[GNAP] Key Rotation

Justin Richer <jricher@mit.edu> Tue, 15 June 2021 17:51 UTC

Return-Path: <jricher@mit.edu>
X-Original-To: txauth@ietfa.amsl.com
Delivered-To: txauth@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id 0B63A3A3807 for <txauth@ietfa.amsl.com>; Tue, 15 Jun 2021 10:51:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.498
X-Spam-Status: No, score=-1.498 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, KHOP_HELO_FCRDNS=0.398, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id mu-EdwALCh1g for <txauth@ietfa.amsl.com>; Tue, 15 Jun 2021 10:51:28 -0700 (PDT)
Received: from outgoing.mit.edu (outgoing-auth-1.mit.edu []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A0DD93A3837 for <txauth@ietf.org>; Tue, 15 Jun 2021 10:51:28 -0700 (PDT)
Received: from [] (static-71-174-62-56.bstnma.fios.verizon.net []) (authenticated bits=0) (User authenticated as jricher@ATHENA.MIT.EDU) by outgoing.mit.edu (8.14.7/8.12.4) with ESMTP id 15FHpQvn012440 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for <txauth@ietf.org>; Tue, 15 Jun 2021 13:51:27 -0400
From: Justin Richer <jricher@mit.edu>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.\))
Message-Id: <B72A80C0-0579-43F8-9B83-0932C98EB314@mit.edu>
Date: Tue, 15 Jun 2021 13:51:26 -0400
To: GNAP Mailing List <txauth@ietf.org>
X-Mailer: Apple Mail (2.3608.
Archived-At: <https://mailarchive.ietf.org/arch/msg/txauth/Um4E17wrDsFfQhF_11PJ4H1GTLY>
Subject: [GNAP] Key Rotation
X-BeenThere: txauth@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: GNAP <txauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/txauth>, <mailto:txauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/txauth/>
List-Post: <mailto:txauth@ietf.org>
List-Help: <mailto:txauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/txauth>, <mailto:txauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 15 Jun 2021 17:51:39 -0000

In the GNAP protocol, most requests are bound to a key. There are pretty solid mechanisms for establishing those keys as part of the request, both dynamically and as part of some pre-registration step.

However, over time those keys could be rotated out by the parties that control them, and GNAP needs to be able to handle this.

	• Access tokens are bound to keys
		• We allow rotation of the token value at client instance request...
		• Should we allow rotation of the key also?
	• Grant transactions are also bound to keys
		• Specifically: the continuation access token is bound to a key
		• The key is initially the client instance’s key
		• Should the client be able to rotate this key separately?
	• Some client instances have registered keys
		• What happens when a client’s registered key rotates?

Secure rotation of a key would require some way for the presenter to prove possession of both the old and new keys simultaneously. It could be a matter of signing the request with the new key and include some artifact signed by the old key in the request, or the inverse of that. There are likely other methods out there, but this seems simplest.

What situations are people looking at for handling key rotation? 

 — Justin