Re: [Webpush] CALL FOR CONSENSUS: VAPID cut-and-paste protection
JR Conlin <jconlin@mozilla.com> Fri, 18 August 2017 03:36 UTC
Return-Path: <jconlin@mozilla.com>
X-Original-To: webpush@ietfa.amsl.com
Delivered-To: webpush@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DF5D5132409 for <webpush@ietfa.amsl.com>; Thu, 17 Aug 2017 20:36:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.69
X-Spam-Level:
X-Spam-Status: No, score=-2.69 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, T_KAM_HTML_FONT_INVALID=0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=mozilla.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id IRYIX8UTbtSD for <webpush@ietfa.amsl.com>; Thu, 17 Aug 2017 20:36:35 -0700 (PDT)
Received: from mail-lf0-x233.google.com (mail-lf0-x233.google.com [IPv6:2a00:1450:4010:c07::233]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AC92A132717 for <webpush@ietf.org>; Thu, 17 Aug 2017 20:36:34 -0700 (PDT)
Received: by mail-lf0-x233.google.com with SMTP id t128so37629382lff.2 for <webpush@ietf.org>; Thu, 17 Aug 2017 20:36:34 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mozilla.com; s=google; h=mime-version:reply-to:in-reply-to:references:from:date:message-id :subject:to:cc; bh=DN7qD25LY5kQ9gYxSrz3RqpqVP/4UWd09XZsfaQUhmY=; b=MtZ8bWsuZeb0t1fn/TFRxvzogFKwyC7RvRnYqN9HQlk7TgK7KP4+uIzxWhR6YvPVuG azgIKiPFincofqa0N38rxEZMaH1yWcVHKwjsF3mirD5roVc1O17n5drNmHEEQ531c9yg K53eYHa97Hj6nVOj+1F94R34PFcIx0W40aB7M=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:reply-to:in-reply-to:references :from:date:message-id:subject:to:cc; bh=DN7qD25LY5kQ9gYxSrz3RqpqVP/4UWd09XZsfaQUhmY=; b=liY927KQfEs+xyPA5GCZ4Bz+fJhfHZtNK8R5uW+dxaGxuSH2eQ4izMgHB5PSSekWT3 QLrQt33YzFSX5cauQidkCiWs3XNtTID5HzHOHusPIJXO/c251QHOWkAFBn1CxdUArF/S W4S6cnq+Ejvsv2G197O/GHkMzhrzvpx+LgjW1+VAuAHgQo4zilRRuN5Xk201M69hQH1W B/EH0COmWl4u847Z7oIwW9TLmz7HHFJYoOJLMhRbMZwgIzeBimt57Zb4teVXxqqhfuj0 MQ3A4z0KcjWijAemjKvjE/EXHB52BM9Hyh+iGjRpAWv5LwiTDQ1pigXsX15fbOZRlNWO cHWQ==
X-Gm-Message-State: AHYfb5h+q1F1I24N9LeBDDHHqY8077BlC8kgBrSEVvmds9xEyGZD7ru+ Pw4wu1rZynAfEg0auQ5hQw12LphPGMBT
X-Received: by 10.25.16.33 with SMTP id f33mr2856824lfi.133.1503027392519; Thu, 17 Aug 2017 20:36:32 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.46.9.8 with HTTP; Thu, 17 Aug 2017 20:36:31 -0700 (PDT)
Reply-To: jrconlin@mozilla.com
In-Reply-To: <CABF6JR0E+o9hL2uQKyqih2z03adqkH0OXp8f0MNqqdDv-YJPUg@mail.gmail.com>
References: <CABF6JR0E+o9hL2uQKyqih2z03adqkH0OXp8f0MNqqdDv-YJPUg@mail.gmail.com>
From: JR Conlin <jconlin@mozilla.com>
Date: Thu, 17 Aug 2017 20:36:31 -0700
Message-ID: <CA+XEteOgSYFJBMcBkaw4jrPCxcdmOOQJur8EUDQYkKCdC26y4A@mail.gmail.com>
To: Phil Sorber <sorber@apache.org>
Cc: "webpush@ietf.org" <webpush@ietf.org>
Content-Type: multipart/alternative; boundary="001a113f9146d1c5620556fed545"
Archived-At: <https://mailarchive.ietf.org/arch/msg/webpush/KD4NNJZSa8Wmt7G1F0YmLlLZqJk>
Subject: Re: [Webpush] CALL FOR CONSENSUS: VAPID cut-and-paste protection
X-BeenThere: webpush@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Discussion of potential IETF work on a web push protocol <webpush.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/webpush>, <mailto:webpush-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/webpush/>
List-Post: <mailto:webpush@ietf.org>
List-Help: <mailto:webpush-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/webpush>, <mailto:webpush-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 18 Aug 2017 03:36:39 -0000
Per Phil's request, I am reposting my statement about how VAPID is used by our Push Service. "== If I may lend a bit of prospective from the point of view of the Push Service provider. We enjoy VAPID because it provides us a way to associate contact information with the data we receive. It's (in theory) voluntary, and we can prefer feeds that provide the data. VAPID provides us a reasonably low cost means to "validate" the information we get *if* the requested URI was secured using the same key, as well as prove that there has been no casual MITM alterations of data. As Martin notes, the bar is set fairly high for an attacker sending malicious data to the remote customer. >From our point of view, VAPID isn't really a security device, it's a contact device. It's equivalent to someone stapling their business card to their letter, and is most useful for our ops folk when things go awry. That's why we accept feeds that use VAPID even if the requested URI was not secured. In addition, our most pressing concern is with sites that perform non-hostile abuse. (e.g. we currently get near 2:1 traffic from sites sending to URIs that are no longer active, and do not provide good ways to contact their operations.) That said, we still encourage frankly horrible security practices around VAPID just so that the barrier to use is as low as possible. We find the data to still be that useful. For example, we encourage application servers to cache the VAPID header for as long as possible to reduce the publication load. Naturally, we look forward to the guidance provided by the working group and will adopt their suggestions, but I did want to offer what the more hands-on usage of the spec has been so far. ==" On Thu, Aug 17, 2017 at 7:58 PM, Phil Sorber <sorber@apache.org> wrote: > This is a call for consensus for an issue relating to > draft-ietf-webpush-vapid, which is currently in IESG evaluation. Interested > participants should respond no later than Friday, September 1st 2017. > > During its initial review, one of the Security Area Directors expressed > concerns regarding the cryptographic properties of the JWT: > > https://mailarchive.ietf.org/arch/msg/webpush/HYW9NcUioQo5X2Np-d2hjCzB1Fo > > Specifically: as implemented, the JWT is merely a bearer token. While the > DISCUSS provides a thumbnail sketch of how this could be mitigated, the > crux of the issue isn’t the specifics of the implementation, but whether > the WG had considered other, more cryptographically secure approaches. > > Although participants are free to respond in any way they choose, the most > useful input would be of one of the following three forms: > > > 1. > > I believe the working group has already discussed adding such a > mechanism and rejected it (with citation to an email discussion or minutes > reflecting such discussion). > > 2. > > I do not think the working group has discussed the issue before, > however I am opposed to changing the mechanism prior to publication > because... > > 3. > > I do not think the working group has discussed the issue before, and > would support bringing the document back to the working group for the > purpose of mitigating copy-and-paste attacks. > > > Thank you. > > _______________________________________________ > Webpush mailing list > Webpush@ietf.org > https://www.ietf.org/mailman/listinfo/webpush > >
- [Webpush] CALL FOR CONSENSUS: VAPID cut-and-paste… Phil Sorber
- Re: [Webpush] CALL FOR CONSENSUS: VAPID cut-and-p… JR Conlin
- Re: [Webpush] CALL FOR CONSENSUS: VAPID cut-and-p… Costin Manolache
- Re: [Webpush] CALL FOR CONSENSUS: VAPID cut-and-p… Martin Thomson
- Re: [Webpush] CALL FOR CONSENSUS: VAPID cut-and-p… Phil Sorber
- Re: [Webpush] CALL FOR CONSENSUS: VAPID cut-and-p… Martin Thomson