Re: [Unbearable] WGLC 3 on core documents
Nick Harper <nharper@google.com> Mon, 27 February 2017 19:36 UTC
Return-Path: <nharper@google.com>
X-Original-To: unbearable@ietfa.amsl.com
Delivered-To: unbearable@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7B8FB12A2F3 for <unbearable@ietfa.amsl.com>; Mon, 27 Feb 2017 11:36:33 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level:
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=google.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jXau2Fx-uGxw for <unbearable@ietfa.amsl.com>; Mon, 27 Feb 2017 11:36:31 -0800 (PST)
Received: from mail-yw0-x229.google.com (mail-yw0-x229.google.com [IPv6:2607:f8b0:4002:c05::229]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9376B126D73 for <unbearable@ietf.org>; Mon, 27 Feb 2017 11:36:31 -0800 (PST)
Received: by mail-yw0-x229.google.com with SMTP id v200so43928071ywc.3 for <unbearable@ietf.org>; Mon, 27 Feb 2017 11:36:31 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=pbyk86+n3TPTXWYgmOY2zaVS7edKhp4oiyq9iTiPrqQ=; b=dYRvizh+sRQwSWKivqHbgT18zC3rGFJ+V0wq2tlMOafeC9PvjbJCrfNEMrvBoNNQVx eLdTWTKpnA1xpcn+X5cyGAxzLOjF1dPYBy0SP3+/GAkAB1COc4+8iNXqiPBctV2a2Vp9 oEbipLyaN46SVhLJVxBLHwVVsXHa9gLb3+OlG6zvYS8W/jdbOasa1A3avXIkritj+/qc M3ROK5u9ko27ueBZMuEj+fk7j9nU9ysAxJlmjENQpdF4wGiv1e6ADQetRGQdFA+ft/UD WvVesPT4VhJEp0zTAPQvQD9RC3yRXIYa+dnBULek0c3SJekIYCjN0OETy96WqFWabKM9 Cc7w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=pbyk86+n3TPTXWYgmOY2zaVS7edKhp4oiyq9iTiPrqQ=; b=HYVcDWy5xCBVdcYnugRl58bFLloARmxctvhSSqHfW9iJfsARwR01qVTPB+b1zLwKGe ZFEnRkJoe/xVw2/aUiP2J0oTFLf5I9DFRz4qZP/QwptnSGqPBaPu7i1Sy7b8B9tiLjeO QS4bd3OXGJUzr81DxGhwGHrvLPlDxyHrW7lFVrK/N0k9k8wpx1FXNgdg6VnljNV6gmr7 ce0qr6R8MpMgV6mznHcc7w9Ico9DorbUWd0j9ek2RO1L58qef5pf6X65CCCTE3v3Dr/E c1Rv70HAxOldaugTNwYc+aDIuRi7WISP/tjKKaPFb28N4P6KT70H25frRTV4q5yk1fES BK6A==
X-Gm-Message-State: AMke39nwNBgfhI0DRpTR1WKHV7XU74i+o3XYYoa4tOncfI1F2mqTztmxOMGLhuhPNjp+z5NzRZAG61hw01Cj7UNK
X-Received: by 10.37.248.13 with SMTP id u13mr12788972ybd.98.1488224190463; Mon, 27 Feb 2017 11:36:30 -0800 (PST)
MIME-Version: 1.0
Received: by 10.129.65.5 with HTTP; Mon, 27 Feb 2017 11:36:10 -0800 (PST)
In-Reply-To: <705b00ac-d7dc-6d9d-9c5f-e895f22f300d@free.fr>
References: <90198679-4549-2893-6d91-f4415df217ad@sunet.se> <705b00ac-d7dc-6d9d-9c5f-e895f22f300d@free.fr>
From: Nick Harper <nharper@google.com>
Date: Mon, 27 Feb 2017 11:36:10 -0800
Message-ID: <CACdeXi+8jrQkSi3iXNE1cu0JMSHc5Kyakc5YXABkuogUijywqg@mail.gmail.com>
To: Denis <denis.ietf@free.fr>
Content-Type: multipart/alternative; boundary="f403045dc640384b3a0549883282"
Archived-At: <https://mailarchive.ietf.org/arch/msg/unbearable/BJKqCCNUsiM9p44TdWBVkhNhKT0>
Cc: IETF Tokbind WG <unbearable@ietf.org>
Subject: Re: [Unbearable] WGLC 3 on core documents
X-BeenThere: unbearable@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "\"This list is for discussion of proposals for doing better than bearer tokens \(e.g. HTTP cookies, OAuth tokens etc.\) for web applications. The specific goal is chartering a WG focused on preventing security token export and replay attacks.\"" <unbearable.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/unbearable>, <mailto:unbearable-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/unbearable/>
List-Post: <mailto:unbearable@ietf.org>
List-Help: <mailto:unbearable-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/unbearable>, <mailto:unbearable-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 27 Feb 2017 19:36:33 -0000
The client collusion scenario is about one client exporting a bound token for another client to use. This bound token is a security token, and reusing the token (whether it is on the same client or another client) is replaying it. Hence, "Security Token Replay" is a perfectly appropriate section for those sentences. They don't need their own section. On Mon, Feb 27, 2017 at 1:19 AM, Denis <denis.ietf@free.fr> wrote: > Comments on draft-ietf-tokbind-protocol-13 (The Token Binding Protocol > Version 1.0) > > On page 14 within the Security Considerations section, I appreciate the > fact that the following sentences have been added: > > * The Token Binding protocol does not prevent cooperating clients from* > * sharing a bound token. A client could intentionally export a bound* > * token with the corresponding Token Binding private key, or perform* > * signatures using this key on behalf of another client.* > > > However, these sentences have been placed inside section 7.1. which is > called "Security Token Replay". > > This security consideration has nothing to do with "Security Token Replay" > but with "Client collusion". > > Therefore, these sentences should be placed under a new section called: > "7.2. Client collusion". > > ============================================================ > ========================== > > Comments on draft-ietf-tokbind-https-08 (Token Binding over HTTP) > > On page 14 within the Security Considerations section, the same kind of > change as the one requested > for draft-ietf-tokbind-protocol-13 (The Token Binding Protocol Version > 1.0) should be done, i.e. add a new section > called: "7.2. Client collusion" with the following text : > > > > > * Token Binding over HTTP does not prevent cooperating clients from > sharing a bound token. A client could intentionally export a bound > token with the corresponding Token Binding private key, or perform > signatures using this key on behalf of another client.* > > > Denis > > _______________________________________________ > Unbearable mailing list > Unbearable@ietf.org > https://www.ietf.org/mailman/listinfo/unbearable > >
- [Unbearable] WGLC 3 on core documents Leif Johansson
- Re: [Unbearable] WGLC 3 on core documents Denis
- Re: [Unbearable] WGLC 3 on core documents Nick Harper
- Re: [Unbearable] WGLC 3 on core documents Denis
- Re: [Unbearable] WGLC 3 on core documents Leif Johansson
- Re: [Unbearable] WGLC 3 on core documents Martin Thomson
- Re: [Unbearable] WGLC 3 on core documents Andrei Popov
- Re: [Unbearable] WGLC 3 on core documents Brian Campbell
- Re: [Unbearable] WGLC 3 on core documents Martin Thomson
- Re: [Unbearable] WGLC 3 on core documents Nick Harper
- Re: [Unbearable] WGLC 3 on core documents Martin Thomson
- Re: [Unbearable] WGLC 3 on core documents Martin Thomson
- Re: [Unbearable] WGLC 3 on core documents Martin Thomson
- Re: [Unbearable] WGLC 3 on core documents Nick Harper
- Re: [Unbearable] WGLC 3 on core documents Andrei Popov
- Re: [Unbearable] WGLC 3 on core documents Martin Thomson
- Re: [Unbearable] WGLC 3 on core documents Andrei Popov
- Re: [Unbearable] WGLC 3 on core documents Martin Thomson
- Re: [Unbearable] WGLC 3 on core documents Brian Campbell
- Re: [Unbearable] WGLC 3 on core documents Andrei Popov
- Re: [Unbearable] WGLC 3 on core documents Brian Campbell
- Re: [Unbearable] WGLC 3 on core documents Andrei Popov