IETF Logo Mail Archive

Re: [Unbearable] Switching exporters for 0-RTT Token Binding

Benjamin Kaduk <kaduk@mit.edu> Fri, 28 April 2017 02:16 UTC

Return-Path: <kaduk@mit.edu>
X-Original-To: unbearable@ietfa.amsl.com
Delivered-To: unbearable@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7112D129B84 for <unbearable@ietfa.amsl.com>; Thu, 27 Apr 2017 19:16:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.202
X-Spam-Level:
X-Spam-Status: No, score=-4.202 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id l2jejykreeVs for <unbearable@ietfa.amsl.com>; Thu, 27 Apr 2017 19:16:27 -0700 (PDT)
Received: from dmz-mailsec-scanner-4.mit.edu (dmz-mailsec-scanner-4.mit.edu [18.9.25.15]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BCF3F129BF8 for <unbearable@ietf.org>; Thu, 27 Apr 2017 19:14:03 -0700 (PDT)
X-AuditID: 1209190f-af3ff70000004ead-34-5902a568d2d8
Received: from mailhub-auth-2.mit.edu ( [18.7.62.36]) (using TLS with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by (Symantec Messaging Gateway) with SMTP id 6C.89.20141.865A2095; Thu, 27 Apr 2017 22:14:01 -0400 (EDT)
Received: from outgoing.mit.edu (outgoing-auth-1.mit.edu [18.9.28.11]) by mailhub-auth-2.mit.edu (8.13.8/8.9.2) with ESMTP id v3S2E0OZ019129; Thu, 27 Apr 2017 22:14:00 -0400
Received: from kduck.kaduk.org (24-107-191-124.dhcp.stls.mo.charter.com [24.107.191.124]) (authenticated bits=56) (User authenticated as kaduk@ATHENA.MIT.EDU) by outgoing.mit.edu (8.13.8/8.12.4) with ESMTP id v3S2Dum5022972 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Thu, 27 Apr 2017 22:13:59 -0400
Date: Thu, 27 Apr 2017 21:13:56 -0500
From: Benjamin Kaduk <kaduk@mit.edu>
To: Andrei Popov <Andrei.Popov@microsoft.com>
Cc: Nick Harper <nharper@google.com>, IETF Tokbind WG <unbearable@ietf.org>
Message-ID: <20170428021355.GY30306@kduck.kaduk.org>
References: <CACdeXiLF3G8tBO5z5L2mfe5N-kYMv_4TNFS2_0YdecquMM_kuw@mail.gmail.com> <20170420020846.GY30306@kduck.kaduk.org> <CACdeXiLPb-QwLhG89ahV_q8q3n16jA+WEnsTzKTAyMtYcVF4Pw@mail.gmail.com> <SN1PR21MB0096D78DF3E9C07B23DC76078C100@SN1PR21MB0096.namprd21.prod.outlook.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <SN1PR21MB0096D78DF3E9C07B23DC76078C100@SN1PR21MB0096.namprd21.prod.outlook.com>
User-Agent: Mutt/1.6.1 (2016-04-27)
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFvrKIsWRmVeSWpSXmKPExsUixG6nopu5lCnSYN4BRYsfk2YwW/Tv2Mdo ce7xQiYHZo8Fm0o9liz5yeTRuuMvewBzFJdNSmpOZllqkb5dAlfG9vYWpoJNnBXbXp5nbmA8 yt7FyMkhIWAiMf/QTeYuRi4OIYE2Jol1i/cyQTgbGSUu/loElbnKJDF5632wFhYBVYn/X2cx gdhsAioSDd2XmUFsEQFdiTmz/7GB2MwC3hKfZv1lBLGFBVwlHl0+C2bzAq07fn0vK8TQqUwS N7+/hkoISpyc+YQFollL4sa/l0ALOIBsaYnl/zhAwpwCsRJHr01lBbFFBZQlGmY8YJ7AKDAL SfcsJN2zELoXMDKvYpRNya3SzU3MzClOTdYtTk7My0st0jXRy80s0UtNKd3ECApdTkn+HYxz GrwPMQpwMCrx8EZ8YowUYk0sK67MPcQoycGkJMqbPIEpUogvKT+lMiOxOCO+qDQntfgQowQH s5IIr2QiUI43JbGyKrUoHyYlzcGiJM4rrtEYISSQnliSmp2aWpBaBJOV4eBQkuCtWALUKFiU mp5akZaZU4KQZuLgBBnOAzS8GKSGt7ggMbc4Mx0if4pRUUqcVwokIQCSyCjNg+sFpRaJ7P01 rxjFgV4R5j29GKiKB5iW4LpfAQ1mAhrM4sIAMrgkESEl1cDY97rPnVlD16KQKdyid007r49t QN27hKk2hTn30l+YXajI+PGMl3XDB69X6jnTWBdV7EvofnOFJTzG9/L5X1dz71xky9/lsfzm hwuWE78LpSbWPjbLXqZSOUt063vJ07dKDjz698tCoPB/kNHKi0uLbLvMI78riJytvn/iZs0b 1r5DWg33BQyVWIozEg21mIuKEwG7jU2JCAMAAA==
Archived-At: <https://mailarchive.ietf.org/arch/msg/unbearable/mAgL8wDS7iE6bN-CVuhpJYRkI6U>
Subject: Re: [Unbearable] Switching exporters for 0-RTT Token Binding
X-BeenThere: unbearable@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "\"This list is for discussion of proposals for doing better than bearer tokens \(e.g. HTTP cookies, OAuth tokens etc.\) for web applications. The specific goal is chartering a WG focused on preventing security token export and replay attacks.\"" <unbearable.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/unbearable>, <mailto:unbearable-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/unbearable/>
List-Post: <mailto:unbearable@ietf.org>
List-Help: <mailto:unbearable-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/unbearable>, <mailto:unbearable-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 28 Apr 2017 02:16:28 -0000

On Thu, Apr 27, 2017 at 10:46:18PM +0000, Andrei Popov wrote:
> If one is willing to do TB without POP, then one will probably appreciate a simpler way to do this, with fewer moving parts and less room for interop issues. (IMHO, the value of TB without POP approaches zero, but that's a separate discussion.)
> 
> The extra complexity of upgrading to secure TB after a bound token and associated application message(s) have been accepted and processed does not increase security in the common use-cases that I can think of.

One could perhaps concoct a case where the application layer agrees
to only send certain mundane stuff over 0-RTT but for some reason
still wants TB for it.  (That is not intended to be a compelling
argument.)

But in general, I agree with Andrei (especially with the parenthetical).

In particular, all these discussions of how once you've accepted
0-RTT TB it doesn't make sense to try to upgrade to 1-RTT are just
serving to cement my feeling that doing 0-RTT TB is a bad idea.  So,
to answer Nick's question, I have no interest in implementing 0-RTT
Token Binding, and thus don't have a use case in mind that would
make me only implement (2).  :)

-Ben

v2.23.0 | Report a Bug | By Email