IETF Logo Mail Archive

Re: [Unbearable] WGLC 3 on core documents

Martin Thomson <martin.thomson@gmail.com> Thu, 02 March 2017 03:06 UTC

Return-Path: <martin.thomson@gmail.com>
X-Original-To: unbearable@ietfa.amsl.com
Delivered-To: unbearable@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 49321129452 for <unbearable@ietfa.amsl.com>; Wed, 1 Mar 2017 19:06:26 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level:
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PC6PkY_viMcp for <unbearable@ietfa.amsl.com>; Wed, 1 Mar 2017 19:06:25 -0800 (PST)
Received: from mail-qk0-x236.google.com (mail-qk0-x236.google.com [IPv6:2607:f8b0:400d:c09::236]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 164F61293EE for <unbearable@ietf.org>; Wed, 1 Mar 2017 19:06:25 -0800 (PST)
Received: by mail-qk0-x236.google.com with SMTP id u188so103833927qkc.2 for <unbearable@ietf.org>; Wed, 01 Mar 2017 19:06:25 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=cEdW0e/g/A6qN8Fg8nt5eu0caATPRWE+m2Ko3wZhVh8=; b=sHotWc0WHOdz+YOGfiaq8hg/OPOs3Uxnkba92G8kyPgHEkC0rOMK4GDjvdGW36fwlW 24vcCk763pZ3p7MQ9TRnghj8jVZ8eixAqcl2bcfe72uGjuVt/er1QoaELX7gT5D45Vwn SchdKnPNASvgOELhUpbdPMLXTr5xmOpie3NTGISuOY+HI46/Sx0mb+16CBWOfSzswTi9 VsyeFmnd7JF2qAdGOWE+Ks2rYHy1lOeyqS6UPffmuMGkoeFneZiU94YV+qLagjA9Oq8K h8ptksn/722+KdmenReokmZqx/CLsVdihrXwQ1pLz/ZOaCDq06LQjUg6vfUsEhuCxNZB T2sA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=cEdW0e/g/A6qN8Fg8nt5eu0caATPRWE+m2Ko3wZhVh8=; b=dVdLSGlww47T1o77ugGgS7raxT4tyFiSifWxNTKQ5q6eN40KUEGST1tYVFwnUKV3SK YHJd+TzrXwNRIy4yMShkOvS79Zcticd5J8r5Y5/+g7sZ9KrRt1TxGnJLwlpX4BhaPARn gBXrO9MZLqwHUpe0xVADkHWkgQjqOuRNaqfRzPkdGGVOc8JNZlilyMgUFEqWXhz51UXC sTpGMCRkIzJ5GI3/i+Zdq7K2ToFGYD+ZNh+zp3n/j7OR66iyMzhOBoc5prBnGT/ffvS+ TdFQ69ecdMcYv43bVd289oie4BblbaHQLzw9PRvSbYVU4091Ut1l2CYnXbb1jI21LNxE C/yg==
X-Gm-Message-State: AMke39mn4uxLaPM+XM9s4vzH1AoBPY6z4ZKp5a8o/dYz+VE+oryY4ayH3MA4XSKm009Ez+mYEZhcCxdpp2lvmQ==
X-Received: by 10.200.3.214 with SMTP id z22mr15510930qtg.3.1488423984233; Wed, 01 Mar 2017 19:06:24 -0800 (PST)
MIME-Version: 1.0
Received: by 10.140.19.112 with HTTP; Wed, 1 Mar 2017 19:06:23 -0800 (PST)
In-Reply-To: <DM2PR21MB00913546EC3A8E0C931F3CB38C280@DM2PR21MB0091.namprd21.prod.outlook.com>
References: <90198679-4549-2893-6d91-f4415df217ad@sunet.se> <CABkgnnUPNRS1AUaVZy-Hkk6TD_yxLT8d_fG6LyFbPaJAJg4_cg@mail.gmail.com> <CACdeXiKD_cOnFqfKFa1o6n6VzrtrBbN0pfH4DBe7g2TKbMiRLw@mail.gmail.com> <DM2PR21MB00913546EC3A8E0C931F3CB38C280@DM2PR21MB0091.namprd21.prod.outlook.com>
From: Martin Thomson <martin.thomson@gmail.com>
Date: Thu, 02 Mar 2017 14:06:23 +1100
Message-ID: <CABkgnnVhwrnLBKugkc-PtKDzroH3DcdEhmFT+7FDT9-6cU46aw@mail.gmail.com>
To: Andrei Popov <Andrei.Popov@microsoft.com>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/unbearable/2-cBeAECaUzFbATpvskmU2oNs1o>
Cc: "unbearable@ietf.org" <unbearable@ietf.org>, Leif Johansson <leifj@sunet.se>, Nick Harper <nharper@google.com>
Subject: Re: [Unbearable] WGLC 3 on core documents
X-BeenThere: unbearable@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "\"This list is for discussion of proposals for doing better than bearer tokens \(e.g. HTTP cookies, OAuth tokens etc.\) for web applications. The specific goal is chartering a WG focused on preventing security token export and replay attacks.\"" <unbearable.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/unbearable>, <mailto:unbearable-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/unbearable/>
List-Post: <mailto:unbearable@ietf.org>
List-Help: <mailto:unbearable-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/unbearable>, <mailto:unbearable-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 02 Mar 2017 03:06:26 -0000

On 2 March 2017 at 12:41, Andrei Popov <Andrei.Popov@microsoft.com> wrote:
> I think that eliminating the signature on the referred bindings makes the protocol less secure and potentially narrows the range of scenarios where it can be used.

If we had more formal analysis of the protocol, we might be able to
have these discussions without resorting to "I think" statements.  If
your claim is that a client might, under different circumstances, be
coerced into making a claim that it controlled a key that it did not
in fact control, that's an extraordinary claim requiring extraordinary
evidence.

I totally see how a client might be tricked into using the wrong key
in some different protocol - even in HTTP if there truly is a MitM -
but that doesn't provide anything other than a denial of service.  The
MitM is more than capable of causing that to happen without resorting
to trickery though.

v2.30.2 | Report a Bug | By Email | System Status