[Unbearable] More thoughts on reverse-proxies

Bill Cox <waywardgeek@google.com> Thu, 03 August 2017 15:47 UTC

Return-Path: <waywardgeek@google.com>
X-Original-To: unbearable@ietfa.amsl.com
Delivered-To: unbearable@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0B1631325D6 for <unbearable@ietfa.amsl.com>; Thu, 3 Aug 2017 08:47:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.701
X-Spam-Level:
X-Spam-Status: No, score=-2.701 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=google.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BCXwIkKyK3PN for <unbearable@ietfa.amsl.com>; Thu, 3 Aug 2017 08:47:50 -0700 (PDT)
Received: from mail-yw0-x22a.google.com (mail-yw0-x22a.google.com [IPv6:2607:f8b0:4002:c05::22a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 76D6D1325D4 for <unbearable@ietf.org>; Thu, 3 Aug 2017 08:47:50 -0700 (PDT)
Received: by mail-yw0-x22a.google.com with SMTP id l82so10916111ywc.2 for <unbearable@ietf.org>; Thu, 03 Aug 2017 08:47:50 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=1z9nBsgVAMsdRL/1U3H3IbKqk5Ky5pjluv586BP4Vqs=; b=haPUdkEPynPGZOoiHriC8oTtedWsUyrabhveRKJxYgv/jBrbxI4dM6/w36Yj67rOwn xQ/5hBLyP47YjeAOIJvW6NHuJ0Mwh3PL03KgjzInsIATGHg0aSX6HKSh+KqZYsb8VrQy f+eqmAKurY2l0SeSX1KbkHI3rAMDPeX6e0JJSH9kOKtFeIkrDgJ/Lh44TgsFi5GiP648 l73LtgExGpciu2gYVwwLab1lwDnackgjeu34Fgk1s23uHCfn2lwlYX+MNX7A4/jNeWJz UeddSnXOAahNd5u2gLDO6HQXIC4BdA+JIn63309JkzhhKGoA7aKgivGcJLUrD0ex+P7e 3Sog==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=1z9nBsgVAMsdRL/1U3H3IbKqk5Ky5pjluv586BP4Vqs=; b=sQzsDzZHsg9I/jly3ow1r569uh54E661qIamvLExLvO+1tkg3gyVuyTf4BX+JZ25MO mtpnHC5sBgPfPownK6wWZS/dN+qKiAw6vYgD7PzKNLZqo6rpMnhi1brWvuwtMBezimPZ Ta27DJ92VzDEE6B/P2gHq+htRk+DoZXW1WumyxBBy9qX7e4M9vp49xie+MOA0KilWJqP nuwYZ10iKGTqeaibWVz9ZIsPrrBEJ4HKU9WD73Ju8y9BM9EV9FpJYmWQUuewcnIa+LpH 4kSHs0f7/SWKELpadH4Ie+3jSZbAcb7gUmKQGSyFF2kbs/ph4y9Cr8pe0VvgxiiRJy4H 2f6Q==
X-Gm-Message-State: AIVw113UECK8wigcqxIIqFXJxtBUUqTgOcE+bIIMHfIVIRk4bPyM7XnW qRnF9O//7iSZeFgFBNoHkgyCmMSw/p78uXT9ag==
X-Received: by 10.129.147.67 with SMTP id k64mr1661393ywg.56.1501775269206; Thu, 03 Aug 2017 08:47:49 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.13.222.135 with HTTP; Thu, 3 Aug 2017 08:47:48 -0700 (PDT)
From: Bill Cox <waywardgeek@google.com>
Date: Thu, 3 Aug 2017 08:47:48 -0700
Message-ID: <CAH9QtQG_gpeqQD+_6xDMNg6F1RTYOEFXq1nHwnmzMePP4-EKaA@mail.gmail.com>
To: Tokbind WG <unbearable@ietf.org>
Content-Type: multipart/alternative; boundary="94eb2c07e73474a9a80555db4db2"
Archived-At: <https://mailarchive.ietf.org/arch/msg/unbearable/GJWUiGb4vsuQyGrxcBFBGZAFdcM>
Subject: [Unbearable] More thoughts on reverse-proxies
X-BeenThere: unbearable@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "\"This list is for discussion of proposals for doing better than bearer tokens \(e.g. HTTP cookies, OAuth tokens etc.\) for web applications. The specific goal is chartering a WG focused on preventing security token export and replay attacks.\"" <unbearable.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/unbearable>, <mailto:unbearable-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/unbearable/>
List-Post: <mailto:unbearable@ietf.org>
List-Help: <mailto:unbearable-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/unbearable>, <mailto:unbearable-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 03 Aug 2017 15:47:52 -0000

I like the TTRP spec, but there are at least two other modes of operation a
reverse proxy might want to use.

The simplest way for an organization that uses NGINX to enable token
binding is to use Piotr's token-binding module
<https://github.com/google/ngx_token_binding>.  Piotr did great work on
that, but there is room for improvement, such as using a more modern and
shorter MAC appended to the cookie.  Would it make sense to have an RFC for
this mode of operation?  That way, javascript that manipulates the cookie
cleartext would be simpler to write: it would only have to look for one
token-bound cookie format.

The other mode of operation is one I favor for large scale deployments: The
proxy could compute the EKG value needed for verification and pass this in
a new header to the back-end.  Then, the cookie server could verify cookie
TB signatures in the back-end.  This scheme has several advantages: