IETF Logo Mail Archive

Re: [GNAP] Support of FIDO

David Waite <david@alkaline-solutions.com> Wed, 19 August 2020 15:10 UTC

Return-Path: <david@alkaline-solutions.com>
X-Original-To: txauth@ietfa.amsl.com
Delivered-To: txauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 52A883A0826 for <txauth@ietfa.amsl.com>; Wed, 19 Aug 2020 08:10:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.087
X-Spam-Level:
X-Spam-Status: No, score=-2.087 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_KAM_HTML_FONT_INVALID=0.01, UNPARSEABLE_RELAY=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=alkaline-solutions.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mHojOMlnSD99 for <txauth@ietfa.amsl.com>; Wed, 19 Aug 2020 08:10:40 -0700 (PDT)
Received: from mail.alkaline-solutions.com (caesium6.alkaline.solutions [157.230.133.164]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1DCF43A0821 for <txauth@ietf.org>; Wed, 19 Aug 2020 08:10:39 -0700 (PDT)
Received: from authenticated-user (PRIMARY_HOSTNAME [PUBLIC_IP]) by mail.alkaline-solutions.com (Postfix) with ESMTPA id E607A385FBB; Wed, 19 Aug 2020 15:10:33 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=alkaline-solutions.com; s=dkim; t=1597849835; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=eR4mtQIx8YV8mN4+FQlN8BAErOgE2qPsP3qHrW0/HhU=; b=DtwbuWy73wIKbu54Ew7UhTWu/Axm93F9kyP6KkNE9dmHoRaS6WUFn5PnoLbU7Ihe/2J+Am abo0N9nu+HkFbf7SmmyJuekjtsl807vOcX1v5XrXfBWANvL4uVQdvtZ39sRXGknkKOybxq jzRz6jn7cxnP9As35B/UeQkTqni6jI4=
From: David Waite <david@alkaline-solutions.com>
Message-Id: <0B840714-47B6-44B1-BF21-98D6C032F9DA@alkaline-solutions.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_6F9A8470-422B-4FA1-8AB8-CC69BC2AD7B3"
Mime-Version: 1.0
Date: Wed, 19 Aug 2020 09:10:32 -0600
In-Reply-To: <9b1b3fa0-9b91-7bb0-2418-2c96518044a8@free.fr>
Cc: txauth@ietf.org, nadalin@prodigy.net
To: Denis <denis.ietf@free.fr>
References: <96aaaff7-5f11-4c7b-bc93-d4d355284018@free.fr> <0E8FCF98-F5E7-4C1D-8491-96CFEF7AA3C4@alkaline-solutions.com> <9b1b3fa0-9b91-7bb0-2418-2c96518044a8@free.fr>
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=alkaline-solutions.com; s=dkim; t=1597849836; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=eR4mtQIx8YV8mN4+FQlN8BAErOgE2qPsP3qHrW0/HhU=; b=YIz1p2Dpkgq9jKAuvltDLO7+2BRgQsyZkAwLuSgyvG72xe3vog7tFxYws+HyxafNjEgHs3 SAAeOU4dpox7Eql1Us1Allp8jJuhvkuRhzkN9+S4fRj72+z7w6HHnynbMavfYzIYiz1CMD C5S2QgOCzGX3cK2ft3LObgvQE8g+orw=
ARC-Seal: i=1; s=dkim; d=alkaline-solutions.com; t=1597849836; a=rsa-sha256; cv=none; b=MDsYU89r7nBRi4MN2sAE30A1yxiuWRYBk+xLZnzgs1Bg6yawwwgBPog4e9NvfKGGtb4xeN kMziHGVH9AH2pMoi4i3BsnydLJTtOKx9GVFHg+M8qDT5X+vPAWmcQvR8/ftDVMN6hx5MhX 8O0dv4ftygtoScYW2HfPjd8foqD0xjw=
ARC-Authentication-Results: i=1; mail.alkaline-solutions.com; auth=pass smtp.auth=david@alkaline-solutions.com smtp.mailfrom=david@alkaline-solutions.com
X-Spamd-Bar: +
Authentication-Results: mail.alkaline-solutions.com; auth=pass smtp.auth=david@alkaline-solutions.com smtp.mailfrom=david@alkaline-solutions.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/txauth/C-8C0M06hlzD8NI40lMk0ND62Qg>
Subject: Re: [GNAP] Support of FIDO
X-BeenThere: txauth@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <txauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/txauth>, <mailto:txauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/txauth/>
List-Post: <mailto:txauth@ietf.org>
List-Help: <mailto:txauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/txauth>, <mailto:txauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 19 Aug 2020 15:10:42 -0000


> On Aug 19, 2020, at 02:37, Denis <denis.ietf@free.fr> wrote:
>> U2F devices do not typically store private keys per site, but instead rely on a “credential handle” presented by the RP which contains an encrypted form of the key or keying material used to reserve the key. Some CTAP2 implementations do store private keys even in U2F compatibility mode, but these still require presentation of a credential handle. 
>> 
>> So authentication either can use a CTAP2 authentication with a previously created credential that is resident/discoverable, or you perform some initial user authentication to determine which credential handles are appropriate to challenge a U2F authenticator with
> Such implementations details are not important for the present discussion. The key question is whether FIDO authentication would be one authentication possibility 
> advertised by the RS and, if so, how the client should be informed of it by the RS.
> 

Use cases and feasibility are complicated. Here are the use cases as I understand them:

1. AS integration for user authentication:
Short term, it is far easier to just have the browser do Web Authentication of the user at the AS.

Medium-term, user authentication to the AS is feasible for first-party clients to the AS. Platforms have and are expected to continue locking down access to CTAP2 over standardized transports and providing Webauthn-like API access to those as well as to any integrated platform authentication capabilities - and use entitlements and web-domain-based discovery to determine which applications have access. These applications are trusted not to use the credentials elsewhere, so for example a browser needs special entitlements to be able to do WebAuthn across all domains. I would expect this to be an interaction mode - with challenge message and response very similar to the WebAuthn API GetAssertion call, perhaps with Base64-encoded strings substituted for ArrayBuffers.

2. AS integration for client authentication:
It might make sense to create credentials for use to verify an authentic client. This would be similar to a software statement when doing OAuth DCR.

DCAppAttestService is a feature coming in iOS 14 which will create an attestation that the application instance is legitimate. The interface for using these attestations is based heavily on Web Authentication, although the client information block is free-form. Since the attestations (hopefully) are distinct from platform attestations for browser-based web authentication, there should not be a platform restriction on acquiring these.

I wouldn’t expect this to be a feature in the core specification unless other platforms followed suit however - Google for instance has SafetyNet instead. 

3. RS integration for client authentication and user authentication:
I suspect this goes counter to GNAP just how it would go counter to OAuth - both policy and complexity are usually centralized by the AS. Of course, if an RS is also an AS for its own domain, it would have the use cases above.

-DW

> 
> Denis
> 
>> 
>> Sent from my iPhone
>> 
>>> On Aug 18, 2020, at 10:38 AM, Denis <denis.ietf@free.fr> <mailto:denis.ietf@free.fr> wrote:
>>> 
>>> 
>>> Hi Tony,
>>>> Not quite Dennis, the U2F device does not store the private key, it only creates the private key.
>>> Please read the Client to Authenticator Protocol (CTAP) specification from the FIDO Alliance:
>>> 
>>> https://fidoalliance.org/specs/fido-v2.0-ps-20190130/fido-client-to-authenticator-protocol-v2.0-ps-20190130.pdf <https://fidoalliance.org/specs/fido-v2.0-ps-20190130/fido-client-to-authenticator-protocol-v2.0-ps-20190130.pdf>
>>> Extract:
>>> 
>>>  (...) the ASPSP  (Account Servicing Payment Service Providers) server sends a challenge message to the authenticator
>>> which is then cryptographically signed by a private key stored in the authenticator.
>>> 
>>> Denis
>>> 
>>>>  
>>>> From: TXAuth <txauth-bounces@ietf.org> <mailto:txauth-bounces@ietf.org> On Behalf Of Denis
>>>> Sent: Friday, August 14, 2020 3:04 AM
>>>> To: nadalin@prodigy.net <mailto:nadalin@prodigy.net>; txauth@ietf.org <mailto:txauth@ietf.org>
>>>> Subject: Re: [GNAP] Support of FIDO
>>>>  
>>>> Hi Tony, 
>>>> Dennis, not all the way correct 
>>>> It is also possible to get rid of IDs and passwords using FIDO. FIDO discloses no private information at all about the user 
>>>> and no trust relationships need to be defined since there is no AS
>>>> Depends on if you only consider “private information” PII, there can be all sorts of information passed in ClientData field of the FIDO response, not desirable but perfectly OK 
>>>> None of these two semantics fit with the FIDO use case where the subject value is scoped to be locally unique in the context of one RS. 
>>>> Hence, the linkage of users between two RSs (or between one RS and any other server) becomes impossible
>>>> There is nothing that prohibits the RS from sharing registration information between RS 
>>>> I am speaking of FIDO U2F where there are two main phases: registration and authentication.
>>>> 
>>>> The U2F device gives the public key and a Key Handle to the origin online service or website during the user registration step. 
>>>> Later, when the user performs an authentication, the origin online service or website sends the Key Handle back to the U2F device 
>>>> via the browser. The U2F device uses the Key Handle to identify the user's private key, and creates a signature which is sent back 
>>>> to the origin to verify the presence of the U2F device. Thus, the Key Handle is simply an identifier of a particular key on the U2F device.
>>>> 
>>>> There is no other registration information needed. Sharing such an information between RSs does not allow to link user accounts.
>>>> 
>>>> Denis
>>>> 
>>>>  
>>>> From: TXAuth <txauth-bounces@ietf.org> <mailto:txauth-bounces@ietf.org> On Behalf Of Denis
>>>> Sent: Thursday, August 13, 2020 10:31 AM
>>>> To: txauth@ietf.org <mailto:txauth@ietf.org>
>>>> Subject: [GNAP] Support of FIDO
>>>>  
>>>> This topic has already been tackled on the list, but I open a new thread for it.
>>>> 
>>>> In OAuth 2.0, one of the goals was to get rid of IDs and passwords. Since the solution in OAuth 2.0 was to use access tokens, 
>>>> there have been used everywhere, even when they were not strictly needed. 
>>>> 
>>>> 
>>>> It is also possible to get rid of IDs and passwords using FIDO. FIDO discloses no private information at all about the user 
>>>> and no trust relationships need to be defined since there is no AS. 
>>>> 
>>>> 
>>>> FIDO should be one allowed possibility for the user authentication. In the case of FIDO, the user is authenticated under a pseudonym 
>>>> specific to the RS. It may observed that there is no equivalent in OAuth because of the two different semantics of the subject claim.
>>>> 
>>>> 
>>>> RFC 7519 states:
>>>> The "sub" (subject) claim identifies the principal that is the subject of the JWT.  The claims in a JWT are normally statements about the subject.  
>>>> The subject value MUST either be scoped to be locally unique in the context of the issuer or be globally unique.
>>>> In one case, it is possible to link the subject claim of two users between two RSs (i.e. using a locally unique identifier in the context of the issuer) 
>>>> while in the other case (i.e. using a globally unique identifier) it is possible, in addition, to link the subject claim between one RS and any other server 
>>>> (i.e. not supporting OAuth) that is using the same globally unique identifier.
>>>> 
>>>> 
>>>> None of these two semantics fit with the FIDO use case where the subject value is scoped to be locally unique in the context of one RS. 
>>>> 
>>>> Hence, the linkage of users between two RSs (or between one RS and any other server) becomes impossible. 
>>>> 
>>>> 
>>>> There are cases where a user would like to enjoy the unlinkeability properties of FIDO which cannot be met using the claims currently defined in OAuth.
>>>> 
>>>> 
>>>> Denis
>>>>  
>>>> 
>>> 
>>> -- 
>>> TXAuth mailing list
>>> TXAuth@ietf.org <mailto:TXAuth@ietf.org>
>>> https://www.ietf.org/mailman/listinfo/txauth <https://www.ietf.org/mailman/listinfo/txauth>
> 
> -- 
> TXAuth mailing list
> TXAuth@ietf.org
> https://www.ietf.org/mailman/listinfo/txauth

v2.23.0 | Report a Bug | By Email