[Unbearable] Review by Michael Jones of draft-ietf-tokbind-protocol-13

Mike Jones <Michael.Jones@microsoft.com> Wed, 15 March 2017 01:05 UTC

Return-Path: <Michael.Jones@microsoft.com>
X-Original-To: unbearable@ietfa.amsl.com
Delivered-To: unbearable@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 65AA813178C for <unbearable@ietfa.amsl.com>; Tue, 14 Mar 2017 18:05:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.02
X-Spam-Level:
X-Spam-Status: No, score=-2.02 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H4=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=microsoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QjsX_r6Ki2eB for <unbearable@ietfa.amsl.com>; Tue, 14 Mar 2017 18:05:56 -0700 (PDT)
Received: from NAM03-BY2-obe.outbound.protection.outlook.com (mail-by2nam03on0100.outbound.protection.outlook.com [104.47.42.100]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7DF6F13178A for <unbearable@ietf.org>; Tue, 14 Mar 2017 18:05:56 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=rKEWwP3sHieuIAzw4qZuLHWB7E3ojdjS5bt09V7+qsA=; b=QBjzZsRfNqK0fewx/Je5YkqnURk3reXqDBgrDO4B7O56UKVMX94gG/4NXBiu4OyVYuN3VUX+8UkC/ywiSOHmNg4/Qf6CfMVILKU1nF0PnfpAr3+V7DpGhOV/dM7unXGY+qK8KTm/i2NTGT/FG7Q0hRf2wnMnJ0+rxHq2J83CBgw=
Received: from CY4PR21MB0504.namprd21.prod.outlook.com (10.172.122.14) by CY4PR21MB0501.namprd21.prod.outlook.com (10.172.122.11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.991.0; Wed, 15 Mar 2017 01:05:55 +0000
Received: from CY4PR21MB0504.namprd21.prod.outlook.com ([10.172.122.14]) by CY4PR21MB0504.namprd21.prod.outlook.com ([10.172.122.14]) with mapi id 15.01.0991.002; Wed, 15 Mar 2017 01:05:55 +0000
From: Mike Jones <Michael.Jones@microsoft.com>
To: "unbearable@ietf.org" <unbearable@ietf.org>
Thread-Topic: Review by Michael Jones of draft-ietf-tokbind-protocol-13
Thread-Index: AdKdJC3da0UJKpiTQlStgqnLoFBybA==
Date: Wed, 15 Mar 2017 01:05:55 +0000
Message-ID: <CY4PR21MB0504FFA50FD3E98B90AAEC71F5270@CY4PR21MB0504.namprd21.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=none action=none header.from=microsoft.com;
x-originating-ip: [2001:4898:80e8:1::2d4]
x-microsoft-exchange-diagnostics: 1; CY4PR21MB0501; 7:6kVFUw0GI22nKkRe3vjJLqBxEaBY/9M/YDKxkVD51yju727l4flhtH/Pv6rUhNq0nAJUJ6+K8lHke2JPBKn2mOdbhbKQMs7lB2nBThnhgPdv2QBr+u1kutfQOprALXLq8juLuSuDFNU6DjEXY4WLT231sOFgN0yqV8apJLcQwrYXo+92h1J8NDsokiovMwJV7qikaroixpxiu65igKDc2rMjMLes1aSdTXtCJGCTm2xJc1O8QUzeneVKPVQo6evn5AjIrZDap9dlFma8Vwjpt/PdmntROiWhySM7e4nQXBD5vd46Ac94Lf9NK04ASm+Zjcp8zhaNUIZqWnbC7TW2HeTAkXAN3sGgpAOQx8qYyCw=
x-ms-office365-filtering-correlation-id: af04c0d7-d835-4025-092c-08d46b3f6ed6
x-ms-office365-filtering-ht: Tenant
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(22001)(2017030254019)(48565401081); SRVR:CY4PR21MB0501;
x-microsoft-antispam-prvs: <CY4PR21MB0501EAC280A3F4134A61729DF5270@CY4PR21MB0501.namprd21.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(158342451672863)(192374486261705)(21748063052155)(21532816269658);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(61425038)(6040375)(601004)(2401047)(8121501046)(5005006)(93006012)(93001012)(3002001)(10201501046)(6055026)(61426038)(61427038)(6041248)(20161123555025)(20161123562025)(20161123560025)(20161123564025)(20161123558025)(6072148); SRVR:CY4PR21MB0501; BCL:0; PCL:0; RULEID:; SRVR:CY4PR21MB0501;
x-forefront-prvs: 02475B2A01
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(39860400002)(39840400002)(39410400002)(39450400003)(39850400002)(606005)(966004)(50986999)(25786008)(54356999)(5640700003)(77096006)(2900100001)(33656002)(6506006)(6436002)(110136004)(38730400002)(53376002)(10290500002)(5005710100001)(9686003)(8990500004)(5660300001)(122556002)(3280700002)(10090500001)(2906002)(54896002)(3660700001)(6306002)(2351001)(99286003)(236005)(55016002)(6916009)(74316002)(7736002)(7906003)(5630700001)(53936002)(7696004)(8936002)(81166006)(102836003)(6116002)(1730700003)(790700001)(86612001)(86362001)(189998001)(230783001)(2501003)(8676002); DIR:OUT; SFP:1102; SCL:1; SRVR:CY4PR21MB0501; H:CY4PR21MB0504.namprd21.prod.outlook.com; FPR:; SPF:None; MLV:ovrnspm; PTR:InfoNoRecords; LANG:en;
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative; boundary="_000_CY4PR21MB0504FFA50FD3E98B90AAEC71F5270CY4PR21MB0504namp_"
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
X-MS-Exchange-CrossTenant-originalarrivaltime: 15 Mar 2017 01:05:55.1023 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY4PR21MB0501
Archived-At: <https://mailarchive.ietf.org/arch/msg/unbearable/1CrT0Ti-EI0OIozZ_GoUEfzBm5E>
Subject: [Unbearable] Review by Michael Jones of draft-ietf-tokbind-protocol-13
X-BeenThere: unbearable@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "\"This list is for discussion of proposals for doing better than bearer tokens \(e.g. HTTP cookies, OAuth tokens etc.\) for web applications. The specific goal is chartering a WG focused on preventing security token export and replay attacks.\"" <unbearable.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/unbearable>, <mailto:unbearable-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/unbearable/>
List-Post: <mailto:unbearable@ietf.org>
List-Help: <mailto:unbearable-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/unbearable>, <mailto:unbearable-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 15 Mar 2017 01:05:59 -0000

I read draft-ietf-tokbind-protocol-13 cover-to-cover today and identified these issues with the text.

MOST IMPORTANT - FULLY DEFINE REJECTION SEMANTICS:  There are lots of places in the draft where it says things like "the server rejects the binding" (e.g., Section 2, paragraph 3).  What the text does not say is something along the lines of "the server rejects the binding and discards all data sent along with the rejected Token Binding message".  People may be assuming that discarding the data associated with a failed token binding is obvious, but I think it needs to be explicitly stated.  One could easily read the current text and think that "rejects the binding" just means ignoring the Token Binding message and continuing processing and delivering TLS the data as if the Token Binding extension were not used.

Likewise, in places where it says things like "any associated bound tokens MUST also be rejected by the server" it should probably be said that the application must discard the entire contents of any communications using a bound security token not matching the token binding.  "Rejecting the token" doesn't seem like a thorough enough description of the intent.

Please look at all the occurrences of "reject" in the draft and consider beefing up the rejection descriptions.

ACKNOLWEDGE THAT HASHES OF TBIDs CAN BE USED:  In the sentence in the Introduction "When issuing a security token to a client that supports Token Binding, a server includes the client's Token Binding ID in the token", please add "(or a cryptographic hash of it)" after "the client's Token Binding ID".  Note that both OAuth Token Binding https://tools.ietf.org/html/draft-ietf-oauth-token-binding-02 and OpenID Connect Token Binding http://openid.net/specs/openid-connect-token-bound-authentication-1_0.html use a hash of the Token Binding ID in security tokens, rather than the Token Binding ID itself, for space reasons.  This common technique should be explicitly allowed.

NITS:

Change "Paypal" to "PayPal".
Change "associeted" to "associated".

Other than that, looks good!

                                                                -- Mike