Re: [Unbearable] Ben Campbell's Yes on draft-ietf-tokbind-protocol-17: (with COMMENT)
Ben Campbell <ben@nostrum.com> Thu, 10 May 2018 03:24 UTC
Return-Path: <ben@nostrum.com>
X-Original-To: unbearable@ietfa.amsl.com
Delivered-To: unbearable@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C46F512D873; Wed, 9 May 2018 20:24:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.879
X-Spam-Level:
X-Spam-Status: No, score=-1.879 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, T_SPF_HELO_PERMERROR=0.01, T_SPF_PERMERROR=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XCqYQTw9HtgL; Wed, 9 May 2018 20:24:52 -0700 (PDT)
Received: from nostrum.com (raven-v6.nostrum.com [IPv6:2001:470:d:1130::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C5EC912D871; Wed, 9 May 2018 20:24:52 -0700 (PDT)
Received: from [10.0.1.94] (cpe-66-25-7-22.tx.res.rr.com [66.25.7.22]) (authenticated bits=0) by nostrum.com (8.15.2/8.15.2) with ESMTPSA id w4A3OoxR065076 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NO); Wed, 9 May 2018 22:24:50 -0500 (CDT) (envelope-from ben@nostrum.com)
X-Authentication-Warning: raven.nostrum.com: Host cpe-66-25-7-22.tx.res.rr.com [66.25.7.22] claimed to be [10.0.1.94]
From: Ben Campbell <ben@nostrum.com>
Message-Id: <4CC4BC4A-C2D6-4535-A30C-52AF2834E64D@nostrum.com>
Content-Type: multipart/signed; boundary="Apple-Mail=_F69DB75F-BC82-47A7-A77C-4FADFB6A9A3B"; protocol="application/pgp-signature"; micalg="pgp-sha512"
Mime-Version: 1.0 (Mac OS X Mail 11.3 \(3445.6.18\))
Date: Wed, 09 May 2018 22:24:48 -0500
In-Reply-To: <DM5PR21MB0507E7960EBFD0D7EBD351048C990@DM5PR21MB0507.namprd21.prod.outlook.com>
Cc: The IESG <iesg@ietf.org>, "draft-ietf-tokbind-protocol@ietf.org" <draft-ietf-tokbind-protocol@ietf.org>, John Bradley <ve7jtb@ve7jtb.com>, "tokbind-chairs@ietf.org" <tokbind-chairs@ietf.org>, "unbearable@ietf.org" <unbearable@ietf.org>
To: Andrei Popov <Andrei.Popov@microsoft.com>
References: <152589571183.4023.6683971544993897004.idtracker@ietfa.amsl.com> <DM5PR21MB0507E7960EBFD0D7EBD351048C990@DM5PR21MB0507.namprd21.prod.outlook.com>
X-Mailer: Apple Mail (2.3445.6.18)
Archived-At: <https://mailarchive.ietf.org/arch/msg/unbearable/gWaAbtuSGLaD-NRGqQ91bEWKEZQ>
Subject: Re: [Unbearable] Ben Campbell's Yes on draft-ietf-tokbind-protocol-17: (with COMMENT)
X-BeenThere: unbearable@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "\"This list is for discussion of proposals for doing better than bearer tokens \(e.g. HTTP cookies, OAuth tokens etc.\) for web applications. The specific goal is chartering a WG focused on preventing security token export and replay attacks.\"" <unbearable.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/unbearable>, <mailto:unbearable-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/unbearable/>
List-Post: <mailto:unbearable@ietf.org>
List-Help: <mailto:unbearable-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/unbearable>, <mailto:unbearable-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 10 May 2018 03:24:55 -0000
> On May 9, 2018, at 5:16 PM, Andrei Popov <Andrei.Popov@microsoft.com> wrote: > >> §1.1: Please consider using the boilerplate from 8174 across this cluster. > Will do. > >> §3.1: This section does not seem to sufficiently define the difference between provided_token_binding and referred_token_binding, other than as a mention of the use case from the HTTPS doc. It would be nice if other application protocol bindings did not have to refer to the HTTPS doc to fully understand the basic protocol. > Section 3.1 introduces the TB types, but Sections 4.1 and 4.2 have specific processing requirements, from the perspective of the basic protocol. The use of referred Token Binding requires interaction with an application protocol, and HTTPS is one such protocol, therefore the reference seems appropriate. I don’t object to the reference existing, but this draft is the one describing protocol semantics, so I think some more description in the draft itself would be reasonable. This is, of course, not a blocking comment. > >> §3.2, last paragraph: Why is this a SHOULD? > From the perspective of being able to change the internal representation of the Token Binding IDs in the future, it would be best if applications did not rely on a particular TB ID structure. > One way to achieve this is to treat TB IDs as opaque byte sequences. There are other ways, and different representations make sense for different APIs, therefore it's not a MUST. It would be helpful to say that in the text. > >> §3.3, last bullet: Is the EKM from the TLS connection at the time the binding is established (rather than when it might later be used)? > It's the EKM from the current TLS connection where Token Binding is being established. Please consider clarifying that in the text. > >> §4.1, 2nd paragraph: Why only a SHOULD? It seems like intentionally storing keys in an insecure manner makes the entire protocol pointless. > I do not mind saying MUST, but the degree to which TB keys can be protected depends on the client device capabilities. I do not suggest the MUST describe a particular method of protection. But the SHOULD could possibly interpreted to allow implementations to have no protection at all in some cases. > >> §6.1 (and others): I'm not sure what it means for the expert to be "advised to encourage". Is there something more concrete that could be said? Does this give the advisor grounds to reject a registration? > We could say "...expert will require the inclusion of a reference to a permanent and readily available specification…" That is better, assuming it was the working group intent. > >> §1: Please expand TPM on first mention. > Will do. > > Thanks, > > Andrei > > -----Original Message----- > From: Ben Campbell <ben@nostrum.com> > Sent: Wednesday, May 9, 2018 12:55 PM > To: The IESG <iesg@ietf.org> > Cc: draft-ietf-tokbind-protocol@ietf.org; John Bradley <ve7jtb@ve7jtb.com>; tokbind-chairs@ietf.org; ve7jtb@ve7jtb.com; unbearable@ietf.org > Subject: Ben Campbell's Yes on draft-ietf-tokbind-protocol-17: (with COMMENT) > > Ben Campbell has entered the following ballot position for > draft-ietf-tokbind-protocol-17: Yes > > When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) > > > Please refer to https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf.org%2Fiesg%2Fstatement%2Fdiscuss-criteria.html&data=02%7C01%7CAndrei.Popov%40microsoft.com%7Cbef59ff1c14f45d3294108d5b5e6c79a%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636614925167967005&sdata=dlNij3YGOsg2g%2Br2hg4kCy2jyGYjZglxTJMhHfABd%2Fo%3D&reserved=0 > for more information about IESG DISCUSS and COMMENT positions. > > > The document, along with other ballot positions, can be found here: > https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdatatracker.ietf.org%2Fdoc%2Fdraft-ietf-tokbind-protocol%2F&data=02%7C01%7CAndrei.Popov%40microsoft.com%7Cbef59ff1c14f45d3294108d5b5e6c79a%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636614925167967005&sdata=gmXDfLO1%2B9%2F%2BE6BIdqNUn1OsaSGVBPCSrOXu0bpVQnw%3D&reserved=0 > > > > ---------------------------------------------------------------------- > COMMENT: > ---------------------------------------------------------------------- > > Thanks for this document. I am balloting "yes", but I have a few minor comments: > > Minor Comments: > > §1.1: Please consider using the boilerplate from 8174 across this cluster. > There are a few instances of lower case keywords across the set. > > §3.1: This section does not seem to sufficiently define the difference between provided_token_binding and referred_token_binding, other than as a mention of the use case from the HTTPS doc. It would be nice if other application protocol bindings did not have to refer to the HTTPS doc to fully understand the basic protocol. (Or is it assumed that only HTTPS will use referred_token_binding)? > > §3.2, last paragraph: Why is this a SHOULD? Do you envision scenarios where it would make sense to behave differently? For example, if an application made Token Binding IDs available as structured data, what would be the consequences? > > §3.3, last bullet: Is the EKM from the TLS connection at the time the binding is established (rather than when it might later be used)? > > §4.1, 2nd paragraph: Why only a SHOULD? It seems like intentionally storing keys in an insecure manner makes the entire protocol pointless. > > §6.1 (and others): I'm not sure what it means for the expert to be "advised to encourage". Is there something more concrete that could be said? Does this give the advisor grounds to reject a registration? > > Editorial Comments: > > §1: Please expand TPM on first mention. > >
- [Unbearable] Ben Campbell's Yes on draft-ietf-tok… Ben Campbell
- Re: [Unbearable] Ben Campbell's Yes on draft-ietf… Andrei Popov
- Re: [Unbearable] Ben Campbell's Yes on draft-ietf… Andrei Popov
- Re: [Unbearable] Ben Campbell's Yes on draft-ietf… Ben Campbell
- Re: [Unbearable] Ben Campbell's Yes on draft-ietf… Andrei Popov