IETF Logo Mail Archive

Re: [GNAP] Summarizing status from SECDIR IETF LC review of draft-ietf-gnap-core-protocol-16

Justin Richer <jricher@mit.edu> Fri, 09 February 2024 19:19 UTC

Return-Path: <jricher@mit.edu>
X-Original-To: txauth@ietfa.amsl.com
Delivered-To: txauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C6EB0C14F61F for <txauth@ietfa.amsl.com>; Fri, 9 Feb 2024 11:19:22 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.108
X-Spam-Level:
X-Spam-Status: No, score=-2.108 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=mit.edu
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id E5Aht0UaHnDd for <txauth@ietfa.amsl.com>; Fri, 9 Feb 2024 11:19:18 -0800 (PST)
Received: from NAM04-MW2-obe.outbound.protection.outlook.com (mail-mw2nam04on2107.outbound.protection.outlook.com [40.107.101.107]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 411A5C14F6AF for <txauth@ietf.org>; Fri, 9 Feb 2024 11:19:17 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=AVWE39y0sEVZr4yAdwrgmOCishR/EYLlXZy1yxwOH/kkReOJ/EbZJyknOOGHjvqh3PBIngpwXTmdje2+T0Rt072+JXWPAoD+7GXkStsQS/hcRt5O4cmeiaGyVZqOurrXvd3OrgwXct3vxrpPZnGrZv3ASlgDGRVNQGd4ntnNuQqSKmfwAT8epvP63KFv9zhiBlOP/JR+gV+CVrm/rNloZewD4mbvsQ/O3QjPHJwTMAbUD6mL/tCWFOUPgBXRgtxISF6W1Kuehen52Yn5yUWnCcuorKrHruBUl/o1xCwiEgnzgS8Tf0WaLS4vXqAkf7OjsbJ1h0SgNBzcV83XjMApTA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=WLno1DaEWadwWRoimIVB0fF6q6dyatCO+sRzIOxyhmk=; b=Z2U01LP6+wS8GOe51AOgik0tUtDrf2NqU4V+kw2dWr2Oakw3DE6soE3H/CPQ3jaCZDsa+2ODtjp7HO4lsexgQDQVD11K2g5iDRsqSFEJkfEn0jM7Lqo6SdV6jM+rSB638hFVy0uyjdd3pjwW/TYipQ2S8K/+WkGidin0A9phReefD6inXWLyHZjwdTBuwOY71+4lUOsbaPBxFmTD7nh0dm57wQp3N5oBlpDh4xumGnVkrohmHCYYNn237dL/XGkU/3HezbfXuYrae8Y7b3JLf2ZKMHxsk+eVvEhvwzCriIBa/n0Ryn3hG8CG5doEA3qlo2JrgdQw56ciZwe/oGt2Xw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=mit.edu; dmarc=pass action=none header.from=mit.edu; dkim=pass header.d=mit.edu; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mit.edu; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=WLno1DaEWadwWRoimIVB0fF6q6dyatCO+sRzIOxyhmk=; b=Fof6uIvXVnQezXUvcye1W0t96+D88boNHf7EZTvuMEgj2Inng1kqF+RjsTRZpfGdCDVsE5i0iOw2UcNWR+p+Weax+ceTTt1DPW1BiTjCy+nfVtjjHeEAwcpH/xvcyDjnyIXG/MUXg7p+88FqXJGF0OU2uZG8nKKrRN1G8ZGzvsw=
Received: from LV8PR01MB8677.prod.exchangelabs.com (2603:10b6:408:1e8::20) by BL3PR01MB7178.prod.exchangelabs.com (2603:10b6:208:345::6) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7270.27; Fri, 9 Feb 2024 19:19:16 +0000
Received: from LV8PR01MB8677.prod.exchangelabs.com ([fe80::c5bd:292f:c37:64dc]) by LV8PR01MB8677.prod.exchangelabs.com ([fe80::c5bd:292f:c37:64dc%3]) with mapi id 15.20.7249.038; Fri, 9 Feb 2024 19:19:14 +0000
From: Justin Richer <jricher@mit.edu>
To: Russ Housley <housley@vigilsec.com>
CC: "rdd@cert.org" <rdd@cert.org>, "txauth@ietf.org" <txauth@ietf.org>
Thread-Topic: [GNAP] Summarizing status from SECDIR IETF LC review of draft-ietf-gnap-core-protocol-16
Thread-Index: AdpZ9ROUOAGI7nyfTNWlob7LkU2+DQAFZLmAAALWIgAAKtKjgAAu5naAAABsoQAAAtyLAAAAtAEA
Date: Fri, 09 Feb 2024 19:19:14 +0000
Message-ID: <1B365230-550C-4D18-8578-9B80885BB4F1@mit.edu>
References: <BN2P110MB11074A36A14E33B0F4A9ECEBDC45A@BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM> <05C47833-3C63-4588-B9BB-8FB1673F68FD@mit.edu> <348E9604-64C9-4281-8A32-23C9A08C5E22@vigilsec.com> <228DFDD9-EF1D-4D7C-BDBF-3B1914E8BBCA@mit.edu> <B63F8CE3-A1FC-4BA8-899A-CAE09C1ADE0F@vigilsec.com> <BC39789D-1C81-4F7C-AB7A-16746E7829F4@mit.edu> <264AA826-1353-4F10-947A-4740DBD18D9E@vigilsec.com>
In-Reply-To: <264AA826-1353-4F10-947A-4740DBD18D9E@vigilsec.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=mit.edu;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: LV8PR01MB8677:EE_|BL3PR01MB7178:EE_
x-ms-office365-filtering-correlation-id: b09c810e-a472-499a-6dd4-08dc29a400f8
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: a+xs/bJ80c2SsZ/qgETKWC8GQJ3rxOCitPAoeJXu1FMeStOw1IhmdMRGOkYPbEROO8MLxxZAtNxhPdmlx8ZOCvT0KoSTad5x1moyoQtoWyfDJQ4RLEFk6DWuyLwiwqeFvwH11lVLcenF+PYw5wfY+UsEQ964vniKTnjejoZwdl7QMymLSRdjgar+H+u0EEs32htDO6mJrWkE5KmWSEARblhhVzpPR5dP/3mXzuXlmK/ObJvdIlUNN1RGXuFsRCLNv1gF9uLcEAenYn39mlAV4OybgaM3OdPr4OjAc9uoY+pFi/vDmf2mp1FmOaQWeaRiIBdyTbyCx6B0K70AuZx7zvylul8Wy3uIIndIZdCLm19Yo+8BEW8SYEVDpr2e2ZHaQocNRwaZkCETWk7RQeEHDJ+SvxlmbkExlbYhLiu78G0OtgHTgo9byVveHFPO8n+T2EaPbg2E/RsX/G4AqcEr42GrhHLR/7LF4TuOWEKB76WWALH+vpDjiMSl6I6SJPv8abzoIKXt0IoaQd2Nvkujvlp6atN1EiIV1mqwdO+mtB3ARIab8VrNc+XgktENcuWJu/N/ZuY7tD9q1sDB0kgfKpF6vfEBeGc+eO4o7t/I+dM=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:LV8PR01MB8677.prod.exchangelabs.com; PTR:; CAT:NONE; SFS:(13230031)(376002)(39860400002)(366004)(136003)(396003)(346002)(230922051799003)(1800799012)(186009)(451199024)(64100799003)(5660300002)(6916009)(76116006)(8676002)(4326008)(66446008)(64756008)(8936002)(66556008)(66476007)(66946007)(2906002)(83380400001)(26005)(38070700009)(38100700002)(122000001)(33656002)(36756003)(86362001)(54906003)(786003)(316002)(71200400001)(166002)(478600001)(6512007)(966005)(6486002)(2616005)(53546011)(41300700001)(75432002)(6506007)(66899024); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: sCB1lpThsqIXhtlOZRQSJOgxzo3mW9DL119B6zb+qUBQgcC6GVfbJBK6gHTGm4WQA1Cl4+lTKt67strN5NVkLnHxyQBVCVE2POT/mEekty+OBk0wnbvzJN8YBGLN+IVmmepdoweaFg+7zaTSPlWzXswdDb3pH4+v0vFPIzLANCsVgR8ClPtmUVvDf1ymReb7OYeu3HJ66RTgRwj++HB3nbV8KlQwf6H5g6noSUYC/RGZm1LdA1I3EefUeJHh7RxTiqDjNQkWK2a+DuUOi7WNsLk/HTH4LqWtRhH50JeJZWK4cVQB4SdpTDTmY4ZlFoSbTSMcmrI8NE9C2W7pvZpBvfOiijaIVbNKKXHMOo7aRGz/C85j+G9PLP5O14kWNk4oPD26mESk62oNXWEq8z8qxaOJCgQ6kzKZ158T7LGzPrEPmXDqwCDw+afB74llIM/fzs3x5qDIvjC6adLWCBhejT1ZEDyEyYm3FwX3vmqONIwmY0z/7Mt0dyKS7fGy2P2OJ7izOe6gmZb0DaN/jioHqY3u69cHr+Rrelo995OaxYvfSPqvi7MkMd8lRWeBU3AVPIxBlE/ZWaruBgDD13WZGCAv+l6Twr894qtVqCcNP4hbHFNmJTfiFpR2JffwLsrxvZlNdu83OhLqGxLh1H0VEUtKBmLqxR4eNId7SfkrWTJm4exFuMHGyqwn1fYM0DadyoYIJ9weV2w8z/3G3FKaam3OfcXKTGbfRJC8ZAwl16BjIupkpM92FLpwsc3y7mzJVVynAiq6m3YrL4xqU0a5QPeQJm3OKYYoH49MCUsdZ4MevgktapUikuG51NO9qb/i+lhbL8TTTR5p5jHcI1nRcz66oIkWJzsLngsFSpkhy3iU9ElDvjo/k1v5J+pH8lomOuRVAEQS8kRSkof+iNK/5LLnMnpFFDi57z+5RwPZS8gfFWls4i6COXoXHZAF+miBG5psVqxTFoHwXFmaJ6rYpCUkDFf70U6QNsif6PLKDRS6tzuqwSFmBDiBhWQnQRShRKi9R9Bt2APfdVggBTamKYHQGNbLPm0vcVcT7UyQYHNEznVhMxeTxdLnXXn3lE3pJ4FdWlQir6KtLu6jYN/gFaFgxFdaKeSIbGYGqdLZCmaaoXICOm1pXbwtqOuST2YGb+CYXOAi3YbHoWAoisTYMFFpqBukSGMelRycIiJfwFd06j6TMQGMjXrLpDRZXvKceUKG/s0OeSHIL8AnrXqBJ8IDtJLTyHnwG1K7p0TpUNXXBwSEJkBGs5+oZkdudotTET7BgVPlvK88xo6Bg7Ga3Q1cYZbodbmuHsvLkqAaOZKfZkaaM8pwS8nRhMDQImpiJJ7EH8Oigzm5SV1HqoFq4moBxISfaWLvvxMsKqjEFrAYk8hjFfa9NlHiXTL6Swu7hJ8SSmkQx1FOrFXxQMQiCag7SEAbcw/EvP3k+WYra2fT18TERuZInacw1N0Ky+FTApBnn2W9kL7Ymo75L2GKxbika5ZoattzSi+eyyrGmhNtuc3hcIky5z2mKZL0OFnkwL9HaCNasy5gf27/Vbt4eI9/tccriUH8Fy+sRYDrPefm901TKUDyEu8h5ax6HlIY
Content-Type: multipart/alternative; boundary="_000_1B365230550C4D1885789B80885BB4F1mitedu_"
MIME-Version: 1.0
X-OriginatorOrg: mit.edu
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: LV8PR01MB8677.prod.exchangelabs.com
X-MS-Exchange-CrossTenant-Network-Message-Id: b09c810e-a472-499a-6dd4-08dc29a400f8
X-MS-Exchange-CrossTenant-originalarrivaltime: 09 Feb 2024 19:19:14.7236 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 64afd9ba-0ecf-4acf-bc36-935f6235ba8b
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: wzLSWqno+6ADFlJXaPtb0zXutRDZZCLVteQJ0RR10xxfJeQ8VAJ9hzwAFlGsEGbp
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BL3PR01MB7178
Archived-At: <https://mailarchive.ietf.org/arch/msg/txauth/52_cXJTfGnCrHZjWiYnHnXGXzDM>
Subject: Re: [GNAP] Summarizing status from SECDIR IETF LC review of draft-ietf-gnap-core-protocol-16
X-BeenThere: txauth@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: GNAP <txauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/txauth>, <mailto:txauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/txauth/>
List-Post: <mailto:txauth@ietf.org>
List-Help: <mailto:txauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/txauth>, <mailto:txauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 09 Feb 2024 19:19:22 -0000

That’s fair, I can back that out. I knew that it dealt with both digital signatures and MACs, but I agree that it presents a much different environment so the discussion isn’t the same.

Thanks.

— Justin

On Feb 9, 2024, at 1:58 PM, Russ Housley <housley@vigilsec.com> wrote:

Justin:


** (Russ on -16) Section 7: Please consider a reference to RFC 4107.  I'm not sure where
in this section is the best place to add a cite.

[Roman] -16 already contained a reference to RFC4107 in Section 13.7.  The discussion thread seems to indicate that additional pointers would be added in a version after -16.  I don't see it.

It seemed to make more sense to keep the reference in the security considerations section as opposed to making a reference to it (normative or otherwise) in the client-signing section (7). Yes, clients and AS’s need to manage and store their keys well. But the thrust of section 7 is how those are presented on the wire and used to bind request messages to keys, not how the keys themselves are managed. There’s already a forward reference to the security section that mentions RFC4107 in section 7, so we felt that was sufficient.

I really dislike the notion of a symmetric key being used for "signing".  In my view, digital signatures require asymmetric cryptography.  Is there a way to avoid this in the first paragraph of Section 13.7.

I think we can add same definitions paragraph that’s in the HTTP Message Signatures spec introduction, which I’ve added in this PR:

https://github.com/ietf-wg-gnap/gnap-core-protocol/pull/528

Thanks.  I'd like to see a sentence or two about the difference in the security service offered by a MAC.  RFC 5652 has these words that capture my point:

   When more than two parties share the same message-authentication key,
   data origin authentication is not provided.  Any party that knows the
   message-authentication key can compute a valid MAC; therefore, the
   contents could originate from any one of the parties.

You might also want to say that MAC computation is oftem much more efficient than an asymmetric digital signature.

With these two points, an implementer gets the information to decide which type of algorithm to use.


I’ve adapted the text and reference into the security consideration on symmetric cryptography, in the above PR. Thank you for the reference!

The section already had a note about performance, so I think this is the only addition we needed.

One nit:  I do not thisn you want to reference CMS [RFC5652] here.  The overall protocol environment is quite different.

Russ

v2.23.0 | Report a Bug | By Email