IETF Logo Mail Archive

[GNAP] Symmetric keys in introspection responses

Justin Richer <jricher@mit.edu> Sat, 29 July 2023 04:52 UTC

Return-Path: <jricher@mit.edu>
X-Original-To: txauth@ietfa.amsl.com
Delivered-To: txauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CA641C14CE42 for <txauth@ietfa.amsl.com>; Fri, 28 Jul 2023 21:52:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.108
X-Spam-Level:
X-Spam-Status: No, score=-6.108 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_DOTEDU_SHORT=1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=mit.edu
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id iXBKEN96I1nO for <txauth@ietfa.amsl.com>; Fri, 28 Jul 2023 21:52:02 -0700 (PDT)
Received: from outgoing-exchange-1.mit.edu (outgoing-exchange-1.mit.edu [18.9.28.15]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8F38FC14CF09 for <txauth@ietf.org>; Fri, 28 Jul 2023 21:52:02 -0700 (PDT)
Received: from oc11exedge2.exchange.mit.edu (OC11EXEDGE2.EXCHANGE.MIT.EDU [18.9.3.18]) by outgoing-exchange-1.mit.edu (8.14.7/8.12.4) with ESMTP id 36T4nk9n014103 for <txauth@ietf.org>; Sat, 29 Jul 2023 00:52:01 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mit.edu; s=outgoing; t=1690606321; bh=9i3ImcL1vbluLXaMJmIS2X/cUUKc/i0eCYCKv3Gy9ww=; h=From:Subject:Date:Message-ID:Content-Type:MIME-Version; b=LJY/0uzprOU/Sx0TCb3G3HX8QXiCOkQ/DrE+4AkE7x9R/1h+2weIf3wNsfgNvg6yl fWMqMsk+qD9KjYZ/YIqqzJGnFavPCE6PFUgtRmzlvULx6ZOSzBZS7MRtH9Ku2iXU0H UzJ1Gm40g0+R5yHHSfP1lILiEx423m2ZKQBxa+B9w1iOL+niHd97ggKd13/R2x7shl /ztk+UaV7sAVszqbIQT3TP+6YRAg3nATlDXR26pKjab+hjdPWGbOwIoxaeNOz7j/vY eI9IkZ+8L+xtW2mORZUdcQvfJmnwu69DKd0URX3a8f6O6wM5EOiuAs3+s+ptrBq9Eq ZA18oheo3nQSw==
Received: from w92expo12.exchange.mit.edu (18.7.74.66) by oc11exedge2.exchange.mit.edu (18.9.3.18) with Microsoft SMTP Server (TLS) id 15.0.1497.48; Sat, 29 Jul 2023 00:49:22 -0400
Received: from oc11exhyb6.exchange.mit.edu (18.9.1.111) by w92expo12.exchange.mit.edu (18.7.74.66) with Microsoft SMTP Server (TLS) id 15.0.1497.42; Sat, 29 Jul 2023 00:49:47 -0400
Received: from NAM10-DM6-obe.outbound.protection.outlook.com (104.47.58.105) by oc11exhyb6.exchange.mit.edu (18.9.1.111) with Microsoft SMTP Server (TLS) id 15.0.1497.48 via Frontend Transport; Sat, 29 Jul 2023 00:49:47 -0400
Received: from DM6PR01MB4444.prod.exchangelabs.com (2603:10b6:5:78::15) by PH0PR01MB6246.prod.exchangelabs.com (2603:10b6:510:b::12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6631.29; Sat, 29 Jul 2023 04:49:45 +0000
Received: from DM6PR01MB4444.prod.exchangelabs.com ([fe80::7fe8:9de9:e874:3835]) by DM6PR01MB4444.prod.exchangelabs.com ([fe80::7fe8:9de9:e874:3835%4]) with mapi id 15.20.6631.026; Sat, 29 Jul 2023 04:49:45 +0000
From: Justin Richer <jricher@mit.edu>
To: GNAP Mailing List <txauth@ietf.org>
Thread-Topic: Symmetric keys in introspection responses
Thread-Index: AQHZwdgY9m16+aH1qUGpnIdoXtUY8Q==
Date: Sat, 29 Jul 2023 04:49:45 +0000
Message-ID: <DF0613AE-68A3-47F6-BE62-E7A9C82E3444@mit.edu>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=mit.edu;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: DM6PR01MB4444:EE_|PH0PR01MB6246:EE_
x-ms-office365-filtering-correlation-id: 1bc202d3-0cb3-41cb-9f09-08db8fef3b46
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: +7wG7Z9wUvORDPirBmaJH53CMS474owngSbwHyXe40e6BvHtSKVn10v27a/211TDK6DOmsUx5pVPALI9A8duPrEQsK55rogW17W81Fc7a8Zk0encUi05tuMni52FSRi+TY3d1XmieCKlLDUfAjywaWwL+R5E7vSkj9n+i5rnnoTvzYqtlpqXyefem/w+jxKz9rePCzvPU03L3+UqCnMGbCeUMY4fMAJBNVmrC+TtOIMvQRC4cNdslOfcmOnG9XY7E//EpjzIEA53vkXBZK+Jz2/lCCqzHY+ClVx01bnF27NZR0fli24VhRzUAVpGOHtpPy8IZHgNJduRKfoO4hKrvg3sQojykjd/WgefM7L0nhhfoEtx5UDMRmbo0hPDtLz3Fc/6qVa9v5gXTR4pi0BMNm+gOHZ6lWeUfx9DJ2OLCuCwB1GTmDtQSKy6152oan2IeDsVWiDJ7T8sSsl4cZwSoZ/KCXP7O6GdjZe6vsh+DTtEwJa8WvAoKKw/vUoKN43F78HqHKT4TWJYHuYNWfmTbBAlL0wIlMDT02pt4ZkuzAaqMQ0JDqAM1nCrLKWiRNPBux3/mNnCN6lWNvEw03oKiufqVq/wEt/Q3N/lVoRn194=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DM6PR01MB4444.prod.exchangelabs.com; PTR:; CAT:NONE; SFS:(13230028)(4636009)(376002)(136003)(346002)(396003)(39860400002)(366004)(451199021)(41300700001)(2906002)(75432002)(4744005)(786003)(8676002)(316002)(8936002)(33656002)(36756003)(38070700005)(86362001)(5660300002)(166002)(966005)(6512007)(26005)(6506007)(71200400001)(478600001)(6486002)(83380400001)(186003)(2616005)(38100700002)(76116006)(6916009)(91956017)(122000001)(66556008)(66476007)(66446008)(66946007)(64756008); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: Q9bf5QGGUBO6n1mJLAFT0099/9Z8enH8s6Pf0E0yppJeWooD0gIsOqL9NjZwh49ftEbevlaNtCt+TJQ2Lr5YI/zpZpk+oEqtE++sdKS7LQeakBIeX6lrBkyvpnqFyoYsILDQxh1p5kE+29DdzvCG/Daa1gr7wq87lzyUBVGmm2603hATnu7ZAADrHjNpYPDXbM7eIdzxWpzXlWqI8py/wp/TJ52SpLvvZK0hyjFbHC9Yh98nUj4jW9g/BKLm4QPgN33T+ObKfK/0aoc0R62YFKUkrJYKrkEY8p8Qs6UhKP0LBDNHzvWoC1QaNQdBTuDjYRIkQrvnOQnSSc/YIDGOOBWhFyTM+H8laFFmhV+B2Jrc7IpSAOcmxk6LcBC3S3ZQbI4K5gjIHHeOy+sWL9zY8urOYCuseIVScWk/dMgsj49OoyyDXzlghZ28o9UbqI9wGYR0C1AljNFCTm/RnpD2piO0YRkQ4Uoy/9IdOUURoDu0usUQDQlnO1kHFcYAxvnVfSJ8hIgT0aHvjYAQTjmydU0CP504GeuZwg8HjZm+8pMjU34OZ5MWS6N3dyF98VwiWNBQauoanYEHRTkKOwSo0BWGttE+QEqSBBW1kOhZkGZo84eSC4GT5oJP9h/Dujl3K+QFuwUcgQic7AnZ0j/N87gEJoakpIoZcjqgvCaKF0VCb8IqMLY1AlDlxJqhDqNQoDmg7WRGTmYu/8UhGFVmrxHpJ1wPlYTe/hbGYC2eflQ3lGGFs90/Ugdzp/wqrnfKACYv8bm/nHRaTx22UDm+4ab4i3S0cDJdTUca8DNsIyJZ0Ku44T66aNSOBdpAgv4W2GlMtUwKNumix1Ql5/MMrzGmVWM+agOvtZHJHO64KfzeOp8LqQuMX5XbJtppoBI1AhC7PGFxHn9Jwm7jpyNdhvFRWke1oiF2ui31SvUPv8UU6+VMkOhGu4P8LTbVHfiCIcsrEHnGxLSZ3Y2uHH4GBSeWudxCCxYWSavkdQy/LwwHjlY7WTJtNMCtKvh7rLFTkCdIeQjBYq0SzaTbOlh/hHKQt0ExoxPV7aGGVu6jHLyUt9Jxsta3xY8QwU2s5tiizBJkui7IAhf4fp2Shf0gYv9ww2K35TQHJwotMbQwmmMC616/Y7IfxN1jP0USZFLdmjsTGJA1wYdWTW5eFO3LopNCELBl2brKf3OHtR6EmQj95F5AvP2e8FFfS6/dv6D8Oi5LvywsoZBsQFM032xD5laouicolsMvei+fEm6i2wrnVHm7xnAOCuUVKSNKFxoSHtLbUjLaeOt1W5IRQNNHBjbYDtk+AiVEes7q5r+RL9/UDUBxvpDuFsPo1gMtrNJ7dajWdGyjEtndodd45HTUZwPNcJnY2HfGLIqK9o2Wosnh9mqWuPmIvbcF/wJIJ9Nh8JFYEr4MSTYfEdjN+ItsvOdZIoY+7Gf3a9USwtQYRNjFKR2xjXRYlcw4X9g4xVnZHKufd+s0Z/7o7Tqcbpgf/JhXLUJ1CrQcwCq5+Pxf2foiv985kgKMRYakEbroUNGNAifE5GohKNqWcNVkR8JyHB63sTjYZTgLBvOzt79q2/j0ebR2oVgRWQHulgQZzQTj
Content-Type: multipart/alternative; boundary="_000_DF0613AE68A347F6BE62E7A9C82E3444mitedu_"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: DM6PR01MB4444.prod.exchangelabs.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 1bc202d3-0cb3-41cb-9f09-08db8fef3b46
X-MS-Exchange-CrossTenant-originalarrivaltime: 29 Jul 2023 04:49:45.7117 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 64afd9ba-0ecf-4acf-bc36-935f6235ba8b
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: FiTEowOA2qKaeGlUT01xZd5Z+RSPIzsQK6SZWgZeEWNFqR8qXm7/ocJnC9qQ4sCw
X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH0PR01MB6246
X-OriginatorOrg: mit.edu
Archived-At: <https://mailarchive.ietf.org/arch/msg/txauth/h8Hl68YldMZ-9rf9KRD5QrYqf0A>
Subject: [GNAP] Symmetric keys in introspection responses
X-BeenThere: txauth@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: GNAP <txauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/txauth>, <mailto:txauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/txauth/>
List-Post: <mailto:txauth@ietf.org>
List-Help: <mailto:txauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/txauth>, <mailto:txauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 29 Jul 2023 04:52:06 -0000

As discussed in the meeting today, this issue raises the item of introspection responses containing symmetric keys bound to tokens:

https://github.com/ietf-wg-gnap/gnap-resource-servers/issues/47

Per discussion in the room, the proposal is that we restrict the introspection response such that a symmetric key is never passed by value to the RS, as doing so would be a significant security hole. Symmetric keys can still be handled by passing a key identifier, allowing the RS to use a KDF, KSM, or other key management technique to fetch the key based on this identifier. This is a parallel restriction to client instances sending key material to the AS in a grant request.

The editors will propose text to enact this change. If you have input to this proposal, please provide it on the list or in the GitHub tracker.

 — Justin

v2.23.0 | Report a Bug | By Email