Re: [Unbearable] FWD: Status of draft-ietf-tokbind-https

=JeffH <Jeff.Hodges@KingsMountain.com> Thu, 16 November 2017 02:53 UTC

Return-Path: <Jeff.Hodges@kingsmountain.com>
X-Original-To: unbearable@ietfa.amsl.com
Delivered-To: unbearable@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C5026129421 for <unbearable@ietfa.amsl.com>; Wed, 15 Nov 2017 18:53:35 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.701
X-Spam-Level:
X-Spam-Status: No, score=-4.701 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-2.8, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BPBnFVZoMgKZ for <unbearable@ietfa.amsl.com>; Wed, 15 Nov 2017 18:53:34 -0800 (PST)
Received: from qproxy2.mail.unifiedlayer.com (qproxy2-pub.mail.unifiedlayer.com [69.89.16.161]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 77F74129413 for <unbearable@ietf.org>; Wed, 15 Nov 2017 18:53:34 -0800 (PST)
Received: from cmgw3 (unknown [10.0.90.84]) by qproxy2.mail.unifiedlayer.com (Postfix) with ESMTP id 265DC3572C for <unbearable@ietf.org>; Wed, 15 Nov 2017 19:53:34 -0700 (MST)
Received: from box514.bluehost.com ([74.220.219.114]) by cmgw3 with id aStW1w00a2UhLwi01StZXa; Wed, 15 Nov 2017 19:53:34 -0700
X-Authority-Analysis: v=2.2 cv=H76r+6Qi c=1 sm=1 tr=0 a=9W6Fsu4pMcyimqnCr1W0/w==:117 a=9W6Fsu4pMcyimqnCr1W0/w==:17 a=IkcTkHD0fZMA:10 a=sC3jslCIGhcA:10 a=5IsXbjgYAAAA:8 a=yMhMjlubAAAA:8 a=1XWaLZrsAAAA:8 a=48vgC7mUAAAA:8 a=qI-sqkvjAAAA:8 a=vCMV7FptvruRoYsDdpYA:9 a=QEXdDO2ut3YA:10 a=RR2nPHISKLg-FD_FhCoU:22 a=w1C3t2QeGrPiZgrLijVG:22
Received: from dhcp-8b7b.meeting.ietf.org ([31.133.139.123]:57257) by box514.bluehost.com with esmtpsa (TLSv1.2:ECDHE-RSA-AES128-GCM-SHA256:128) (Exim 4.87) (envelope-from <Jeff.Hodges@KingsMountain.com>) id 1eFAJ0-0014xb-Ke for unbearable@ietf.org; Wed, 15 Nov 2017 19:53:30 -0700
To: IETF TokBind WG <unbearable@ietf.org>
From: =JeffH <Jeff.Hodges@KingsMountain.com>
Message-ID: <241701af-c2a8-e288-7f9c-297ddc687e91@KingsMountain.com>
Date: Thu, 16 Nov 2017 10:53:26 +0800
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:52.0) Gecko/20100101 Thunderbird/52.4.0
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Language: en-US
Content-Transfer-Encoding: 8bit
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - box514.bluehost.com
X-AntiAbuse: Original Domain - ietf.org
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - KingsMountain.com
X-BWhitelist: no
X-Source-IP: 31.133.139.123
X-Exim-ID: 1eFAJ0-0014xb-Ke
X-Source:
X-Source-Args:
X-Source-Dir:
X-Source-Sender: dhcp-8b7b.meeting.ietf.org [31.133.139.123]:57257
X-Source-Auth: jeff.hodges+kingsmountain.com
X-Email-Count: 5
X-Source-Cap: a2luZ3Ntb3U7a2luZ3Ntb3U7Ym94NTE0LmJsdWVob3N0LmNvbQ==
X-Local-Domain: no
Archived-At: <https://mailarchive.ietf.org/arch/msg/unbearable/kzHfNHVVgzHiGDgd3MF2wTGCcvY>
Subject: Re: [Unbearable] FWD: Status of draft-ietf-tokbind-https
X-BeenThere: unbearable@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "\"This list is for discussion of proposals for doing better than bearer tokens \(e.g. HTTP cookies, OAuth tokens etc.\) for web applications. The specific goal is chartering a WG focused on preventing security token export and replay attacks.\"" <unbearable.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/unbearable>, <mailto:unbearable-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/unbearable/>
List-Post: <mailto:unbearable@ietf.org>
List-Help: <mailto:unbearable-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/unbearable>, <mailto:unbearable-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 16 Nov 2017 02:53:36 -0000

From: Eric Rescorla <ekr@rtfm.com>
Date: Tuesday, November 14, 2017 at 4:11 AM
To: Andrei Popov <Andrei.Popov@microsoft.com>
Cc: Leif Johansson <leifj@sunet.se>se>, Vinod Anupam <vanupam@google.com>om>, 
"draft-ietf-tokbind-https@tools.ietf.org" 
<draft-ietf-tokbind-https@tools.ietf.org>rg>, "tokbind-chairs@ietf.org" 
<tokbind-chairs@ietf.org>
Subject: Re: Status of draft-ietf-tokbind-https
Resent-From: <alias-bounces@ietf.org>rg>, Eric Rescorla <ekr@rtfm.com>
Resent-To: <andreipo@microsoft.com>om>, <mnystrom@microsoft.com>om>, Dirk 
Balfanz <balfanz@google.com>om>, Adam Langley <agl@google.com>om>, 
<nharper@google.com>om>, Jeff Hodges <Jeff.Hodges@PayPal.com>om>, 
<draft-ietf-tokbind-https@ietf.org>
Resent-Date: Tuesday, November 14, 2017 at 4:12 AM


On Mon, Nov 13, 2017 at 2:50 PM, Andrei Popov 
<Andrei.Popov@microsoft.com> wrote:> I’m available in the morning; 
unfortunately, Dirk is not here, b>
 > Anupam can represent him.
 >
 > Regarding the attack, it is not quite clear to me: Even assuming the
 > TP is willing to issue a token for Alice to connect to the Attacker
 > (which probably means the Attacker is a server known to the TP), this
 > token will be bound to the TB key Alice has created for use with the
 > attacker.
 >
 > So the attacker cannot use this token to impersonate Alice to another
 > server (without also stealing the corresponding private key). Or am I
 > missing something?

I don't think so. I agree it's not an attack, it's just creating a 
confused token. I just worry whenever we have a protocol which allows 
this kind of confusion that either (a) we can turn it into an attack or 
(b) there's some other way to create confusion that is an attack.

-Ekr