Re: [Unbearable] Alexey Melnikov's Discuss on draft-ietf-tokbind-negotiation-12: (with DISCUSS and COMMENT)

Alexey Melnikov <aamelnikov@fastmail.fm> Wed, 09 May 2018 15:18 UTC

Return-Path: <aamelnikov@fastmail.fm>
X-Original-To: unbearable@ietfa.amsl.com
Delivered-To: unbearable@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 075FE1242F5; Wed, 9 May 2018 08:18:12 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.8
X-Spam-Level:
X-Spam-Status: No, score=-0.8 tagged_above=-999 required=5 tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=fastmail.fm header.b=OtB7fGqp; dkim=pass (2048-bit key) header.d=messagingengine.com header.b=FzMNugrF
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wex-I4BCs0Vo; Wed, 9 May 2018 08:18:06 -0700 (PDT)
Received: from out3-smtp.messagingengine.com (out3-smtp.messagingengine.com [66.111.4.27]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CAF2D127444; Wed, 9 May 2018 08:18:05 -0700 (PDT)
Received: from compute7.internal (compute7.nyi.internal [10.202.2.47]) by mailout.nyi.internal (Postfix) with ESMTP id 18B5F227FA; Wed, 9 May 2018 11:18:05 -0400 (EDT)
Received: from web5 ([10.202.2.215]) by compute7.internal (MEProxy); Wed, 09 May 2018 11:18:05 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fastmail.fm; h= cc:content-transfer-encoding:content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to:x-me-sender :x-me-sender:x-sasl-enc; s=fm3; bh=hKkgRy3/aEN9wZ0MApE7r6BVExaVn dvQxu92Pox4H6E=; b=OtB7fGqpU+z7Tpv4nJwEz45zQkXJyoa9SlUkcstnLpxqp VAOpm0FfqCBRy50HqjAeWWCQH5TZJAIQsFg61B2m8jrPde8n+QpdTo2V42zcBsKA V2AQyklu5x/GbQrmwyVI+ppMoIrwfzh0UyrMVMaQboDj4savOaZztvHXUgCU+vQa E4KclOYlnf7y8l/oQVT6snntQvcFNpUPwQxsaEvwQZnFGsQf/E21EXr609VRNDmF wv1RC4CwYdJvbnIovOvxoJNqIU4C89+n++3oUsQ+FkCP2s0FNUme2PBlI3NRXbr1 kDuOHbcY0vDXBNLDgV+FRgUdctUpIOpuDwaol4HyA==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-transfer-encoding:content-type :date:from:in-reply-to:message-id:mime-version:references :subject:to:x-me-sender:x-me-sender:x-sasl-enc; s=fm2; bh=hKkgRy 3/aEN9wZ0MApE7r6BVExaVndvQxu92Pox4H6E=; b=FzMNugrF/EKGRUZzL7EbKd S5N22T59zto3kveW0jVBtVnWecE4r97NprBiXB1O8iMTWkSIubY4L9gH0faTS4sy CeZdst4V8iDX7qib1pbWutuFVc8MSiksUp3HCremgPnqLmaFtbd740pPMN4k38ZL JvRHACOpgk2vpMlzqt0YchhuSqpuuQXZX7vpJLlj/eCA6r7j6XFvIjR1WgfNdhaB uc+PgiGtwK+UUGKZTHzaMOYWnmGNlprCTf1/VB2/0eV6x7d66FjA7SLtGeD6imt2 OPj/E3JZZYh8Lx9SddmPShbFYRsii0Cp4h56HqVMSH4HxTuOGdYrr2WqsmI2wQzA ==
X-ME-Sender: <xms:LRHzWqNtgwV-nIgVcvAHwUkrZ-UIsBc055cO8sezhMPsdDcy-2OtHA>
Received: by mailuser.nyi.internal (Postfix, from userid 99) id D82D29E0DA; Wed, 9 May 2018 11:18:04 -0400 (EDT)
Message-Id: <1525879084.3938368.1366298224.73E1E829@webmail.messagingengine.com>
From: Alexey Melnikov <aamelnikov@fastmail.fm>
To: Andrei Popov <Andrei.Popov@microsoft.com>, The IESG <iesg@ietf.org>
Cc: ve7jtb@ve7jtb.com, draft-ietf-tokbind-negotiation@ietf.org, unbearable@ietf.org, tokbind-chairs@ietf.org
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="utf-8"
X-Mailer: MessagingEngine.com Webmail Interface - ajax-29fe4c42
In-Reply-To: <DM5PR21MB0507C39C1A09C13C32385F2F8C9B0@DM5PR21MB0507.namprd21.prod.outlook.com>
References: <152562063795.26840.1916104340550306942.idtracker@ietfa.amsl.com> <DM5PR21MB0507C39C1A09C13C32385F2F8C9B0@DM5PR21MB0507.namprd21.prod.outlook.com>
Date: Wed, 09 May 2018 16:18:04 +0100
Archived-At: <https://mailarchive.ietf.org/arch/msg/unbearable/WifZbp2mhN2iI11KHIk4LettRZU>
Subject: Re: [Unbearable] Alexey Melnikov's Discuss on draft-ietf-tokbind-negotiation-12: (with DISCUSS and COMMENT)
X-BeenThere: unbearable@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "\"This list is for discussion of proposals for doing better than bearer tokens \(e.g. HTTP cookies, OAuth tokens etc.\) for web applications. The specific goal is chartering a WG focused on preventing security token export and replay attacks.\"" <unbearable.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/unbearable>, <mailto:unbearable-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/unbearable/>
List-Post: <mailto:unbearable@ietf.org>
List-Help: <mailto:unbearable-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/unbearable>, <mailto:unbearable-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 09 May 2018 15:18:12 -0000

Hi Andrei,

On Mon, May 7, 2018, at 8:06 PM, Andrei Popov wrote:
> Hi Alexey,
> 
> Thanks for reviewing the specs, I appreciate your comments.
> 
> > What is the significance of "major" and "minor" versions?
> There is no normative significance; the version value is split into two 
> parts for convenience of discussion only, so that we can talk about 
> versions such as 0.10, 0.13, 1.0, etc.

I am tempted to suggest that you should replace it with a single unsigned 16bit, as "major" doesn't mean anything

> > Any rules on what kind of changed would require increment of the "major" version.
> > Any restrictions on what must remain the same when the "major" (or "minor") version gets incremented?
> We have no such rules; it is common to increment the "major" protocol 
> version when "significant" changes happen, but this is up to future 
> protocol specs to define.

I urge the WG to think about extensibility now, as opposed to deciding later. Both TLS and HTTP specifications put much more thoughts into versionning.

If you don't need generic extensibility (you already have ability to support different private key types), then maybe you don't need the version field at all. You can just get a new TLS extension number if you need some incompatible changes. (Or to ask it in another way: do you just have the version number field to work around strict TLS extension code point allocation rules?)

> > Any requirements on backward compatibility when only the "minor" version is incremented?
> There is no backward compatibility between different Token Binding 
> protocol versions, regardless of which component of TB_ProtocolVersion 
> changes.
> 
> > Wouldn't be better to point to the IANA registry established by [I-D.ietf-tokbind-protocol]?
> Indeed, it may be better to say something like "[I-D.ietf-tokbind-
> protocol] establishes an IANA registry for Token Binding key parameters" 
> or something to this effect.
> I'll try to wordsmith this.

Yes, this sounds good.

Best Regards,
Alexey

> Cheers,
> 
> Andrei
> 
> -----Original Message-----
> From: Alexey Melnikov <aamelnikov@fastmail.fm> 
> Sent: Sunday, May 6, 2018 8:31 AM
> To: The IESG <iesg@ietf.org>
> Cc: draft-ietf-tokbind-negotiation@ietf.org; John Bradley 
> <ve7jtb@ve7jtb.com>om>; tokbind-chairs@ietf.org; ve7jtb@ve7jtb.com; 
> unbearable@ietf.org
> Subject: Alexey Melnikov's Discuss on draft-ietf-tokbind-negotiation-12: 
> (with DISCUSS and COMMENT)
> 
> Alexey Melnikov has entered the following ballot position for
> draft-ietf-tokbind-negotiation-12: Discuss
> 
> When responding, please keep the subject line intact and reply to all 
> email addresses included in the To and CC lines. (Feel free to cut this 
> introductory paragraph, however.)
> 
> 
> Please refer to 
> https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf.org%2Fiesg%2Fstatement%2Fdiscuss-criteria.html&data=02%7C01%7CAndrei.Popov%40microsoft.com%7C59e09351f0fe4b2fb9ac08d5b366524f%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C1%7C636612174409112174&sdata=LDU%2F%2FEr7lCYt0gm0yExDVINW1DGJh5S5cJJRv%2FRULQY%3D&reserved=0
> for more information about IESG DISCUSS and COMMENT positions.
> 
> 
> The document, along with other ballot positions, can be found here:
> https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdatatracker.ietf.org%2Fdoc%2Fdraft-ietf-tokbind-negotiation%2F&data=02%7C01%7CAndrei.Popov%40microsoft.com%7C59e09351f0fe4b2fb9ac08d5b366524f%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C1%7C636612174409112174&sdata=ka1kQLpRehbQmXHtxHj73cqfGsRw1Axvk%2BS%2BjkbOatQ%3D&reserved=0
> 
> 
> 
> ----------------------------------------------------------------------
> DISCUSS:
> ----------------------------------------------------------------------
> 
> I will be switching to "Yes" once one issue mentioned below is discussed:
> 
> I would like to have a quick discussion about your versionning model:
> 
>    struct {
>        uint8 major;
>        uint8 minor;
>    } TB_ProtocolVersion;
> 
> What is the significance of "major" and "minor" versions?
> Any rules on what kind of changed would require increment of the "major"
> version. Any restrictions on what must remain the same when the 
> "major" (or
> "minor") version gets incremented? Any requirements on backward 
> compatibility when only the "minor" version is incremented?
> 
> 
> ----------------------------------------------------------------------
> COMMENT:
> ----------------------------------------------------------------------
> 
> In Section 2:
> 
>    "key_parameters_list" contains the list of identifiers of the Token
>    Binding key parameters supported by the client, in descending order
>    of preference.  [I-D.ietf-tokbind-protocol] defines an initial set of
>    identifiers for Token Binding key parameters.
> 
> Wouldn't be better to point to the IANA registry established by [I-
> D.ietf-tokbind-protocol]?
> My concern is that you might be misleading implementors into not looking 
> there.
> 
>