Re: [Unbearable] 0-RTT Token Binding: When to switch exporters?
Nick Harper <nharper@google.com> Thu, 02 March 2017 00:39 UTC
Return-Path: <nharper@google.com>
X-Original-To: unbearable@ietfa.amsl.com
Delivered-To: unbearable@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0C097129447 for <unbearable@ietfa.amsl.com>; Wed, 1 Mar 2017 16:39:41 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.702
X-Spam-Level:
X-Spam-Status: No, score=-2.702 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=google.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BXH-4ADvJAT6 for <unbearable@ietfa.amsl.com>; Wed, 1 Mar 2017 16:39:40 -0800 (PST)
Received: from mail-yw0-x231.google.com (mail-yw0-x231.google.com [IPv6:2607:f8b0:4002:c05::231]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D129C1293E8 for <unbearable@ietf.org>; Wed, 1 Mar 2017 16:39:39 -0800 (PST)
Received: by mail-yw0-x231.google.com with SMTP id p77so46038324ywg.1 for <unbearable@ietf.org>; Wed, 01 Mar 2017 16:39:39 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=OZ2IN3PgNBNlmXgEP7R2D9YnvCx57mTWxdMLB6nqQGM=; b=p6bG5ALq1/XmoEUVE17+8L48LaM9dbeF2pbQzlpSm30vKj2X40zzESfzSpSqu3AgLs hcsu7lxGA4Oo7QonBf7rToUorKEHTH9lT6xiqNq88ypSHtOo3aWccg8dn+pwHvxiv/7W K1yCD6XedCDCE5GPN5selUlT3QnETaiIyu9nF/vFdyVSE3cWW9Q/lXZDTv+CVSydHiVg uUYIRf03pZI+mCuTDBIvaFgmXzgR7iH9E/FBHWHNO6LDCdTCtnw0+6NK77UWTRuFKfBs DoAIExzfkQXPdd6vGS0baG9iXzI+0+PII/DD0V7BlD2pwsZsBZQ4TLKA4h7ARuFz1Als Rl7A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=OZ2IN3PgNBNlmXgEP7R2D9YnvCx57mTWxdMLB6nqQGM=; b=rMmg+nBx4JDTRUVvEK6y8LYJoWU51TFiUaemNgoznfwXBcEIDEG0gDU9ClrZ5C8mZu DHfJ1OIESDjYw0UBuDJ7BispRaZJVwLvu4ZTL7wmir6T7qw8TDPS6faECqC18ank80EQ MrDTA3M/I0OlZPXR5L1mh3kUNZyHeOxZBcrF5uRmxL4gw3vwdpOEWMiv1IIzWfbfHVfn EW5JgcfScMaMxOtEoeFfBbkBilM5fHvPxJKMttBe2ABdAuCrUaD65+6d/w7rj3YPYi+F VUQOVniUCUM6w8iLvh5vX/xvY5XRngqUxoHgn/SOChAx4cDfSY1c0YYRwghUJZ7EOxwU +OJA==
X-Gm-Message-State: AMke39lDX+BjosMRSxreLZhAGgMQo4woDGGBWOoP3aJxLi8WRU3DrBBQVy2hCwpp2bW+ZXRmz2RGSiU6fkEHgZyw
X-Received: by 10.129.85.138 with SMTP id j132mr3524948ywb.234.1488415179041; Wed, 01 Mar 2017 16:39:39 -0800 (PST)
MIME-Version: 1.0
Received: by 10.129.65.5 with HTTP; Wed, 1 Mar 2017 16:39:18 -0800 (PST)
In-Reply-To: <DM2PR21MB00914BA07BA984E931B88FEB8C290@DM2PR21MB0091.namprd21.prod.outlook.com>
References: <CACdeXiK2Hs=Kz_5OFryWR+9_t6nDL_p7NKjw=CwRsua_E5S9Mw@mail.gmail.com> <DM2PR0301MB084793F58146F8574BF36EE18C780@DM2PR0301MB0847.namprd03.prod.outlook.com> <CACdeXiJGcsTxrSWmd5BZrfoWTHhFF3+RisQFD628iYNMzZakhQ@mail.gmail.com> <CACdeXiJFe7-jM9qEnNB+Wp3joGxF_X1z+-dPywb9SRZuSNmAzQ@mail.gmail.com> <DM2PR21MB0091E3F087E1AECA3A63A3788C560@DM2PR21MB0091.namprd21.prod.outlook.com> <CACdeXi+YjLaXtoX47LtVK4Ay2y-mCOOraV46gbbbuQPL40ngXg@mail.gmail.com> <DM2PR21MB00910C83983BEE885B0E04288C560@DM2PR21MB0091.namprd21.prod.outlook.com> <CACdeXiLON5OAjfFCNsenCeaGV3a_LDoi17VAk=fSzF0YA5=f7Q@mail.gmail.com> <CACdeXiLNCrPSz0_hZSpQ6tsoHB7ryJ2dCnHjUYwu5vu5fO4XBg@mail.gmail.com> <SN1PR21MB0096D7426A4E230E284F0D058C560@SN1PR21MB0096.namprd21.prod.outlook.com> <CACdeXiKuzNh0fP9b-jEF82m-6mX+i04To96GMa_tFNcuznGn+A@mail.gmail.com> <DM2PR21MB00914BA07BA984E931B88FEB8C290@DM2PR21MB0091.namprd21.prod.outlook.com>
From: Nick Harper <nharper@google.com>
Date: Wed, 01 Mar 2017 16:39:18 -0800
Message-ID: <CACdeXiKQjaoAArLBcjRj+kUJUqH+f1bA5yeCCiQ6GMXzWJURBw@mail.gmail.com>
To: Andrei Popov <Andrei.Popov@microsoft.com>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/unbearable/MLL8oon_PDChCSbDCKzJZxsDvHg>
Cc: IETF Tokbind WG <unbearable@ietf.org>
Subject: Re: [Unbearable] 0-RTT Token Binding: When to switch exporters?
X-BeenThere: unbearable@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "\"This list is for discussion of proposals for doing better than bearer tokens \(e.g. HTTP cookies, OAuth tokens etc.\) for web applications. The specific goal is chartering a WG focused on preventing security token export and replay attacks.\"" <unbearable.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/unbearable>, <mailto:unbearable-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/unbearable/>
List-Post: <mailto:unbearable@ietf.org>
List-Help: <mailto:unbearable-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/unbearable>, <mailto:unbearable-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 02 Mar 2017 00:39:41 -0000
Does the solution I described upthread (where the client switches exporters soon after the handshake completes, but not necessarily immediately after) sound reasonable, or do we still need to discuss whether we should have any support whatsoever for a TokenBindingMessage in 0-RTT application data? If there are no objections to the upthread solution, I'd like to work on fleshing out the details and revising the I-D. On Tue, Feb 28, 2017 at 5:31 PM, Andrei Popov <Andrei.Popov@microsoft.com> wrote: >> For HTTP, that option would mean a client resuming a connection and sending 0-RTT data can only send in 0-RTT data requests that have no cookies (or other potentially bound tokens), which is a very limited use case. > Agreed, this is indeed a limited use-case. But so is 0-RTT application data, if one attempts to use it securely.
- [Unbearable] 0-RTT Token Binding: When to switch … Nick Harper
- Re: [Unbearable] 0-RTT Token Binding: When to swi… Andrei Popov
- Re: [Unbearable] 0-RTT Token Binding: When to swi… Nick Harper
- Re: [Unbearable] 0-RTT Token Binding: When to swi… Nick Harper
- Re: [Unbearable] 0-RTT Token Binding: When to swi… Andrei Popov
- Re: [Unbearable] 0-RTT Token Binding: When to swi… Nick Harper
- Re: [Unbearable] 0-RTT Token Binding: When to swi… Andrei Popov
- Re: [Unbearable] 0-RTT Token Binding: When to swi… Nick Harper
- Re: [Unbearable] 0-RTT Token Binding: When to swi… Nick Harper
- Re: [Unbearable] 0-RTT Token Binding: When to swi… Andrei Popov
- Re: [Unbearable] 0-RTT Token Binding: When to swi… Nick Harper
- Re: [Unbearable] 0-RTT Token Binding: When to swi… Andrei Popov
- Re: [Unbearable] 0-RTT Token Binding: When to swi… Nick Harper
- Re: [Unbearable] 0-RTT Token Binding: When to swi… Martin Thomson
- Re: [Unbearable] 0-RTT Token Binding: When to swi… Andrei Popov
- Re: [Unbearable] 0-RTT Token Binding: When to swi… Nick Harper
- Re: [Unbearable] 0-RTT Token Binding: When to swi… Nick Harper
- Re: [Unbearable] 0-RTT Token Binding: When to swi… Eric Rescorla
- Re: [Unbearable] 0-RTT Token Binding: When to swi… Nick Harper
- Re: [Unbearable] 0-RTT Token Binding: When to swi… Eric Rescorla
- Re: [Unbearable] 0-RTT Token Binding: When to swi… Nick Harper
- Re: [Unbearable] 0-RTT Token Binding: When to swi… Eric Rescorla
- Re: [Unbearable] 0-RTT Token Binding: When to swi… Martin Thomson
- Re: [Unbearable] 0-RTT Token Binding: When to swi… Eric Rescorla
- Re: [Unbearable] 0-RTT Token Binding: When to swi… Andrei Popov
- Re: [Unbearable] 0-RTT Token Binding: When to swi… Nick Harper
- Re: [Unbearable] 0-RTT Token Binding: When to swi… Andrei Popov
- Re: [Unbearable] 0-RTT Token Binding: When to swi… Nick Harper
- Re: [Unbearable] 0-RTT Token Binding: When to swi… Bill Cox
- Re: [Unbearable] 0-RTT Token Binding: When to swi… Denis
- Re: [Unbearable] 0-RTT Token Binding: When to swi… Andrei Popov