IETF Logo Mail Archive

Re: [GNAP] Summarizing status from SECDIR IETF LC review of draft-ietf-gnap-core-protocol-16

Justin Richer <jricher@mit.edu> Fri, 09 February 2024 17:37 UTC

Return-Path: <jricher@mit.edu>
X-Original-To: txauth@ietfa.amsl.com
Delivered-To: txauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 63E19C151536 for <txauth@ietfa.amsl.com>; Fri, 9 Feb 2024 09:37:24 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.108
X-Spam-Level:
X-Spam-Status: No, score=-7.108 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=mit.edu
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pDFYROY8VdVv for <txauth@ietfa.amsl.com>; Fri, 9 Feb 2024 09:37:19 -0800 (PST)
Received: from NAM10-DM6-obe.outbound.protection.outlook.com (mail-dm6nam10on2139.outbound.protection.outlook.com [40.107.93.139]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CE155C14F5EF for <txauth@ietf.org>; Fri, 9 Feb 2024 09:37:14 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=b7S16fh8G+nURg/kohOwEZw9duINtBd98vic5QZzGs+i+DKBLZpZpnHudrVSyv17ZPgUsPWNn2sD9BQkgpPMFOh3ko8XqUNcP5tHpmYZfMMKrT5YC4J3Z0uXXqYHWwmVzJ1rp2PqAUlzIPBr525CIONyiErOSMH2tAsIC9EW7hrCR54vC4/FxX+c8dX4v92KxXKjE8bDAl/KSRVe4Es2VMxznIqmNvaC3QoJrxVniiBrtRs/YKUzT2N0KuPKGGgtnDzWsPUqK/LROUSFPxFDT11DNKTheiQRAi1JoATJp3QoNApZsULxSsCPVxHAFaWp8IL9tA8pUKAJg1T913Hv4A==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=E4Jw51nNxkzKhmkJZxdnon52T4LJp8KetjozvL9K1rY=; b=cnsZeKTE7Z+pgJYnFCaSrlLQBa/p+UxexcmnrUyXw9JLf9qPpwt/tOZCTW44O1tVoZJuZm6ft7sTBDEWSLzzOFkioA9l5brXu+XfLt2mvDkKbb+Clb9n4L7ic6R6PUSUy41oTTZjgmAMysXeeAzOxoU/chwwub+jT+bRJtW+FzER3cFTIBWSA2mEtMGqlbg9ExNZz69yoVutkWozTZhM3o4vFZGyNBvCR4KAdxcqLr8qDh1EEnONkd16u9f7a0qpK8VZv8UdQpUicqAfoxw+erzHXk8arfT76JFf9njpGrs7tVgRBs5AOiNdyhRIjG55GAdO95oxiPGjbO1ESOO7bw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=mit.edu; dmarc=pass action=none header.from=mit.edu; dkim=pass header.d=mit.edu; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mit.edu; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=E4Jw51nNxkzKhmkJZxdnon52T4LJp8KetjozvL9K1rY=; b=XX6vj0YUC5H3veaOFJT17V7RaVvPiAM60bxJiDfIMPGoGdF6SsNY85Y5blSExLPTLHy3BA66ld91zRhEMI0UAkdLnmGN8TSDdwlNYBK6/qpp7hRqsAzj48stfXCi2zV0eKc+MhGKjiuZd57WrJNQ7EcHtGPisOfcJQvmfjKkQW8=
Received: from LV8PR01MB8677.prod.exchangelabs.com (2603:10b6:408:1e8::20) by BL1PR01MB7529.prod.exchangelabs.com (2603:10b6:208:384::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7249.39; Fri, 9 Feb 2024 17:37:11 +0000
Received: from LV8PR01MB8677.prod.exchangelabs.com ([fe80::c5bd:292f:c37:64dc]) by LV8PR01MB8677.prod.exchangelabs.com ([fe80::c5bd:292f:c37:64dc%3]) with mapi id 15.20.7249.038; Fri, 9 Feb 2024 17:37:11 +0000
From: Justin Richer <jricher@mit.edu>
To: Russ Housley <housley@vigilsec.com>
CC: "rdd@cert.org" <rdd@cert.org>, "txauth@ietf.org" <txauth@ietf.org>
Thread-Topic: [GNAP] Summarizing status from SECDIR IETF LC review of draft-ietf-gnap-core-protocol-16
Thread-Index: AdpZ9ROUOAGI7nyfTNWlob7LkU2+DQAFZLmAAALWIgAAKtKjgAAu5naAAABsoQA=
Date: Fri, 09 Feb 2024 17:37:11 +0000
Message-ID: <BC39789D-1C81-4F7C-AB7A-16746E7829F4@mit.edu>
References: <BN2P110MB11074A36A14E33B0F4A9ECEBDC45A@BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM> <05C47833-3C63-4588-B9BB-8FB1673F68FD@mit.edu> <348E9604-64C9-4281-8A32-23C9A08C5E22@vigilsec.com> <228DFDD9-EF1D-4D7C-BDBF-3B1914E8BBCA@mit.edu> <B63F8CE3-A1FC-4BA8-899A-CAE09C1ADE0F@vigilsec.com>
In-Reply-To: <B63F8CE3-A1FC-4BA8-899A-CAE09C1ADE0F@vigilsec.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=mit.edu;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: LV8PR01MB8677:EE_|BL1PR01MB7529:EE_
x-ms-office365-filtering-correlation-id: 8c3496e1-920f-4a20-c5be-08dc2995bf3d
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: okhNYpEPuf5JY/N9NaJ5ITXgp9MNXVFOZXq2L/eSHccTVM2ehpo6qAnMl8hNDQev4llCvuoHrQS5TvTcwAa+sG8AueK011MEP5YBiKpweV8MD0gGoy4COpGphf/DCq8TfTtvQrMEWe+8AVXX0CfhvywvtmMjuxsAn7Y1oTcv0qbFCzx2DAEEftUG30avDFULaS2g+i3RuAEhECqos0+3M4vQsKtSU1XVoKTQofTeJWuNIEybnn4mUSaanlT9u4WmaaN3OuCnh/OQ5rRdm8HHQXNOw2y0Y8IT8OAdwFzA+AsYP1KRp9qxBEWVhcFQWmMUTPR7reD3xkWFGY07SE2UD4ru0pjNRG9bgZeXq8Hdf+nBZpjwdirFJyu0lcMpIOevcEhDxihYbiDmzoHy57XqsHyd4Fe0yE+4+qCqUQxjxxml6uCTUVS2/IOM2Q0A+Zj6FjABB868RYU78pWkoh2q9pkI+MQiXfEbKjLLwCslIjlb61BjIIONxGq4OZpA+K764X+xFxZxGlQmLGTtuE7xO1IiWMRog6h6DAMnLRRjCUBRwDXUM8W3Vx6YTHaplH7qhuE3FwceUvg/94BaoutUN7J1yi+1Tgot6my6RB6pcnE=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:LV8PR01MB8677.prod.exchangelabs.com; PTR:; CAT:NONE; SFS:(13230031)(136003)(376002)(39860400002)(366004)(396003)(346002)(230922051799003)(1800799012)(451199024)(64100799003)(186009)(75432002)(41300700001)(478600001)(6486002)(966005)(6506007)(71200400001)(2616005)(36756003)(6512007)(76116006)(66476007)(66556008)(5660300002)(26005)(2906002)(33656002)(38070700009)(66946007)(83380400001)(66899024)(64756008)(6916009)(66446008)(122000001)(8936002)(786003)(54906003)(316002)(8676002)(4326008)(38100700002)(166002)(86362001); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: RaYN5HHNH4fUh+4mzHFEJw9UnxzWT0ClO3xQF/yqQiuyK489IA59bdG/YT4SI0asE7C90JISUMqx8zBaBqQo10Xxg5tqGuIqnBGPAN4ocvDQ6rD55JYpVnBqyjcaSHrpkK7AFEZ03GcYy7niHU9Dq4a+Wrj6clyzd1PpTAR0Tc7H1e5QyG9fTSUjaprxR1ySZs6gZnV9dGCLF6UbmIsGTxo/poGyjlgtiMuDQ3IdRHimi9Xw6cu4T847vjDUx96SUTNDKMPcwVt9hq6WF8CM+7GDz5SgR8/qcSAhgj5Dfllbo1in2lzaonoVPklQyw27HGCTphx+xMsC5kdGf28VrrVQ7f8ysMZKIs12oezqU2w7wmwJAj1klCAc6DJ6A8koIN5oo/liuicMhvDXw0c4kCc0AdFv6SHPcrqreiDOod7bszzqPOSAPakfGUrTciR7RelbRfuMBhTPtJdmGgMiLaQBuSqYIieFhQFjuAKjzd56sQoPsq7z/j13sE0nhBAYN4H4oHHJijuLHaNTbog5pNUqiQAyio9NOOBi+dtbpu0QWaDYZBPfpL+dsX93VWyuTQs7NdgIL6wM5U+BB5V6ZSUJ7CScm+s39m0f65a09KXRX/LvPOoFoXIc5hAeD5o9B66jmJXhaFIq5tl8vjnJh9T14dBzNa1NmnmvsbYBKoQBcSi87VHSNymIojYaAAM1EOxjUH358qQ4kd7/oZA7MwOQWO8Gr8sm1DkLdyf/RzmvZGjY67lyPh+ySi0NdxpjgYOelrNBb0EZe0jrwjDLN2jFcqQc9PbepCk0hRPOBGaSuL0ru2uhLpBBp76gPYILI8BwSK0dzh22rGRHOUmkATJ8heAjBbZrouxytytdlPssGuVc4vfYhUcol7u8He8xS5XnFmkiiZWTz876avpiD853mIgL5utdd7KUFRhbUflBkKDVMhbNgMdLcjlBBNdOceYV5B+YP4ksxy/tVkkFpiUuRlyN2rAk2oFU0jcZ47hWCc8CnPOx2se1UU0qF/E4Mrd4Oy3yFdWBCq4+MzcBLkH4eeUB5rA3b8kgTaEvXBxU8kXN60s38Qb5zznHOpm8ArjZACYBeit5M+oYX3vchheHkbYcwE9OZn7lhUdBV3O1FGawah8Qrpn1+j9kpG5QmqrJYMx7R3e9Z4aaZ/VE8YpMkfLyoyzPv7uHJPEJSzLTPE/5icRjydCoh/OKfrUUPXT55WnsIIkOXUtM+XXhXNK7cQup9G/jyOKxLjsSkdaP2ZU9FY7o8XtekqmMEvLtW/dj33xSeWoMzvxFPNFKZgVTNBfzgaRZvEqXtZ7QftS6f60WAuW2YcMD6s7TvxeLwPS3L3xkb2AQjTA+ved22vZ9rBrz4oakkyw7c8ntxxKSh4cghQv+rqU8GXsE64A2zW1D/KjASYN4dSYiytAP3WCBjk+nL17pvzzEvYdb/f8Z0uHU1w6a04xPnU6pMMT4QpcrsxP3bA6DOMX47vu0O/5ErM8rIOC4saQ6IH5O2dHNbWeU2WGEsXZO1HqQWAkydiX/iI2zgq+zLiiggZQ8XK60FDheEtV02vxdi4XTwNCzNfyg8RdklfxkRV9orkJ9
Content-Type: multipart/alternative; boundary="_000_BC39789D1C814F7CAB7A16746E7829F4mitedu_"
MIME-Version: 1.0
X-OriginatorOrg: mit.edu
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: LV8PR01MB8677.prod.exchangelabs.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 8c3496e1-920f-4a20-c5be-08dc2995bf3d
X-MS-Exchange-CrossTenant-originalarrivaltime: 09 Feb 2024 17:37:11.4624 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 64afd9ba-0ecf-4acf-bc36-935f6235ba8b
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: var8Ybz9Qpf/wpqrAjVaoH+ng3PbBxUaCuQn5ErRL9cPbYNC2oWedcz1FjfAzLcy
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BL1PR01MB7529
Archived-At: <https://mailarchive.ietf.org/arch/msg/txauth/e9x7zEup0sWG3g7Ln7xU6YJVkAw>
Subject: Re: [GNAP] Summarizing status from SECDIR IETF LC review of draft-ietf-gnap-core-protocol-16
X-BeenThere: txauth@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: GNAP <txauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/txauth>, <mailto:txauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/txauth/>
List-Post: <mailto:txauth@ietf.org>
List-Help: <mailto:txauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/txauth>, <mailto:txauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 09 Feb 2024 17:37:24 -0000

Hi Russ, looks like there’s just one point left:


** (Russ on -16) Section 7: Please consider a reference to RFC 4107.  I'm not sure where
in this section is the best place to add a cite.

[Roman] -16 already contained a reference to RFC4107 in Section 13.7.  The discussion thread seems to indicate that additional pointers would be added in a version after -16.  I don't see it.

It seemed to make more sense to keep the reference in the security considerations section as opposed to making a reference to it (normative or otherwise) in the client-signing section (7). Yes, clients and AS’s need to manage and store their keys well. But the thrust of section 7 is how those are presented on the wire and used to bind request messages to keys, not how the keys themselves are managed. There’s already a forward reference to the security section that mentions RFC4107 in section 7, so we felt that was sufficient.

I really dislike the notion of a symmetric key being used for "signing".  In my view, digital signatures require asymmetric cryptography.  Is there a way to avoid this in the first paragraph of Section 13.7.

I think we can add same definitions paragraph that’s in the HTTP Message Signatures spec introduction, which I’ve added in this PR:

https://github.com/ietf-wg-gnap/gnap-core-protocol/pull/528

Thanks.  I'd like to see a sentence or two about the difference in the security service offered by a MAC.  RFC 5652 has these words that capture my point:

   When more than two parties share the same message-authentication key,
   data origin authentication is not provided.  Any party that knows the
   message-authentication key can compute a valid MAC; therefore, the
   contents could originate from any one of the parties.

You might also want to say that MAC computation is oftem much more efficient than an asymmetric digital signature.

With these two points, an implementer gets the information to decide which type of algorithm to use.


I’ve adapted the text and reference into the security consideration on symmetric cryptography, in the above PR. Thank you for the reference!

The section already had a note about performance, so I think this is the only addition we needed.

 — Justin

v2.23.0 | Report a Bug | By Email