IETF Logo Mail Archive

Re: [Unbearable] one proposal for a charter - please dicsuss

Andrei Popov <Andrei.Popov@microsoft.com> Tue, 09 December 2014 01:52 UTC

Return-Path: <Andrei.Popov@microsoft.com>
X-Original-To: unbearable@ietfa.amsl.com
Delivered-To: unbearable@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 19BBC1A0379 for <unbearable@ietfa.amsl.com>; Mon, 8 Dec 2014 17:52:40 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HJvoPGoJtm9N for <unbearable@ietfa.amsl.com>; Mon, 8 Dec 2014 17:52:37 -0800 (PST)
Received: from na01-bl2-obe.outbound.protection.outlook.com (mail-bl2on0109.outbound.protection.outlook.com [65.55.169.109]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 994581A02F1 for <unbearable@ietf.org>; Mon, 8 Dec 2014 17:52:36 -0800 (PST)
Received: from BN3PR0301MB1250.namprd03.prod.outlook.com (25.161.207.26) by BN3PR0301MB1252.namprd03.prod.outlook.com (25.161.207.28) with Microsoft SMTP Server (TLS) id 15.1.31.17; Tue, 9 Dec 2014 01:52:34 +0000
Received: from BN3PR0301MB1250.namprd03.prod.outlook.com ([25.161.207.26]) by BN3PR0301MB1250.namprd03.prod.outlook.com ([25.161.207.26]) with mapi id 15.01.0031.000; Tue, 9 Dec 2014 01:52:34 +0000
From: Andrei Popov <Andrei.Popov@microsoft.com>
To: Phillip Hallam-Baker <phill@hallambaker.com>, Stephen Farrell <stephen.farrell@cs.tcd.ie>
Thread-Topic: [Unbearable] one proposal for a charter - please dicsuss
Thread-Index: AQHQEz13HUkUpVDAykapHgbkfe3625yGWqQAgAAcnYA=
Date: Tue, 09 Dec 2014 01:52:34 +0000
Message-ID: <BN3PR0301MB1250C495221827422B8C22A88C650@BN3PR0301MB1250.namprd03.prod.outlook.com>
References: <54863200.4030600@cs.tcd.ie> <CAMm+LwjsTNc=wK2m4t1K5K6d2dN_v6q9DHzB6vxxG+adXvmrew@mail.gmail.com>
In-Reply-To: <CAMm+LwjsTNc=wK2m4t1K5K6d2dN_v6q9DHzB6vxxG+adXvmrew@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [2001:4898:80e8:ed31::2]
x-microsoft-antispam: BCL:0;PCL:0;RULEID:;SRVR:BN3PR0301MB1252;
x-exchange-antispam-report-test: UriScan:;
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:; SRVR:BN3PR0301MB1252;
x-forefront-prvs: 0420213CCD
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(53754006)(199003)(377454003)(24454002)(189002)(16236675004)(86362001)(33656002)(86612001)(19300405004)(50986999)(106356001)(77156002)(62966003)(21056001)(92566001)(54206007)(107046002)(561944003)(99396003)(76176999)(40100003)(46102003)(19609705001)(120916001)(19625215002)(54606007)(122556002)(19617315012)(19580395003)(76576001)(20776003)(87936001)(2656002)(68736005)(74316001)(99286002)(64706001)(106116001)(105586002)(97736003)(4396001)(31966008)(19580405001)(54356999)(101416001)(15975445007)(102836002)(3826002); DIR:OUT; SFP:1102; SCL:1; SRVR:BN3PR0301MB1252; H:BN3PR0301MB1250.namprd03.prod.outlook.com; FPR:; SPF:None; MLV:sfv; PTR:InfoNoRecords; A:1; MX:1; LANG:en;
Content-Type: multipart/alternative; boundary="_000_BN3PR0301MB1250C495221827422B8C22A88C650BN3PR0301MB1250_"
MIME-Version: 1.0
X-OriginatorOrg: microsoft.onmicrosoft.com
Archived-At: http://mailarchive.ietf.org/arch/msg/unbearable/OXW59xX60biKtwVrrzdn8dzLeFA
X-Mailman-Approved-At: Mon, 08 Dec 2014 18:31:27 -0800
Cc: "unbearable@ietf.org" <unbearable@ietf.org>
Subject: Re: [Unbearable] one proposal for a charter - please dicsuss
X-BeenThere: unbearable@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "\"This list is for discussion of proposals for doing better than bearer tokens \(e.g. HTTP cookies, OAuth tokens etc.\) for web applications. The specific goal is chartering a WG focused on preventing security token export and replay attacks.\"" <unbearable.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/unbearable>, <mailto:unbearable-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/unbearable/>
List-Post: <mailto:unbearable@ietf.org>
List-Help: <mailto:unbearable-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/unbearable>, <mailto:unbearable-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 09 Dec 2014 01:52:40 -0000

Hi Phillip,


Ø  In particular I don't think we are getting away from bearer tokens, we are just hiding them different.

The Token Binding Protocol I-D<http://tools.ietf.org/html/draft-popov-token-binding-00> provides a mechanism for binding security tokens to the TLS layer. When a bound token is presented to a server, the server verifies the token binding and rejects the token if the binding verification fails. Therefore, such bound tokens are not bearer tokens: they are resistant to export and replay attacks.


Ø  This is a draft I have been working on for a while. It allows a token to be bound to a HTTP/TLS channel.

I agree that your draft is designed to solve a similar problem, although the approach you’ve taken is different in multiple ways. We can discuss these differences, but perhaps we should first focus on establishing the WG charter.

Cheers,

Andrei

From: Unbearable [mailto:unbearable-bounces@ietf.org] On Behalf Of Phillip Hallam-Baker
Sent: Monday, December 8, 2014 3:42 PM
To: Stephen Farrell
Cc: unbearable@ietf.org
Subject: Re: [Unbearable] one proposal for a charter - please dicsuss



On Mon, Dec 8, 2014 at 6:19 PM, Stephen Farrell <stephen.farrell@cs.tcd.ie<mailto:stephen.farrell@cs.tcd.ie>> wrote:

Hi all,

There's about 70+ people on the list now so let's kick off.

Andrei sent Kathleen and I the charter proposal below a while
ago. For myself I don't think its quite right yet but I'd
rather hear what you all think. So please discuss...

Cheers,
S.


Token Binding (TB)

Charter for Working Group

Web services generate various security tokens (e.g.  HTTP cookies, OAuth
tokens, etc.) for web applications to access protected resources.
Currently these are bearer tokens, i.e. any party in possession of such
token gains access to the protected resource. Attackers export bearer
tokens from client machines or from compromised network connections,
present these bearer tokens to Web services, and impersonate
authenticated users. The idea of Token Binding is to prevent such
attacks by cryptographically binding security tokens to the TLS layer.

The tasks of this working group are as follows:
1.            Specify the Token Binding protocol v1.0.
2.            Specify the use of the Token Binding protocol in
combination with HTTPS.

It is a goal of this working group to prevent security token export and
replay attacks, but other issues associated with the use of security
tokens are out of scope. It is a goal of this working group to design
the Token Binding protocol such that it would be also useable with
application protocols other than HTTPS, however specifying such uses is
not a primary goal.

Umm, I am still rather fuzzy about what is proposed here Stephen.

In particular I don't think we are getting away from bearer tokens, we are just hiding them different.

This is a draft I have been working on for a while. It allows a token to be bound to a HTTP/TLS channel.

http://tools.ietf.org/html/draft-hallambaker-httpsession-03


It might help if we had a definition of bearer token. I don't think that formulation is helping. The problem is not that we have bearer tokens, it is that our proofs of possession force them to be disclosed in plaintext to the party checking them.

Is an RSA private key a bearer token?
How about a kerberos ticket?


Presenting this as a problem with the token puts us off track. The problem is with the way we use them.

v2.23.0 | Report a Bug | By Email