Re: [GNAP] Support of FIDO

David <david@alkaline-solutions.com> Tue, 18 August 2020 16:46 UTC

Return-Path: <david@alkaline-solutions.com>
X-Original-To: txauth@ietfa.amsl.com
Delivered-To: txauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 632763A0F5A for <txauth@ietfa.amsl.com>; Tue, 18 Aug 2020 09:46:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.096
X-Spam-Level:
X-Spam-Status: No, score=-2.096 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, MIME_QP_LONG_LINE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=alkaline-solutions.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TT4187wp4onn for <txauth@ietfa.amsl.com>; Tue, 18 Aug 2020 09:46:54 -0700 (PDT)
Received: from mail.alkaline-solutions.com (caesium6.alkaline.solutions [157.230.133.164]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0867A3A0F53 for <txauth@ietf.org>; Tue, 18 Aug 2020 09:46:53 -0700 (PDT)
Received: from authenticated-user (PRIMARY_HOSTNAME [PUBLIC_IP]) by mail.alkaline-solutions.com (Postfix) with ESMTPA id 2DA10385FBB; Tue, 18 Aug 2020 16:46:49 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=alkaline-solutions.com; s=dkim; t=1597769211; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=mzEcT+fAPkQABGyoc+fEcJQhrjDczTU1JWtuJ8N2mG0=; b=P5Ci2NGghOHNeN1Pl2qFQt1yP9BOBi+RMmiW27rhwGpYULfyhlSE4JruuAqXcyTWi0LBLu 0AQqtb218svT5XngY4BAIqHgt3T3OSdo9M/zmROK+GEWlkrTtgjvoHBidL4MfSmIvjcLd/ xYZYK3bppUiEEiQtMeRU2VoPMDnW36U=
Content-Type: multipart/alternative; boundary=Apple-Mail-8E24F815-72A2-4385-A573-9375AD112970
Content-Transfer-Encoding: 7bit
From: David <david@alkaline-solutions.com>
Mime-Version: 1.0
Date: Tue, 18 Aug 2020 10:46:47 -0600
Message-Id: <0E8FCF98-F5E7-4C1D-8491-96CFEF7AA3C4@alkaline-solutions.com>
References: <96aaaff7-5f11-4c7b-bc93-d4d355284018@free.fr>
Cc: nadalin@prodigy.net, txauth@ietf.org
In-Reply-To: <96aaaff7-5f11-4c7b-bc93-d4d355284018@free.fr>
To: Denis <denis.ietf@free.fr>
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=alkaline-solutions.com; s=dkim; t=1597769213; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=mzEcT+fAPkQABGyoc+fEcJQhrjDczTU1JWtuJ8N2mG0=; b=ipNy2jFnAZb0S7yyX7J874Xg/kRpyU621m7gNt0wX49HC003KJrpcnGcL744yITvRVyqBv hy2O4Sq11/eksVDdg/Dil5PV2HHpkV8afm/XOY0okSjaUmOkEB5o6OLHCF2+WyZDu4bUVu 4kew7eGVL4kODto5HJzAk/O1InsC0Ms=
ARC-Seal: i=1; s=dkim; d=alkaline-solutions.com; t=1597769213; a=rsa-sha256; cv=none; b=W66sI15Pvrcb/hs8IVGlpQbZZBmRfzNZrrYLbDff5kUiMZSM6Pnnej/wTboPPngZ+np1OW il92cKzZv5zoJzrRNT67nP+dmt/QfrpiE6XHySRKIQaFkcyp68lDgxT2wk7rYSyjlSxY1/ KfGL5LMYZaWdZeedCHcOQeJJVLzp9l0=
ARC-Authentication-Results: i=1; mail.alkaline-solutions.com; auth=pass smtp.auth=david@alkaline-solutions.com smtp.mailfrom=david@alkaline-solutions.com
X-Spamd-Bar: +
Authentication-Results: mail.alkaline-solutions.com; auth=pass smtp.auth=david@alkaline-solutions.com smtp.mailfrom=david@alkaline-solutions.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/txauth/DhKxVVYaznfVTvuqDE182rC_o-k>
Subject: Re: [GNAP] Support of FIDO
X-BeenThere: txauth@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <txauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/txauth>, <mailto:txauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/txauth/>
List-Post: <mailto:txauth@ietf.org>
List-Help: <mailto:txauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/txauth>, <mailto:txauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 18 Aug 2020 16:46:56 -0000

Denis,

That text is not in the referenced document?

U2F devices do not typically store private keys per site, but instead rely on a “credential handle” presented by the RP which contains an encrypted form of the key or keying material used to reserve the key. Some CTAP2 implementations do store private keys even in U2F compatibility mode, but these still require presentation of a credential handle. 

So authentication either can use a CTAP2 authentication with a previously created credential that is resident/discoverable, or you perform some initial user authentication to determine which credential handles are appropriate to challenge a U2F authenticator with

Sent from my iPhone

> On Aug 18, 2020, at 10:38 AM, Denis <denis.ietf@free.fr> wrote:
> 
> 
> Hi Tony,
>> Not quite Dennis, the U2F device does not store the private key, it only creates the private key.
> Please read the Client to Authenticator Protocol (CTAP) specification from the FIDO Alliance:
> 
> https://fidoalliance.org/specs/fido-v2.0-ps-20190130/fido-client-to-authenticator-protocol-v2.0-ps-20190130.pdf
> 
> Extract:
> 
>  (...) the ASPSP  (Account Servicing Payment Service Providers) server sends a challenge message to the authenticator
> which is then cryptographically signed by a private key stored in the authenticator.
> 
> Denis
> 
>>  
>> From: TXAuth <txauth-bounces@ietf.org> On Behalf Of Denis
>> Sent: Friday, August 14, 2020 3:04 AM
>> To: nadalin@prodigy.net; txauth@ietf.org
>> Subject: Re: [GNAP] Support of FIDO
>>  
>> Hi Tony,
>> Dennis, not all the way correct 
>> It is also possible to get rid of IDs and passwords using FIDO. FIDO discloses no private information at all about the user 
>> and no trust relationships need to be defined since there is no AS
>> Depends on if you only consider “private information” PII, there can be all sorts of information passed in ClientData field of the FIDO response, not desirable but perfectly OK
>> None of these two semantics fit with the FIDO use case where the subject value is scoped to be locally unique in the context of one RS. 
>> Hence, the linkage of users between two RSs (or between one RS and any other server) becomes impossible
>> There is nothing that prohibits the RS from sharing registration information between RS
>> I am speaking of FIDO U2F where there are two main phases: registration and authentication.
>> 
>> The U2F device gives the public key and a Key Handle to the origin online service or website during the user registration step. 
>> Later, when the user performs an authentication, the origin online service or website sends the Key Handle back to the U2F device 
>> via the browser. The U2F device uses the Key Handle to identify the user's private key, and creates a signature which is sent back 
>> to the origin to verify the presence of the U2F device. Thus, the Key Handle is simply an identifier of a particular key on the U2F device.
>> 
>> There is no other registration information needed. Sharing such an information between RSs does not allow to link user accounts.
>> 
>> Denis
>> 
>>  
>> From: TXAuth <txauth-bounces@ietf.org> On Behalf Of Denis
>> Sent: Thursday, August 13, 2020 10:31 AM
>> To: txauth@ietf.org
>> Subject: [GNAP] Support of FIDO
>>  
>> This topic has already been tackled on the list, but I open a new thread for it.
>> 
>> In OAuth 2.0, one of the goals was to get rid of IDs and passwords. Since the solution in OAuth 2.0 was to use access tokens, 
>> there have been used everywhere, even when they were not strictly needed. 
>> 
>> 
>> It is also possible to get rid of IDs and passwords using FIDO. FIDO discloses no private information at all about the user 
>> and no trust relationships need to be defined since there is no AS. 
>> 
>> 
>> FIDO should be one allowed possibility for the user authentication. In the case of FIDO, the user is authenticated under a pseudonym 
>> specific to the RS. It may observed that there is no equivalent in OAuth because of the two different semantics of the subject claim.
>> 
>> 
>> RFC 7519 states:
>> The "sub" (subject) claim identifies the principal that is the subject of the JWT.  The claims in a JWT are normally statements about the subject.  
>> The subject value MUST either be scoped to be locally unique in the context of the issuer or be globally unique.
>> In one case, it is possible to link the subject claim of two users between two RSs (i.e. using a locally unique identifier in the context of the issuer) 
>> while in the other case (i.e. using a globally unique identifier) it is possible, in addition, to link the subject claim between one RS and any other server 
>> (i.e. not supporting OAuth) that is using the same globally unique identifier.
>> 
>> 
>> None of these two semantics fit with the FIDO use case where the subject value is scoped to be locally unique in the context of one RS. 
>> 
>> Hence, the linkage of users between two RSs (or between one RS and any other server) becomes impossible. 
>> 
>> 
>> There are cases where a user would like to enjoy the unlinkeability properties of FIDO which cannot be met using the claims currently defined in OAuth.
>> 
>> 
>> Denis
>>  
>> 
> 
> -- 
> TXAuth mailing list
> TXAuth@ietf.org
> https://www.ietf.org/mailman/listinfo/txauth