-325A032BF063"; protocol="application/pgp-signature"; micalg="pgp-sha256"
X-Pgp-Agent: GPGMail 2.5b6
From: Justin Richer <jricher@mit.edu>
In-Reply-To: <CAHbuEH6TvLSauW9WvZxtE6+w6iJeNFgYWN07MBHPJBQA0JCKGQ@mail.gmail.com>
Date: Mon, 06 Apr 2015 13:14:45 -0700
Message-Id: <A3C6E3E8-59B8-4E41-84D5-F4631A4869EC@mit.edu>
References: <CABrd9STmvLWy_Bz7e+pN_0vANxajtD+fMzVM+trwn6+k50Mifw@mail.gmail.com> <118C77E9-FAD2-48C1-A6E1-4D20D219449F@mit.edu> <CABrd9SRVeW5ieSyZSZ3ykT2taZAfKnC7nhnRAf=+BSUKnT-L5A@mail.gmail.com> <951E5D91-BC5D-48CC-8B9C-D88804FB5B87@mit.edu> <CABrd9SSp3eqH1KB-rHCVtiQ8_m4O_pF4GAB7Pagv24uMPxW=0A@mail.gmail.com> <4DE7AD5F-A14A-4255-A78C-0F6DCBECE735@mit.edu> <CAHbuEH6TvLSauW9WvZxtE6+w6iJeNFgYWN07MBHPJBQA0JCKGQ@mail.gmail.com>
To: Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>
X-Mailer: Apple Mail (2.2070.6)
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFvrDKsWRmVeSWpSXmKPExsUixG6nomv/UinU4P17Q4sNn6+xWZzr62K2 mPFnIrNFw858iw8LH7I4sHrsnHWX3WPBplKPJUt+Mnl8ufyZLYAlissmJTUnsyy1SN8ugStj +fUjTAVHgip+n3vM0sB4zq2LkZNDQsBEYs2RvUwQtpjEhXvr2UBsIYHFTBIT22y6GLmA7A2M Eh8mPGeEcFYxSSzcM4kFpEpYwE1iY8sydhCbV8BAYu6pL2CTmAWmMErcmxMMMVVKoun1MUYQ m01AVWL6mhawGk6BQIlbx76BzWERUJHYc/AL2AJmgZWMEu9fdrJCDLWSeLCrBWrzGmaJc3ev gk0SEbCQWNP8DehWDqAN8hI9m9InMArOQnLHLCR3QNhJEn/e9EDFtSWWLXzNDGFrSuzvXs6C Ka4h0fltIiuELS+x/e0cqLilxOKZN6DqbSVu9S2Ammkn8WjaItYFjNyrGGVTcqt0cxMzc4pT k3WLkxPz8lKLdE31cjNL9FJTSjcxgiPWRWkH48+DSocYBTgYlXh4X9xRDBViTSwrrsw9xCjJ waQkytv6TClUiC8pP6UyI7E4I76oNCe1+BCjCtCuRxtWX2CUYsnLz0tVEuHNuwNUx5uSWFmV WpQPUybNwaIkzrvpB1+IkEB6YklqdmpqQWoRTFaGg0NJgnfec6BGwaLU9NSKtMycEoQ0Ewfn IUYJDh6g4YwvQIYXFyTmFmemQ+RPMSpKifOeAGkWAElklObB9cIS7StGcaC3hHlVQdp5gEka rvsV0GAmoMH8z8AGlyQipKQaGBc/3TH/IceDh19aRZoKt6zYcfGa/JMy4yM89efuKbife+nw 8251zsVfMvLrWuK2uYp2rPTsFbkeuTloZcqitTayScqKm8QXdT0QMXizNlY/oMaIScPdT+5b sbKQzpkehQaxV1GKp9wzJvUGritcYxCVb3r12Bpef56y9auO7vj2S6czSSDyihJLcUaioRZz UXEiAPimj2iPAwAA
Archived-At: <http://mailarchive.ietf.org/arch/msg/secdir/bXecERJfv01yOySOXZ6plkHh9gk>
Cc: draft-ietf-oauth-dyn-reg-management.all@tools.ietf.org, The IESG <iesg@ietf.org>, "secdir@ietf.org" <secdir@ietf.org>
Subject: Re: [secdir] Security review of draft-ietf-oauth-dyn-reg-management-12
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 06 Apr 2015 20:15:04 -0000

Ben et. al.,

I took the proposal to the WG and have changed the draft text based on their feedback. The results are published here:

  http://tools.ietf.org/html/draft-ietf-oauth-dyn-reg-management-13

 — Justin

> On Apr 3, 2015, at 12:14 PM, Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com> wrote:
> 
> 
> 
> On Fri, Apr 3, 2015 at 3:02 PM, Justin Richer <jricher@mit.edu <mailto:jricher@mit.edu>> wrote:
> On Apr 3, 2015, at 1:26 PM, Ben Laurie <benl@google.com <mailto:benl@google.com>> wrote:
> >
> > On 3 April 2015 at 18:22, Justin Richer <jricher@mit.edu <mailto:jricher@mit.edu>> wrote:
> >>>
> >>>>> Issue: " Since the client configuration endpoint is an OAuth 2.0 protected
> >>>>> resource, it SHOULD have some rate limiting on failures to prevent
> >>>>> the registration access token from being disclosed though repeated
> >>>>> access attempts."
> >>>>>
> >>>>> I am not sure what this is getting at. Limits on key re-use? Some kind
> >>>>> of BEAST defence? Something else?
> >>>>>
> >>>>> Without some quantification of the threat, it seems hard to act on
> >>>>> this requirement.
> >>>>
> >>>> The rate limiting is going to take a number of different forms depending on the platform and deployment characteristics of the authorization server, so we don’t recommend any particular approach. This is also something that’s going to be changing quickly over the years, and instead of prescribing a specific solution we thought it better to describe the problem here and say that it must be mitigated.
> >>>
> >>> Solution to what? This is precisely my issue - you haven't described
> >>> the problem, you've described a solution to some problem I'm finding
> >>> hard to guess.
> >>>
> >>> In other words: how could the registration access token be disclosed
> >>> through repeated access attempts?
> >>
> >> An attacker could keep poking at a client configuration endpoint with random self-generated tokens until it finds one that works. There’s no oracle attack or other portion that lets the attacker know they’re getting closer to a good token, just a basic repeated hammering of a protected resource This problem is mitigated by having a sufficiently random token (as recommended in RFC6750 and RFC6819) as well as rate-limiting the connections to the endpoint (also suggested by RFC6819). This is fairly common advice for any endpoint protected by a secret (in this case, an OAuth token). Is there a better way to state this so that it’s more clear to developers what they should look out for?
> >
> > How about making it a non-problem by requiring sufficiently strong
> > tokens that there is no possibility of brute force?
> >
> > Mildly astonished that this attack is even considered feasible.
> 
> I’m fine with that resolution, or with just deferring to the appropriate sections of 6750 and 6819 here, if the AD’s are amenable to that change.
> 
> If the WG is good with the change and there is no reason to make this a non-problem, that would be ideal.
> 
> Thanks,
> Kathleen
> 
>  — Justin
> 
> 
> 
> --
> 
> Best regards,
> Kathleen

v2.23.0 | Report a Bug | By Email