Re: [OAUTH-WG] Microsoft feedback on DPoP during April 2020 IIW session

2020-05-05 Thread Benjamin Kaduk
On Fri, May 01, 2020 at 02:29:02AM +, Mike Jones wrote:
>   *   Is the DPoP signature really needed when requesting a bound token?  It 
> seems like the worst that could happen would be to create a token bound to a 
> key you don't control, which you couldn't use.  Daniel expressed concern 
> about this enabling substitution attacks.

Substitution and confused deputy attacks, yes.  I would feel a lot better
if the signature is required when requesting the bound token; a fair bit of
extra analysis would be needed to try to remove it.

-Ben

___
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth


Re: [OAUTH-WG] Microsoft feedback on DPoP during April 2020 IIW session

2020-05-01 Thread Brian Campbell
Thanks Mike for sharing this summary of what sounds like it was a valuable
discussion. I'm sorry that I wasn't "at" IIW so wasn't able to participate
in the session.

I will endeavor to incorporate the open issues into the presentation on
DPoP for the virtual interim on Monday
https://datatracker.ietf.org/meeting/interim-2020-oauth-07/session/oauth to
hopefully facitate some futher disscion and progress.

On Thu, Apr 30, 2020 at 8:29 PM Mike Jones  wrote:

> Daniel Fett and David Waite (DW) hosted a great session on OAuth 2.0
> Demonstration of Proof-of-Possession at the Application Layer (DPoP)
>  at the virtualized
> IIW  this week.  Attendees also
> included Vittorio Bertocci, Justin Richer, Dmitri Zagidulin, and Tim
> Cappalli.
>
>
>
> After Daniel and DW finished doing their overview of DPoP, I used some of
> the time to discuss feedback on DPoP from Microsoft Azure Active Directory
> (AAD) engineers.  We discussed:
>
>- *How do we know if the resource server supports DPoP?*  One
>suggestion was to use a 401 WWW-Authenticate response from the RS.  We
>learned at IIW that some are already doing this.  People opposed trying to
>do Resource Metadata for this purpose alone.  However, they were supportive
>of defining AS Metadata to declare support for DPoP and Registration
>Metadata to declare support for DPoP.  This might declare the supported
>token_type values.
>- *How do we know what DPoP signing algorithms are supported?*  This
>could be done via AS Metadata and possibly Registration Metadata.  People
>were also in favor of having a default algorithm – probably ES256.
>Knowing this is important to preventing downgrade attacks.
>- *Can we have server nonces? * A server nonce is a value provided by
>the server (RS or AS) to be signed as part of the PoP proof.  People agreed
>that having a server nonce would add additional security.  It turns out
>that Dmitri is already doing this, providing the nonce as a
>WWW-Authenticate challenge value.
>- *Difficulties with **jti at scale.*  Trying to prevent replay with
>jti is problematic for large-scale deployments.  Doing duplicate
>detection across replicas requires ACID consistency, which is too expensive
>to be cost-effective..  Instead, large-scale implementations often use
>short timeouts to limit replay, rather performing reliable duplicate
>detection.
>- *Is the DPoP signature really needed when requesting a bound token?*
>It seems like the worst that could happen would be to create a token bound
>to a key you don’t control, which you couldn’t use.  Daniel expressed
>concern about this enabling substitution attacks.
>- *It seems like the spec requires the same **token_type for both
>access tokens and refresh tokens.*  Whereas it would be useful to be
>able to have DPoP refresh tokens and Bearer access tokens as a transition
>step.  Justin pointed out that the OAuth 2 protocol only has one
>token_type value – not separate ones for the refresh token and access
>token.  People agreed that this deserves consideration.
>- *Symmetric keys are significantly more efficient than asymmetric
>keys.*  In discussions between John Bradley, Brian Campbell, and Mike
>Jones at IETF 106, John worked out how to deliver the symmetric key to the
>Token Endpoint without an extra round trip, however it would likely be more
>complicated to deliver it to the resource without an extra round trip.  At
>past IETFs, both Amazon and Okta have also advocated for symmetric key
>support.
>- *What are the problems resulting from PoP key reuse?*  The spec
>assumes that a client will use the same PoP key for singing multiple token
>requests, both for access token and refresh token requests.  Is this a
>security issue?  Daniel responded that key reuse is typically only a
>problem when the same key is used for different algorithms or in different
>application contexts, when this reuse enables substitution attacks.  It’s
>also the case that clients can choose to use different PoP keys whenever
>they choose to.
>- *Could access tokens be signed?*  Having the DPoP key hash in the
>access token is equivalent if the access token is integrity protected.  But
>people said that many deployments don’t use structured access tokens in
>which the key hash can be included.  For instance, Ping Identity uses
>access tokens that are just database indexes.  Would access token signing
>be needed then?
>- *Why aren’t query parameters signed?*  Daniel said that
>canonicalization of query parameters that use different URL escape syntaxes
>for representations of the same characters would likely result in interop
>problems.  People said that while SOAP deployments might have many logical
>endpoi

Re: [OAUTH-WG] Microsoft feedback on DPoP during April 2020 IIW session

2020-04-30 Thread David Waite
To add: there was discussion was whether the “htu" parameter should contain 
scheme/host/port/path, or just scheme/host/port. Dmitri indicated that it would 
aid their implementation to have the path eliminated. 

During JTI scale discussions, it was pointed out that some implementations may 
have individual protected resources at different paths behind a reverse proxy - 
attempting to implement one-time-use semantics would either require 
coordination between the path-bound protected resources, or for DPoP processing 
to be added as a function of the reverse proxy. One possible option proposed 
was separating out the scheme/host/port and the path to two parameters, so that 
they could have different recommendations around enforcement.

It was also alluded to that if there is eventually a round trip to negotiate a 
symmetric key with a resource, it is possible that system could leverage the 
secret to scope the token for JTI enforcement. I also wonder if the 
cryptographic requirement to use a different IV per message could be enforced 
by the recipient in lieu of a separate JTI as well (but admittedly I did not 
articulate this as well as I would have liked during the session)

-DW

> On Apr 30, 2020, at 20:29, Mike Jones 
>  wrote:
> 
> Daniel Fett and David Waite (DW) hosted a great session on OAuth 2.0 
> Demonstration of Proof-of-Possession at the Application Layer (DPoP) 
>  at the virtualized IIW 
>  this week.  Attendees also included 
> Vittorio Bertocci, Justin Richer, Dmitri Zagidulin, and Tim Cappalli.
>  
> After Daniel and DW finished doing their overview of DPoP, I used some of the 
> time to discuss feedback on DPoP from Microsoft Azure Active Directory (AAD) 
> engineers.  We discussed:
> How do we know if the resource server supports DPoP?  One suggestion was to 
> use a 401 WWW-Authenticate response from the RS.  We learned at IIW that some 
> are already doing this.  People opposed trying to do Resource Metadata for 
> this purpose alone.  However, they were supportive of defining AS Metadata to 
> declare support for DPoP and Registration Metadata to declare support for 
> DPoP.  This might declare the supported token_type values.
> How do we know what DPoP signing algorithms are supported?  This could be 
> done via AS Metadata and possibly Registration Metadata.  People were also in 
> favor of having a default algorithm – probably ES256.  Knowing this is 
> important to preventing downgrade attacks.
> Can we have server nonces?  A server nonce is a value provided by the server 
> (RS or AS) to be signed as part of the PoP proof.  People agreed that having 
> a server nonce would add additional security.  It turns out that Dmitri is 
> already doing this, providing the nonce as a WWW-Authenticate challenge value.
> Difficulties with jti at scale.  Trying to prevent replay with jti is 
> problematic for large-scale deployments.  Doing duplicate detection across 
> replicas requires ACID consistency, which is too expensive to be 
> cost-effective..  Instead, large-scale implementations often use short 
> timeouts to limit replay, rather performing reliable duplicate detection.
> Is the DPoP signature really needed when requesting a bound token?  It seems 
> like the worst that could happen would be to create a token bound to a key 
> you don’t control, which you couldn’t use.  Daniel expressed concern about 
> this enabling substitution attacks.
> It seems like the spec requires the same token_type for both access tokens 
> and refresh tokens.  Whereas it would be useful to be able to have DPoP 
> refresh tokens and Bearer access tokens as a transition step.  Justin pointed 
> out that the OAuth 2 protocol only has one token_type value – not separate 
> ones for the refresh token and access token.  People agreed that this 
> deserves consideration.
> Symmetric keys are significantly more efficient than asymmetric keys.  In 
> discussions between John Bradley, Brian Campbell, and Mike Jones at IETF 106, 
> John worked out how to deliver the symmetric key to the Token Endpoint 
> without an extra round trip, however it would likely be more complicated to 
> deliver it to the resource without an extra round trip.  At past IETFs, both 
> Amazon and Okta have also advocated for symmetric key support.
> What are the problems resulting from PoP key reuse?  The spec assumes that a 
> client will use the same PoP key for singing multiple token requests, both 
> for access token and refresh token requests.  Is this a security issue?  
> Daniel responded that key reuse is typically only a problem when the same key 
> is used for different algorithms or in different application contexts, when 
> this reuse enables substitution attacks.  It’s also the case that clients can 
> choose to use different PoP keys whenever they choose to.
> Could access tokens be signed?  Having the DPoP key hash in the access to