Re: [tram] Stephen Farrell's Discuss on draft-ietf-tram-turn-third-party-authz-13: (with DISCUSS and COMMENT)
Martin Thomson <martin.thomson@gmail.com> Mon, 13 April 2015 18:17 UTC
Return-Path: <martin.thomson@gmail.com>
X-Original-To: tram@ietfa.amsl.com
Delivered-To: tram@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F37C21B2A2F; Mon, 13 Apr 2015 11:17:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ltHWRvBacBdX; Mon, 13 Apr 2015 11:17:10 -0700 (PDT)
Received: from mail-oi0-x22c.google.com (mail-oi0-x22c.google.com [IPv6:2607:f8b0:4003:c06::22c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E6CAB1B2A32; Mon, 13 Apr 2015 11:17:09 -0700 (PDT)
Received: by oign205 with SMTP id n205so11166954oig.2; Mon, 13 Apr 2015 11:17:09 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=bHKqAXgbrdo/35d3H5HiEFQzyIQlHDoh/7yt2AVXZII=; b=U+HYxZ6Jytuhsf3D36LKM6je2k3hCJGhxclmAz+LW0hE7pQWlPEteaqudaE33+fpZS mNk2U1RVL0gJLBQr+DU0GTO26OeKieet6/iZicPfzcbnCJX0Fo+pk3Avgmhqi17IMIWi PGqVu/SVftn9nKj/VX7sKP2pLuhLalFXUh/lvo0cZNnQ02g37F4rIIoFsrPweJAc16Q9 F/Td/nkipVT2CWNsin3uXN4Ib/zWPr/a0bN4IvRssJrtN68PmgUPL0yRtpjelPZ0CD83 F31Or6PEKQLoFW66iDUQFpoBOiEs/Az6dn2nCtglqIVhNn5pbf1eMLSB1owMWu2CF1Sp zOZA==
MIME-Version: 1.0
X-Received: by 10.202.0.75 with SMTP id 72mr8421013oia.131.1428949029403; Mon, 13 Apr 2015 11:17:09 -0700 (PDT)
Received: by 10.202.212.212 with HTTP; Mon, 13 Apr 2015 11:17:09 -0700 (PDT)
In-Reply-To: <913383AAA69FF945B8F946018B75898A411FFC5F@xmb-rcd-x10.cisco.com>
References: <20150410193813.20376.40907.idtracker@ietfa.amsl.com> <55282B4E.4000409@akamai.com> <913383AAA69FF945B8F946018B75898A411FFC5F@xmb-rcd-x10.cisco.com>
Date: Mon, 13 Apr 2015 11:17:09 -0700
Message-ID: <CABkgnnUyHTd83LWM0Lp0xOJnVp3Gt6KvrbuGkraejP7kwEJf7w@mail.gmail.com>
From: Martin Thomson <martin.thomson@gmail.com>
To: "Tirumaleswar Reddy (tireddy)" <tireddy@cisco.com>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <http://mailarchive.ietf.org/arch/msg/tram/s1QjPkgb3P1uGeGIoj8sQg1co_I>
Cc: "tram-chairs@ietf.org" <tram-chairs@ietf.org>, "tram@ietf.org" <tram@ietf.org>, Brandon Williams <brandon.williams@akamai.com>, "rlb@ipv.sx" <rlb@ipv.sx>, "Salz, Rich" <rsalz@akamai.com>, "Stephen Farrell (stephen.farrell@cs.tcd.ie)" <stephen.farrell@cs.tcd.ie>
Subject: Re: [tram] Stephen Farrell's Discuss on draft-ietf-tram-turn-third-party-authz-13: (with DISCUSS and COMMENT)
X-BeenThere: tram@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Discussing the creation of a Turn Revised And Modernized \(TRAM\) WG, which goal is to consolidate the various initiatives to update TURN and STUN." <tram.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tram>, <mailto:tram-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tram/>
List-Post: <mailto:tram@ietf.org>
List-Help: <mailto:tram-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tram>, <mailto:tram-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 13 Apr 2015 18:17:12 -0000
On 10 April 2015 at 18:58, Tirumaleswar Reddy (tireddy) <tireddy@cisco.com> wrote: > Richard and we have already have discussed the comments further and resolved them, attached updated draft with diff. > Main changes > > [1] Removed DKSPP > [2] Removed non-AEAD algorithms; using AEAD modes AES-GCM and aead-aes-cbc > [3] Updated the token format I read this just now for the first time in a while. Either I'm a lot stupider this morning than I normally am, or this draft is very confused. There are some serious problems in here. If you intend to use RFC 5116, please clearly specify the inputs, as described in Section 2.1: https://tools.ietf.org/html/rfc5116#section-2.1 Currently, the draft uses N for the name of the server. That conflicts with the label that RFC 5116 uses for the nonce. Also, the draft is very vague about the construction of the nonce. The draft certainly doesn't need to refer to the CBC AEAD draft. It does need to deal with algorithm agility and it currently does not. I apologize for not reviewing this earlier. Here are more comments. Section 1 doesn't really explain what the draft provides. Section 3 claims to be an overview, but it doesn't actually describe what happens. It leaves the token acquisition part out of scope. That's fine, but it doesn't describe how the THIRD-PARTY-AUTHORIZATION attribute might be used, even in the broadest sense. It doesn't explain why it's a server name, or how that name relates to the domain name of the server (i.e., the one that might have been passed to a DNS resolver). Section 4 doesn't permit any additional information to be carried in the token. Therefore, the STUN/TURN server is unable to apply any additional policies that the authorization server might impose, such as limits on the length of the session, the number of ports allocated, or the bandwidth that is allocated. (Or whatever we might later conceive of.) It's not clear what Section 4.1.1 is for. If this is private communications, then it is far too specific. If this is intended to be normative, then it isn't sufficient. What is the base URI? What prevents a random internet denizen from acquiring this symmetric key? Why these two specific parameters? Why does the expiration information in the JWK replicate what HTTP provides? I'd be far happier with hand-waving than with this section in place. Section 5 fails to explicitly state whether the MAC key is used as input to short term or long term credentials. It needs to say short term, I think. Why does this document use 'kid' rather than USERNAME? Isn't the point to get a short term username+password pair from the authorization server? Section 7 seems to imply two layers of authentication: the AEAD and some HMAC. I can't work out what is being authenticated. I'm not sure that anyone else could either. The replay protection in Section 7 is not sufficient. If the intent is to prevent replay, then the server needs to maintain a globally-consistent register of the requests that it has seen so that it can correctly reject replays. However, I think that the intent is to permit replay, so perhaps it is the case that casting this as anti-replay is counter-intuitive. That said, I believe that this is a serious DoS vector and we should be recommending that servers at least account for what has been replayed and limit the number of times a particular token can be used. If the intent of the lifetime in the token is to prevent replay, then this is bad: o The lifetime provided by the TURN server in the Allocate and Refresh responses MUST be less than or equal to the lifetime of the token. Tying the two lifetimes together means that you need to have a long token lifetime in order to support long sessions. But long token lifetimes means long periods of exposure to replay and lots of maintained state. See earlier point about policies being carried in the token. Section 8 seems completely unnecessary. What resource is being conserved here? It's more work to maintain all this state and validate all those tokens than it is to respond in the affirmative to STUN request. (Also, why doesn't STUN usage get a fancy OAuth mapping table like Section 9? Is it somehow different?) In summary, I'm surprised that a document in this state was put before the IESG.
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Brandon Williams
- [tram] Stephen Farrell's Discuss on draft-ietf-tr… Stephen Farrell
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Tirumaleswar Reddy (tireddy)
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Tirumaleswar Reddy (tireddy)
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Oleg Moskalenko
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Oleg Moskalenko
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Tirumaleswar Reddy (tireddy)
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Salz, Rich
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Martin Thomson
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Oleg Moskalenko
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Tirumaleswar Reddy (tireddy)
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Tirumaleswar Reddy (tireddy)
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Oleg Moskalenko
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Brandon Williams
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Brandon Williams
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Martin Thomson
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Oleg Moskalenko
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Martin Thomson
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Oleg Moskalenko
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Martin Thomson
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Oleg Moskalenko
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Tirumaleswar Reddy (tireddy)
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Tirumaleswar Reddy (tireddy)
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Tirumaleswar Reddy (tireddy)
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Tirumaleswar Reddy (tireddy)
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Tirumaleswar Reddy (tireddy)
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Brandon Williams
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Brandon Williams
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Brandon Williams
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Salz, Rich
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Tirumaleswar Reddy (tireddy)
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Tirumaleswar Reddy (tireddy)
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Tirumaleswar Reddy (tireddy)
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Tirumaleswar Reddy (tireddy)
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Salz, Rich
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Salz, Rich
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Spencer Dawkins at IETF
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Spencer Dawkins at IETF
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Tirumaleswar Reddy (tireddy)
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Salz, Rich