IETF Logo Mail Archive

[lamps] AD Review of draft-ietf-lamps-cert-binding-for-multi-auth-03

Roman Danyliw <rdd@cert.org> Mon, 26 February 2024 19:40 UTC

Return-Path: <rdd@cert.org>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7FF07C180B40 for <spasm@ietfa.amsl.com>; Mon, 26 Feb 2024 11:40:28 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.108
X-Spam-Level:
X-Spam-Status: No, score=-7.108 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cert.org
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vRO_z3KTtetx for <spasm@ietfa.amsl.com>; Mon, 26 Feb 2024 11:40:24 -0800 (PST)
Received: from USG02-CY1-obe.outbound.protection.office365.us (mail-cy1usg02on0088.outbound.protection.office365.us [23.103.209.88]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 691AAC180B4F for <spasm@ietf.org>; Mon, 26 Feb 2024 11:40:24 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector5401; d=microsoft.com; cv=none; b=dLHoGOfnCCrCXvJuRl1VghFibXAHccjA/wuaVt4gIcoECHs+YaOJKCWeleoyirpN4KF7DVZVA2cmLPAF8kxHSE16C0RF5Z56T1RCXDYiuhkgcNdwS9Novatvtx+xzTlEfNctiYfwXMDX6slZblqVa0uJe2b5aNFJLU5JPLviel6YDIAdGpFGurPq4DGUWZGO5tnyKzvqwLrKFT8bFL57bb+ElyGYNo6nzTsejCC6IPvfu6W6LkNqQIDhi6pJpWmqwvNkieKBFb2X79o4/qdLV/U7h7nUIO+6l2r+fQXX+SIcn7TXgj8TJkfa2oojlMxPWNlHcuRpwn4XPh+rAAQfRA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector5401; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=aJ4eDyYspsYmJaBzyejPqwfBEaRRlFTxIMsQTgSauQ0=; b=o19bRKofFq+V9Ta8RPyTih32zPIU9fwCIus0xxDVsjgjCukRSjGROSgN6YQxGf5sSIp341fdt2fULodreqCn5V/fD/uKiqjVhsxE+ycZ3G6PDQPcb5hYdRRFxqr2nEygiley+IvdPDvYSvHlznWRgkObzqXJhkpeE/GEmOvJbMaMJFo0SSZ9fW7ZJrRCTqqym4kZCNs92r7w7GEse+VZosBqLNpfZgtdjudr0yq7Rat8TYDDIkySEr3tBzEUrA5DDSSKz2zkMQInNjM3l0vYHSHQmJ7Jpb59PN0bLO9VBUUC/m5gMwjg2Tp8jO9bta8Xl2jn57DBiWZfjTVu2lRrkQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cert.org; dmarc=pass action=none header.from=cert.org; dkim=pass header.d=cert.org; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cert.org; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=aJ4eDyYspsYmJaBzyejPqwfBEaRRlFTxIMsQTgSauQ0=; b=rFa6rPYulfz7cHEx/y9PXLOI6rmP5lfpo3IHDlPW/sPHTjItdvw+pjUz2dCW3aALJziduExG4v9873I/ZFrjxDVMnhtm6Cyr/PLfQroPT99vucK3D3LaTlSCnSfIahanPsVjbR7ivvR3m6cdcTVRf98L+9xWHyiXvIML/3eX8Qw=
Received: from BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM (2001:489a:200:168::11) by BN2P110MB1527.NAMP110.PROD.OUTLOOK.COM (2001:489a:200:17d::15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7270.47; Mon, 26 Feb 2024 19:40:22 +0000
Received: from BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM ([fe80::acd1:6591:c445:e0b]) by BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM ([fe80::acd1:6591:c445:e0b%5]) with mapi id 15.20.7270.047; Mon, 26 Feb 2024 19:40:22 +0000
From: Roman Danyliw <rdd@cert.org>
To: "spasm@ietf.org" <spasm@ietf.org>
Thread-Topic: AD Review of draft-ietf-lamps-cert-binding-for-multi-auth-03
Thread-Index: Adpo64T4ZeSBPlo3R6y/JipcEdyAkg==
Date: Mon, 26 Feb 2024 19:40:22 +0000
Message-ID: <BN2P110MB11075863B7E660525F49B4B0DC5AA@BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=cert.org;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: BN2P110MB1107:EE_|BN2P110MB1527:EE_
x-ms-office365-filtering-correlation-id: 1647a6bd-d1c4-4b6f-a849-08dc3702c5a3
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: 4V3jmgkxIyWWrwF2xyEUtJ4kLaz10/2fLFdTLvSE8w+4EViw6OFrTp6yt13oRDU4agCktuiXWx58DU+Yr5HNieRf6UKomTwiULXGFJZ3zMtzG0+oqIOvsNZvrWPg+I+KpDzjxoug517VjFJzs9iSlfUo6ZCceC/TxK6n6A1ZXwnZpsgCD/ZFKlfeNpSMuerWsTBeyWRZSJc0zSTALjscjdlT1Hl3wRg+scgaPt911bDT/LPmiRMzOAfXiKTu0UME5mH5ZXuBloC0XXu8qwjOBsk7ZPQmmN7C4UXSq7evy7/1LsL/Y6RF9x+txlP971x0hCXWqsT2S38Ue1op0sfi60LaDDLhA5upbnmXQ5Gd6C145Od1+Nmsut9/TrCURKxRuBEBfh7p/22LslZCJPVuDapokI0dtXhpIDJN7GyyqXPr0ZltEmnyt2qTsKFywADeHZwmPeRQhULCnEni4BwaKKSV8S8OIP8wi9Y0RnDWfv0oQBqGRqUcGLab008DpBokHD1JDycmNEVLNLO5bsS34EpYwPpYLdNkSKp3ScOsEmcM3HbrWJCaqK9D69vwiLNT7qfRQv8KQNcUgOY0kpqognzSuRMK0lMIBGR+bwlHBtg4f/vrSVnIMqrBrTfGCKF0QbrJ0zPTvoaFNA7QwFykbUMbb3xuGm6fdXn0z1wx1WA41htEFO+l4ExncxtSbRa7NLbQTu70yMKW3DlTJ7fQOMJm6PJwI9TI5+itWEgBUOg=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(13230031)(230473577357003)(38070700009); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: xoUAfc9smJSz3uRovPOoZJ2ujP9DnIZvMQQ7YAHFl/oIwBcCPEsB2S4W/MFC4u9vWztmbL9E7Hd5RYpuoLqWtmuiWWhh+1tyoIIGD25actbKLn76+qD6aTs8Q/fLnoDOVqXe7eyz8iEDQPCM0hsLs8fXrk9wyEiOm2ayWIub94GeNIRVWrH9LdFPi3lvblnSyqiIcvjzR7C8qkgfJitutoDMuaqelQUyACexWsirzy9LHsVdeZC4M5UWq2YoKRvm1fnTAmspBf8wN8mJl06co/ntdui8TeLONSUiy+oMZp5LqQS++fviq5UyXIqihPgwXfy7JppqvLjILE1AQT8vHQzw3xeZdznLL6F9KNH4d1mL1n5myuOTiGnvqbFctY9FeUbgbW6VPPtSbA39TtBRrjXB1zScUGd0gfwIxlz0ZAxo3XT659qtpZPnH3JKXpK6MvKsnz8dNoC71kgGtKPwmGdA6wyet17PD+TqLthNUGtaVAYsXvE3acU9fpGbLCNzB5v2o4Anqpe9sKkCfDU1lmoh2wMvdqSrySzqwjGlu8/mLr5ZpwQZ/Juon1BnGUg3UkzbaIbQMyDGsQyMKdd1Rto2Nl/uUQroSDQ3RSqIqb76b51V0fIG+VmJW6UcMy1jkqJcOhmtoF5hXb+iuVfLyYSZQLLm/fUaumNtTkMPmkmfZCn4Vnlz071KuqXPcoi/R3KsYDGotZ3fVBVrJBbremSr4rHVKP5lE2DwHyaFufNWnZhQZ+2HC/UMwPdDOfxIoVooFSbFPVe/CKNpHtbRywwqbqX0XlsZcz8WVuiCRyTt3VvhlTUATna4caNfoTDoDdxwjj+EzNiqBWCRoN602UxASQCX8FID6+e1FZnXBKBhvo1yMls4q42ZxMysBwjLsBjcX7JFMK8eJCenpY+szI+8S41HtCRIGjeZwbLx9ToI5UsBQx3/Iqun18GeA7ZJsOKC2DCWXPeZPepxLYer9NpT39+Lzaaxj8c3kr4OP22Wy/IEsdZBVcfF95IdMnxIJIKfbDrIqOKR5x/FY7F57ZneOIY222Qtimt16g9vZHjyV26BxCWi9KLFm/uUpAgg6H2XEuOM7BiR9vt0XB1nGb1JjUbcYwHC3ilm03bs/D43fi/IIIdwBTMY0JfWpabjAYk9I61HbwsyAwT8KoOkaT9kD558sn5K/NcYHZtjB4s1djocSTJqHuXZXy6Sl8lRD6rXA7gfE+mBLKZ/nCtNd7a8zG74RLeRxEznCXsEy4mDBkxj2NneW8rQ7otazj15DPxf6fQS25LCzYkIlReFu0rdQvQSQMaBxWxTHtLE8wn5Ply3qvN6cI500IyYV+DD0Jf/mVy+q+hl1i7sCf6PQuc5Oe+ooL7bUNNmNfSL9X0V5qPY9uWS7k3P+FiYl/7+NSgVpoIlG9tUG7eAcGq+WpNgS+S0stNcWBD1yV6groUfrQs/mKannbjLRP19YkcBTAdofLlHjuSvbBazHVbjRNlnRhgC114HKmh3eGjhP9k=
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: cert.org
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: 1647a6bd-d1c4-4b6f-a849-08dc3702c5a3
X-MS-Exchange-CrossTenant-originalarrivaltime: 26 Feb 2024 19:40:22.4522 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 95a9dce2-04f2-4043-995d-1ec3861911c6
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN2P110MB1527
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/afewwZawBH0_g_46vWziVLZ_yfY>
Subject: [lamps] AD Review of draft-ietf-lamps-cert-binding-for-multi-auth-03
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: This is the mail list for the LAMPS Working Group <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 26 Feb 2024 19:40:28 -0000

Hi!

I performed an AD review of draft-ietf-lamps-cert-binding-for-multi-auth-03.  Thanks for this document.  My feedback is as follows:

** Section 1.1.  Editorial.
        … perhaps as part of
   an organization’s update strategy.

Consider clarifying what “update strategy” means – what is this an update from and to?

** Section 3 and 4.  The snippets of ASN.1 definition include multiple “TBD” placeholders.  Replace these with either TBD1 or TBD2 as defined in the IANA considerations section.

** Section 3.1.  Editorial.  
    IssuerAndSerialNumber is repeated
      here for convenience:

   IssuerAndSerialNumber ::= SEQUENCE {
           issuer       Name,
           serialNumber CertificateSerialNumber }

   CertificateSerialNumber ::= INTEGER

In this repetition for convenience only CertificateSerialNumber is defined.  Why not Name?

** Section 3.1
   The UniformResourceIdentifier is a pointer to a location via HTTP/
   HTTPS, or a dataURI.  This field can contain one of two acceptable
   values:

   *  - If the request for (new) Cert B is to the same CA organization
      as issued (existing) Cert A, then the UniformResourceIdentifier
      value SHOULD be available
...
     - If the request for (new) Cert B is to a CA organization
      different to the CA organization that issued the certifacte
      (existing) Cert A referenced in the CSR, then the
      UniformResourceIdentifier value MAY be a dataURI

Based on how this normative language is written isn’t the end result that either a URL and dataURI can be used for both scenarios?  Saying HTTP/HTTPs is a SHOULD when employed for two certificates from the same CA seems to imply that this is the recommended practice.  Saying the dataURI MAY be used for different CAs is silent on the preferred mechanism.  Could this be language be more prescriptive?

** Section 3.1.  Typo. s/certifacte/certificate/

** Section 3.1.  
    ... then the
      UniformResourceIdentifier value MAY be a dataURI [RFC2397]
      containing inline degenerate PKCS#7 consisting of all the
      certificates and CRLs required to validate the traditional
      certificate.

What is a an “inline degenerate PKCS#7”?  Is there a reference for that?

** Section 3.2
   *  MUST retrieve and validate the certificate identified in the
      relatedCertRequest using the information provided in
      UniformResourceIdentifier.

What is the scope of that validation?  Is that covered by locally policy?  For example, how would an expired certificate be handled?

** Section 3.2
   *  MUST check that the BinaryTime indicated in the requestTime field
      is sufficiently fresh.

With “sufficiently fresh” be determined by local policy?  Are there any recommended values of freshness?  Please be clear on what’s in scope for this document to define.

** Section 4.2.
  If an endpoint has indicated that it is willing to do non-composite
   hybrid authentication and receives the appropriate authentication
   data, it SHOULD check end-entity certificates (Cert A and Cert B) for
   the RelatedCertificate extension. If present in one certificate, for
   example Cert B, it SHOULD:


What is the alternative to these procedures (i.e., if the SHOULD is not followed) Is this normative language needed?

** Section 5.
   and a
   signature field in which the requesting entity produces a digital
   signature over the certID and a nonce

For consistency, consider substituting nonce with timestamp as this is how it is framed in Section 3.1.

** Section 5. Typo. s/alos/also/

** Section 7.
   All hybrid implementations are vulnerable to a downgrade attack in
   which a malicious peer does not express support for PQ algorithms,
   resulting in an exchange that can only rely upon traditional
   algorithms for security.

Consider generalizing this text.  As I read it, hybrid defined in this document doesn’t preclude two traditional algorithms but the text here presupposes traditional+PQ.

** Section 7.
   Implementors should be aware of risks that arise from the retrieval
   of a related certificate via the UniformResourceIdentifier provided
   in the relatedCertRequest CSR attribute, if the URI points to
   malicious code.

Isn’t there also the privacy/confidentiality risk in an on-path attacker observing HTTP traffic between the RA and the resource serving UniformResourceIdentifier?  Maybe traffic analysis if HTTPS is used too?

** Section 8.  Please provide RFC Editor guidance to replace TBD1, TBD2 and TBD3 with the IANA assigned values in Section 3, Section 8 and Appendix A.

Thanks,
Roman

v2.23.0 | Report a Bug | By Email