[Unbearable] Benjamin Kaduk's No Objection on draft-ietf-tokbind-https-15: (with COMMENT)

Benjamin Kaduk <kaduk@mit.edu> Thu, 10 May 2018 13:51 UTC

Return-Path: <kaduk@mit.edu>
X-Original-To: unbearable@ietf.org
Delivered-To: unbearable@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 5AEC312EAD8; Thu, 10 May 2018 06:51:58 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Benjamin Kaduk <kaduk@mit.edu>
To: "The IESG" <iesg@ietf.org>
Cc: draft-ietf-tokbind-https@ietf.org, John Bradley <ve7jtb@ve7jtb.com>, tokbind-chairs@ietf.org, ve7jtb@ve7jtb.com, unbearable@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 6.80.0
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <152596031836.10294.13536754824931837516.idtracker@ietfa.amsl.com>
Date: Thu, 10 May 2018 06:51:58 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/unbearable/LtMvZ0t5-x8hAYqJdlF0TzAOrDw>
Subject: [Unbearable] Benjamin Kaduk's No Objection on draft-ietf-tokbind-https-15: (with COMMENT)
X-BeenThere: unbearable@ietf.org
X-Mailman-Version: 2.1.22
List-Id: "\"This list is for discussion of proposals for doing better than bearer tokens \(e.g. HTTP cookies, OAuth tokens etc.\) for web applications. The specific goal is chartering a WG focused on preventing security token export and replay attacks.\"" <unbearable.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/unbearable>, <mailto:unbearable-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/unbearable/>
List-Post: <mailto:unbearable@ietf.org>
List-Help: <mailto:unbearable-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/unbearable>, <mailto:unbearable-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 10 May 2018 13:51:58 -0000

Benjamin Kaduk has entered the following ballot position for
draft-ietf-tokbind-https-15: No Objection

When responding, please keep the subject line intact and reply to all
email addresses included in the To and CC lines. (Feel free to cut this
introductory paragraph, however.)

Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html
for more information about IESG DISCUSS and COMMENT positions.

The document, along with other ballot positions, can be found here:


I agree with Alexey about clarifying that backslashes are only for readability.

I'm curious why Section 2 limits to at most one referred_token_binding.

Section 2

   A TokenBindingMessage is validated by the server as described in
   Section 4.2.  ("Server Processing Rules") of

Nit: no period after "4.2".

   [...] If validation fails and a Token Binding
   is rejected, any associated bound tokens MUST also be rejected by the

I repeat my remark about "associated" from tokbind-protocol.

Section 2.1

It seems a little unusual to see "Applications other than Web
browsers MAY [...]", though I do not object.

Section 3

To be clear, this means that the EKM used is the one from before
the renegotiation, corresponding in the somewhat-common use case of
renegotiation for optional client authentication to the
unauthenticated-client state, right?

Section 5.3

   As illustrated in Section 5.5, when a client receives this header
   field, it should take the TokenBindingID of the provided TokenBinding
   from the referrer and create a referred TokenBinding with it to
   include in the TokenBindingMessage on the redirect request.  In other
   words, the Token Binding message in the redirect request to the Token
   Provider now includes one provided binding and one referred binding,
   the latter constructed from the binding between the client and the
   Token Consumer.

I'm not really an HTTP expert, but is "redirect request" the right
term (as opposed to, say, "redirected request" or "post-redirect

   The TokenBindingMessage SHOULD contain a TokenBinding with
   TokenBindingType referred_token_binding.

At this point we may have lost track of what "The
TokenBindingMessage" refers to -- some explicit scope (the message
sent to the Token Provider after following the redirect) could be

Section 7.1

   The goal of the Federated Token Binding mechanisms is to prevent
   attackers from exporting and replaying tokens used in protocols
   between the client and Token Consumer, [...]

Do we actually need to limit the scope to Token Consumer?  The Token
Provider may also issue tokens that we want to protect, after all.

Section 7.2

Do we need to repeat the normative statements already made in
[TBPROTO]?  Maybe we can just say that [TBPROTO] requires these
things to be used, to protect against [TRIPLE-HS].