IETF Logo Mail Archive

Re: [Unbearable] WGLC 3 on core documents

Martin Thomson <martin.thomson@gmail.com> Thu, 02 March 2017 00:51 UTC

Return-Path: <martin.thomson@gmail.com>
X-Original-To: unbearable@ietfa.amsl.com
Delivered-To: unbearable@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B3F96129459 for <unbearable@ietfa.amsl.com>; Wed, 1 Mar 2017 16:51:33 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level:
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lvudy_8aZi3u for <unbearable@ietfa.amsl.com>; Wed, 1 Mar 2017 16:51:29 -0800 (PST)
Received: from mail-qk0-x22f.google.com (mail-qk0-x22f.google.com [IPv6:2607:f8b0:400d:c09::22f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5B745129462 for <unbearable@ietf.org>; Wed, 1 Mar 2017 16:51:29 -0800 (PST)
Received: by mail-qk0-x22f.google.com with SMTP id n127so99963748qkf.0 for <unbearable@ietf.org>; Wed, 01 Mar 2017 16:51:29 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=LBSF5CbDJ5SUo96gb/ecG+eLp1VJOZN71L0lkQFrS3U=; b=ToJ6LTJEafJeW5TdKzH6NsAdT9hz+tD/2JyOIiL10rZraKoMPKWdeEJv5dBRNZgeYv HsMXMN1RhYAE9qS8L5+1bV+K7MopWjJKAsnvFD0UVtx71Z31rSsP7b6bQO2pFORXc1g4 pEhCnROlX4WkiKAFqCrC4SL0ndIH1luCrkaqtomoaK8j3K0jjNIL0/Btd+58JNxMwqm9 YjsWPKcFo2e7b7wGiyANYwQ259bbmIZdEOaLexujc/APgBYladnOsWZeOkRzzDJauZwf jlqwKYAA8I+ejJBBlt0hLSIx+BKGZUWeiQGfH1PzXr4wCe9Eb7QiSqH4GnuklEuRMUpu KnlQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=LBSF5CbDJ5SUo96gb/ecG+eLp1VJOZN71L0lkQFrS3U=; b=JDwq1lbHkQTfXZq6v3ArFJtCatZfoXu+N/jX+fGRBpVoJquMSezjsn0RpIk9/ljVNU U+iwclH3eOkF9m8+ng2CC+m3C5KBxCkLv1bjlp/jMO98goTvKXwW6IJBgr+1NGsGrGVm qrq2cXUdplOmame9JDowSiGrd3Og9EWKp0NXF1z9myGYB50a5Ebq9GDqLEwJyJbr1tzH B4sklIaQ/wENfAuvFc1Si555FWhdfhz5QEwLeoYP/Hpjq4IpT9q3XpD8dHRO5p3nqkKn Ca6UcpiJiGfSxQqLD+5XF049+FCYlkdppQu/UFJ+enuZl2ZVU9ITEtPO0EcCo9turQ/2 iaZw==
X-Gm-Message-State: AMke39kyyNjuSp3yJhcFx8opns1BZkEKTk0z9lNi1w2YoU577tQQSzxWFeqDrJsul/U1cp9wQlEDe9Pim181gA==
X-Received: by 10.200.46.91 with SMTP id s27mr14939018qta.278.1488415888572; Wed, 01 Mar 2017 16:51:28 -0800 (PST)
MIME-Version: 1.0
Received: by 10.140.19.112 with HTTP; Wed, 1 Mar 2017 16:51:27 -0800 (PST)
In-Reply-To: <CACdeXi+gXHuaxayk03c3COg-Cq96QHVf+udF1D+4fv3Eq+Huiw@mail.gmail.com>
References: <90198679-4549-2893-6d91-f4415df217ad@sunet.se> <CABkgnnUPNRS1AUaVZy-Hkk6TD_yxLT8d_fG6LyFbPaJAJg4_cg@mail.gmail.com> <CACdeXiKD_cOnFqfKFa1o6n6VzrtrBbN0pfH4DBe7g2TKbMiRLw@mail.gmail.com> <CABkgnnWU=WbrqzF-vOrbyjT9_VG_C77_oLx90C=GRLTcmu3Svg@mail.gmail.com> <CACdeXi+gXHuaxayk03c3COg-Cq96QHVf+udF1D+4fv3Eq+Huiw@mail.gmail.com>
From: Martin Thomson <martin.thomson@gmail.com>
Date: Thu, 02 Mar 2017 11:51:27 +1100
Message-ID: <CABkgnnX2oPrHLKvKvZJR1XLbERcWGKUCHerzeyXM7uKHgCtPgA@mail.gmail.com>
To: Nick Harper <nharper@google.com>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/unbearable/T9YlMXZhMqMdgbQ_bwPPRY986bY>
Cc: "unbearable@ietf.org" <unbearable@ietf.org>, Leif Johansson <leifj@sunet.se>
Subject: Re: [Unbearable] WGLC 3 on core documents
X-BeenThere: unbearable@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "\"This list is for discussion of proposals for doing better than bearer tokens \(e.g. HTTP cookies, OAuth tokens etc.\) for web applications. The specific goal is chartering a WG focused on preventing security token export and replay attacks.\"" <unbearable.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/unbearable>, <mailto:unbearable-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/unbearable/>
List-Post: <mailto:unbearable@ietf.org>
List-Help: <mailto:unbearable-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/unbearable>, <mailto:unbearable-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 02 Mar 2017 00:51:34 -0000

> I was only including a list since the current structure of a
> TokenBindingMessage allows for multiple referred TBIDs. I wasn't
> trying to change how a redirect chain would work. If we change TBPROTO
> to have signature-less referred token bindings, I think the
> TokenBindingMessage would to change to one of the following:

I would have thought that you would instead make the message contents
dependent on the type.  That would be consistent with the needs of any
future addition of attestations, which have yet another format.

As I mentioned in my review, I would also prefer to see the entire
contents of the message signed.  Thus:

struct {
  TokenBindingType type;
  TokenBindingContent content<1..2^16-1>;
  opaque signature<1..2^16-1>;
} TokenBindingMessage;

The signature would cover type, the content length and the content in
an ideal situation.

And then you can define per-type content, which for a regular message
is just one TBID, or, for a referred TB, two (or many, still can't
grok the use case for that - AND or OR?).

v2.30.2 | Report a Bug | By Email | System Status