Re: [Unbearable] Artart telechat review of draft-ietf-tokbind-negotiation-12

Andrei Popov <Andrei.Popov@microsoft.com> Tue, 08 May 2018 21:49 UTC

Return-Path: <Andrei.Popov@microsoft.com>
X-Original-To: unbearable@ietfa.amsl.com
Delivered-To: unbearable@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8CEA212EAE9; Tue, 8 May 2018 14:49:44 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.01
X-Spam-Level:
X-Spam-Status: No, score=-2.01 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, T_DKIMWL_WL_HIGH=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=microsoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2tgP5ym57xYd; Tue, 8 May 2018 14:49:42 -0700 (PDT)
Received: from NAM01-SN1-obe.outbound.protection.outlook.com (mail-sn1nam01on0106.outbound.protection.outlook.com [104.47.32.106]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 91DC812D7E6; Tue, 8 May 2018 14:49:42 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=Ut/vBsH4uUHVN0x21HUhxmjNvBVZbxpFoqJNAaxBcG4=; b=UEG8+ILWTNvUuH9v1+TEVUme/K/K/iXGMWeCbtTE3GgUurhEcer/fmkjBtxLtaiq9MAP4bcPpBssZnMCrnvX1klSZqC6B2kswLZTWCBzrZeMEqK9kmtkdsxWijTucunlrCjjLD80qzTL08jPKshexE8r0x3e1Y2bxQuT9j8MSRg=
Received: from DM5PR21MB0507.namprd21.prod.outlook.com (10.172.91.141) by DM5PR21MB0828.namprd21.prod.outlook.com (10.173.172.10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.776.4; Tue, 8 May 2018 21:49:41 +0000
Received: from DM5PR21MB0507.namprd21.prod.outlook.com ([fe80::49e8:420f:baa2:a62f]) by DM5PR21MB0507.namprd21.prod.outlook.com ([fe80::49e8:420f:baa2:a62f%6]) with mapi id 15.20.0776.004; Tue, 8 May 2018 21:49:41 +0000
From: Andrei Popov <Andrei.Popov@microsoft.com>
To: Matthew Miller <linuxwolf+ietf@outer-planes.net>, "art@ietf.org" <art@ietf.org>
CC: "unbearable@ietf.org" <unbearable@ietf.org>, "draft-ietf-tokbind-negotiation.all@ietf.org" <draft-ietf-tokbind-negotiation.all@ietf.org>, "ietf@ietf.org" <ietf@ietf.org>
Thread-Topic: Artart telechat review of draft-ietf-tokbind-negotiation-12
Thread-Index: AQHT5wwOxO+s6Ar+80uyR+J4oo2PoKQmW7ig
Date: Tue, 8 May 2018 21:49:41 +0000
Message-ID: <DM5PR21MB05073538E86E74EE3373B6268C9A0@DM5PR21MB0507.namprd21.prod.outlook.com>
References: <152581170538.16247.326421324193541615@ietfa.amsl.com>
In-Reply-To: <152581170538.16247.326421324193541615@ietfa.amsl.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [2001:4898:80e8:7::4ca]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; DM5PR21MB0828; 7:NABjG4ukDHejMZO96JupMMBy+/LkyNHTY/8sF6XcjZWbyzsUY9H119SD1TQKwXMQZUNU57YosFmufvhie0Gld1p8+akJJqoRCyCCIAVBavytQGKNG6hXGNnRO5gn7uCoe9JoL/7MIny4xJ2cAKoiD4PLvKL1Zz4hqWerT2t75qWRAh4O+obKGbrjfdYBjQpQRc/Gf1q+SewTh8eQV9N99Llq9yx1xr+o2yta43jCzC2JT8JoN/5ulkuiklTRJ55l; 20:SqTsWaAG0eV4pNRlJXdsN4bEKn/gciN0SB5onr6D0tkIaGY5tmbe7Yjni/jPi9We8bC0uNm5wRWp8sz7Gg7EvaUNOClQULlLNYCKqeXoTZMh1KAXWKoWtufD+99/3zDUXTnHnxqkwUBDvhAkPZAC/yGEysbZnakipfBold6XCwk=
x-ms-exchange-antispam-srfa-diagnostics: SOS;
x-ms-office365-filtering-ht: Tenant
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(7020095)(4652020)(4534165)(4627221)(201703031133081)(201702281549075)(5600026)(48565401081)(2017052603328)(7193020); SRVR:DM5PR21MB0828;
x-ms-traffictypediagnostic: DM5PR21MB0828:
x-microsoft-antispam-prvs: <DM5PR21MB08284D2C5C84B2411D3B09008C9A0@DM5PR21MB0828.namprd21.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(158342451672863);
x-ms-exchange-senderadcheck: 1
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(8211001083)(6040522)(2401047)(8121501046)(5005006)(10201501046)(3002001)(93006095)(93001095)(3231254)(2018427008)(944501410)(52105095)(6055026)(149027)(150027)(6041310)(20161123562045)(20161123564045)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123558120)(20161123560045)(6072148)(201708071742011); SRVR:DM5PR21MB0828; BCL:0; PCL:0; RULEID:; SRVR:DM5PR21MB0828;
x-forefront-prvs: 0666E15D35
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(366004)(39380400002)(376002)(39860400002)(396003)(346002)(377424004)(51914003)(199004)(189003)(13464003)(97736004)(186003)(8990500004)(3280700002)(2906002)(46003)(305945005)(9686003)(110136005)(14454004)(53936002)(10090500001)(102836004)(6436002)(11346002)(6116002)(106356001)(6506007)(8936002)(53546011)(54906003)(476003)(105586002)(3660700001)(33656002)(55016002)(229853002)(7736002)(5250100002)(74316002)(99286004)(6346003)(2900100001)(68736007)(81156014)(5660300001)(8676002)(2501003)(446003)(6246003)(7696005)(72206003)(86612001)(22452003)(86362001)(478600001)(4326008)(76176011)(59450400001)(316002)(486006)(25786009)(10290500003)(81166006); DIR:OUT; SFP:1102; SCL:1; SRVR:DM5PR21MB0828; H:DM5PR21MB0507.namprd21.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: microsoft.com does not designate permitted sender hosts)
authentication-results: spf=none (sender IP is ) smtp.mailfrom=Andrei.Popov@microsoft.com;
x-microsoft-antispam-message-info: p9ZDiIWJ7JxJl7TLDNGkF5zZKm0fE2sFAF9XLwml8UNLL56T8osL/sh+om2tacfGtEeWkiyzo59eXVbN6PkFp//9sxoaIgQZcsQX+j05m6e5YBwEtPzZvCBWVvVOa2hhdRegqtwBgngHZLJ/vq0SCetgFzk+BlaWKeZTdiHHYpsUCM63v9FE6ljPhHABX2WE
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Office365-Filtering-Correlation-Id: 70ff92e3-d470-4d40-58fa-08d5b52d9a7f
X-OriginatorOrg: microsoft.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 70ff92e3-d470-4d40-58fa-08d5b52d9a7f
X-MS-Exchange-CrossTenant-originalarrivaltime: 08 May 2018 21:49:41.1825 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM5PR21MB0828
Archived-At: <https://mailarchive.ietf.org/arch/msg/unbearable/skWITFyYPboNW5gYqL6bm8YELK0>
Subject: Re: [Unbearable] Artart telechat review of draft-ietf-tokbind-negotiation-12
X-BeenThere: unbearable@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "\"This list is for discussion of proposals for doing better than bearer tokens \(e.g. HTTP cookies, OAuth tokens etc.\) for web applications. The specific goal is chartering a WG focused on preventing security token export and replay attacks.\"" <unbearable.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/unbearable>, <mailto:unbearable-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/unbearable/>
List-Post: <mailto:unbearable@ietf.org>
List-Help: <mailto:unbearable-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/unbearable>, <mailto:unbearable-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 08 May 2018 21:49:45 -0000

Hi Matthew,

Thanks for the review and feedback.

The idea is that:
- It is an error for the server to respond with a TB protocol version higher than the one advertised by the client. Since the client advertises its highest supported version, it makes no sense for the server to offer a higher version. If this happens, the client MUST terminate the TLS handshake.
- On the other hand, the server is allowed to offer a lower TB protocol version; if the client happens to support this lower TB version, the connection proceeds with TB. Otherwise, the connection proceeds without TB.

Please let me know if I can further clarify,

Cheers,

Andrei

-----Original Message-----
From: Matthew Miller <linuxwolf+ietf@outer-planes.net> 
Sent: Tuesday, May 8, 2018 1:35 PM
To: art@ietf.org
Cc: unbearable@ietf.org; draft-ietf-tokbind-negotiation.all@ietf.org; ietf@ietf.org
Subject: Artart telechat review of draft-ietf-tokbind-negotiation-12

Reviewer: Matthew Miller
Review result: Ready with Issues

IETF LC End Date: N/A
IESG Telechat date: 2018-05-10

Summary:  Ready with a potential issue.


Major issues:  N/A

Minor issues:

In reading the client's processing of the server's "token_binding"
extension, there seems to be the potential for falling through the cracks with regards to version:

* client MUST terminate the TLS handshake if the server's
  TB_version is greater than the client's highest supported
* client (MUST? SHOULD? MAY?) continue the TLS handshake **without
  Token Binding** if the server's TB_version is not one the client
  is willing to use (e.g., lower than the client's minimum
  acceptable version)
  
As written, it seems that a client that requires token binding has to finish TLS negotiation, then reject further interactions at the application level, but it's not clear this is the expected or best approach.  I think it's worth adding at least some language about this scenario.

Nits/editorial comments:  N/A