Re: [SECMECH] Framework Bindings Vs. Mechanism Bridges

Nicolas Williams <Nicolas.Williams@sun.com> Fri, 19 August 2005 21:03 UTC

Received: from localhost.localdomain ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1E6E1C-0008Mc-Tl; Fri, 19 Aug 2005 17:03:14 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1E6E1A-0008Lk-Tp for secmech@megatron.ietf.org; Fri, 19 Aug 2005 17:03:13 -0400
Received: from ietf-mx.ietf.org (ietf-mx [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id RAA05074 for <secmech@ietf.org>; Fri, 19 Aug 2005 17:03:09 -0400 (EDT)
Received: from brmea-mail-3.sun.com ([192.18.98.34]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1E6EbA-0008Rd-Uz for secmech@ietf.org; Fri, 19 Aug 2005 17:40:26 -0400
Received: from centralmail2brm.Central.Sun.COM (centralmail2brm.central.sun.com [129.147.62.14]) by brmea-mail-3.sun.com (8.12.10/8.12.9) with ESMTP id j7JL39WR029564 for <secmech@ietf.org>; Fri, 19 Aug 2005 15:03:09 -0600 (MDT)
Received: from binky.Central.Sun.COM (binky.Central.Sun.COM [129.153.128.104]) by centralmail2brm.Central.Sun.COM (8.12.10+Sun/8.12.10/ENSMAIL, v2.2) with ESMTP id j7JL38LI011443 for <secmech@ietf.org>; Fri, 19 Aug 2005 15:03:09 -0600 (MDT)
Received: from binky.Central.Sun.COM (localhost [127.0.0.1]) by binky.Central.Sun.COM (8.13.3+Sun/8.13.3) with ESMTP id j7JL38Lh007379; Fri, 19 Aug 2005 16:03:08 -0500 (CDT)
Received: (from nw141292@localhost) by binky.Central.Sun.COM (8.13.3+Sun/8.13.3/Submit) id j7JL38RY007378; Fri, 19 Aug 2005 16:03:08 -0500 (CDT)
Date: Fri, 19 Aug 2005 16:03:08 -0500
From: Nicolas Williams <Nicolas.Williams@sun.com>
To: Charles Clancy <clancy@cs.umd.edu>
Subject: Re: [SECMECH] Framework Bindings Vs. Mechanism Bridges
Message-ID: <20050819210308.GI6659@binky.Central.Sun.COM>
References: <7210B31550AC934A8637D6619739CE6905C06510@e2k-sea-xch2.sea-alpha.cisco.com> <Pine.GSO.4.60.0508191330380.16954@ismene>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <Pine.GSO.4.60.0508191330380.16954@ismene>
User-Agent: Mutt/1.5.7i
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 3e15cc4fdc61d7bce84032741d11c8e5
Cc: secmech@ietf.org
X-BeenThere: secmech@lists.ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Security mechanisms BOF <secmech.lists.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/secmech>, <mailto:secmech-request@lists.ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/secmech>
List-Post: <mailto:secmech@lists.ietf.org>
List-Help: <mailto:secmech-request@lists.ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/secmech>, <mailto:secmech-request@lists.ietf.org?subject=subscribe>
Sender: secmech-bounces@lists.ietf.org
Errors-To: secmech-bounces@lists.ietf.org

On Fri, Aug 19, 2005 at 02:52:22PM -0400, Charles Clancy wrote:
> On Fri, 19 Aug 2005, Salowey, Joe wrote:
> 
> >>From: Nicolas Williams [mailto:Nicolas.Williams@sun.com]
> >>
> >>On Wed, Aug 17, 2005 at 06:14:07PM -0400, Charles Clancy wrote:
> >>>
> >>>IMHO, Framework Bindings sounds like the way to go.  It gives you more 
> >>>control over which mechanisms are used in which frameworks.  Each 
> >>>framework has a different threat model, and not all mechanisms from 
> >>>one framework may be good in another.  For example, using basic krb5 
> >>>in 802.11i-EAP is a bad idea because of dictionary attacks.
> >>
> >>Sure, but you could always do 
> >>krb5-over-TLS-with-cryptographic-bindings.
> >>
> >
> >[Joe] How would this be instantiated?  Currently EAP does not run over a 
> >specific security layer.  There are EAP mechanisms that provide a secure 
> >tunnel for running other mechanisms.  Would an EAP to GSS bridge have to 
> >be a tunneling method?
> 
> Whatever happened to EAP-GSS?

Dunno, but as I recall some of the KITTEN WG work is, in part, aimed at
making EAP-GSS possible, specifically the GSS_Pseudo_random() extension.

> http://www.drizzle.com/~aboba/IEEE/draft-aboba-pppext-eapgss-12.txt
> 
> "krb5->GSS-API->EAP-GSS->EAP-TTLS->EAP" would work.  Of course, the length 
> of that string should be a motivator for bindings over bridges.

Yes, but replace 'krb5' with 'IAKERB' or soemthing like it.

Using slightly different (clearer?) notation, w/o PKINIT we have these
options (and maybe more):

EAP{EAP-TLS{EAP-GSS{GSS-API{GSS-IAKERB}}}}

or

EAP{EAP-GSS{GSS-API{GSS-TUNNEL{GSS-TLS,GSS-IAKERB}}}}

Where "GSS-IAKERB" is a GSS-API mechanism that does Kerberos V KDC
exchange proxying as necessary in order to establish service tickets for
Kerberos AP exchanges.  And where GSS-API channel bindings are used in
both cases to bind the Kerberos V AP exchanges to the TLS (or whatever)
tunnel.

Of course, with PKINIT no tunnelling would be necessary:

EAP{EAP-GSS{GSS-API{GSS-IAKERB}}}

Nico
-- 

_______________________________________________
SECMECH mailing list
SECMECH@lists.ietf.org
https://www1.ietf.org/mailman/listinfo/secmech