Re: [Unbearable] FWD: Status of draft-ietf-tokbind-https

=JeffH <> Thu, 16 November 2017 02:52 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id BBA3512940E for <>; Wed, 15 Nov 2017 18:52:13 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -4.701
X-Spam-Status: No, score=-4.701 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-2.8, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id PTkxbxp16Qd1 for <>; Wed, 15 Nov 2017 18:52:12 -0800 (PST)
Received: from ( []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id F2F33128954 for <>; Wed, 15 Nov 2017 18:52:11 -0800 (PST)
Received: from CMOut01 (unknown []) by (Postfix) with ESMTP id 3A48D120475 for <>; Wed, 15 Nov 2017 19:51:27 -0700 (MST)
Received: from ([]) by CMOut01 with id aSrQ1w0042UhLwi01SrTF8; Wed, 15 Nov 2017 19:51:27 -0700
X-Authority-Analysis: v=2.2 cv=K4VSJ2eI c=1 sm=1 tr=0 a=9W6Fsu4pMcyimqnCr1W0/w==:117 a=9W6Fsu4pMcyimqnCr1W0/w==:17 a=IkcTkHD0fZMA:10 a=sC3jslCIGhcA:10 a=yMhMjlubAAAA:8 a=5IsXbjgYAAAA:8 a=1XWaLZrsAAAA:8 a=48vgC7mUAAAA:8 a=qI-sqkvjAAAA:8 a=so3EvALKwebfFulFyOwA:9 a=QEXdDO2ut3YA:10 a=RR2nPHISKLg-FD_FhCoU:22 a=w1C3t2QeGrPiZgrLijVG:22
Received: from ([]:57208) by with esmtpsa (TLSv1.2:ECDHE-RSA-AES128-GCM-SHA256:128) (Exim 4.87) (envelope-from <>) id 1eFAGx-0013tb-R9 for; Wed, 15 Nov 2017 19:51:24 -0700
To: IETF TokBind WG <>
From: =JeffH <>
Message-ID: <>
Date: Thu, 16 Nov 2017 10:51:21 +0800
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:52.0) Gecko/20100101 Thunderbird/52.4.0
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Language: en-US
Content-Transfer-Encoding: 8bit
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname -
X-AntiAbuse: Original Domain -
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain -
X-BWhitelist: no
X-Exim-ID: 1eFAGx-0013tb-R9
X-Source-Sender: []:57208
X-Email-Count: 4
X-Source-Cap: a2luZ3Ntb3U7a2luZ3Ntb3U7Ym94NTE0LmJsdWVob3N0LmNvbQ==
X-Local-Domain: no
Archived-At: <>
Subject: Re: [Unbearable] FWD: Status of draft-ietf-tokbind-https
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "\"This list is for discussion of proposals for doing better than bearer tokens \(e.g. HTTP cookies, OAuth tokens etc.\) for web applications. The specific goal is chartering a WG focused on preventing security token export and replay attacks.\"" <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 16 Nov 2017 02:52:14 -0000

From: Andrei Popov <>
Date: Monday, November 13, 2017 at 10:50 PM
To: Eric Rescorla <>om>, Leif Johansson <>se>, Vinod 
Anupam <>
Cc: "" 
<>rg>, "" 
Subject: RE: Status of draft-ietf-tokbind-https
Resent-From: <>rg>, Andrei Popov 
Resent-To: <>om>, <>om>, Dirk 
Balfanz <>om>, Adam Langley <>om>, 
<>om>, Jeff Hodges <>om>, 
Resent-Date: Tuesday, November 14, 2017 at 12:23 AM

I’m available in the morning; unfortunately, Dirk is not here, but 
Anupam can represent him.

Regarding the attack, it is not quite clear to me:
Even assuming the TP is willing to issue a token for Alice to connect to 
the Attacker (which probably means the Attacker is a server known to the 
TP), this token will be bound to the TB key Alice has created for use 
with the attacker.
So the attacker cannot use this token to impersonate Alice to another 
server (without also stealing the corresponding private key).
Or am I missing something?

What time should we meet tomorrow?