From McQuilWP@pobox.com Fri Dec 31 10:34:26 2010 Return-Path: X-Original-To: websec@core3.amsl.com Delivered-To: websec@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 493A63A683A for ; Fri, 31 Dec 2010 10:34:26 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.599 X-Spam-Level: X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eWfrnR6udkNx for ; Fri, 31 Dec 2010 10:34:24 -0800 (PST) Received: from sasl.smtp.pobox.com (b-pb-sasl-quonix.pobox.com [208.72.237.35]) by core3.amsl.com (Postfix) with ESMTP id A61593A6874 for ; Fri, 31 Dec 2010 10:34:24 -0800 (PST) Received: from sasl.smtp.pobox.com (unknown [127.0.0.1]) by b-sasl-quonix.pobox.com (Postfix) with ESMTP id 669038DBD; Fri, 31 Dec 2010 13:36:30 -0500 (EST) DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=pobox.com; h=date:from :message-id:to:subject:mime-version:content-type :content-transfer-encoding; s=sasl; bh=FyL1G+Fj13sGPUggVBpZ83cPI as=; b=HJNaWJNck0km2P5f8qaGNpw5W6kmw2yGDZ+SM4RQK5iHBX7TUo5gyxL9N 47xqu/XSA/qMBn5rEWcBuaEcT2cWf+szgONpXtN8MVUdBZjLznBkns4sqeni/FMV HSOx+fSMvNzlSSkRsgW9jlWFQ8MvxmJpNDZbOmXRCbI3sZAWa4= DomainKey-Signature: a=rsa-sha1; c=nofws; d=pobox.com; h=date:from :message-id:to:subject:mime-version:content-type :content-transfer-encoding; q=dns; s=sasl; b=gHgubWJrhdpZF9iDJRo CfpZeQZXko+14iX81mfSfj4h+KOMdbwYsJLb6Kblkq5aWij4hNQfA6p1lDeKNOCW EEvx6/0E7qSxBGKyg7DGS+dXj8WQyhQG5FQrXUG9OFxKASR6Fo2nNkg1b+7AtbVP 9kVpnKpVTBQA0PHnT78gNBLs= Received: from b-pb-sasl-quonix. (unknown [127.0.0.1]) by b-sasl-quonix.pobox.com (Postfix) with ESMTP id 555808DBC; Fri, 31 Dec 2010 13:36:29 -0500 (EST) Received: from [192.168.0.2] (unknown [68.107.61.33]) by b-sasl-quonix.pobox.com (Postfix) with ESMTPA id DBEA18DBB; Fri, 31 Dec 2010 13:36:27 -0500 (EST) Date: Fri, 31 Dec 2010 10:36:26 -0800 From: Bill McQuillan X-Priority: 3 (Normal) Message-ID: <1828847721.20101231103626@pobox.com> To: websec@ietf.org MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Pobox-Relay-ID: E1CD18F8-150C-11E0-83B0-9C677F325826-02871704!b-pb-sasl-quonix.pobox.com X-Mailman-Approved-At: Sat, 01 Jan 2011 04:04:29 -0800 Subject: [websec] Comments on draft-ietf-websec-origin-00.txt X-BeenThere: websec@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Web Application Security Minus Authentication and Transport List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 31 Dec 2010 18:34:26 -0000 Reposting this to the websec list as requested. My comments on draft-ietf-websec-origin-00. 2.2. Syntax Notation The use of allows for header fields containing lines with nothing but spaces and tabs. Does http handle this? -------------------- 4. Comparing Origins Although Section 3 discusses an "implementation-defined value" and '"sandbox" bits', the comparison algorithm does not mention how these are to be handled. -------------------- 5. Serializing Origins The "implementation-defined value" and '"sandbox" bits' are not discussed in the serialization algorithm. ----- In step 5 of each algorithm the port is omitted if it is not "different than the default port". This could be problem since it requires three different algorithms to agree on that default. 1 - At the point where the resource is fetched from the "origin" and the default port MUST be known if the correct connection is to be made. 2 - At the serialization point. 3 - At the server receiving the "Origin:" header field. Instead I recommend that the actual port always be included in the serialization to avoid ambiguity. After all it's mainly for machine consumption. -------------------- 6. The HTTP Origin header 6.2. Semantics It is not clear what the meaning of multiple origins is. Should the client issuing a request include all of the origins that it knows about? This might make it more likely that the server receiving the request would find an origin it "likes". Or it might make it more likely that the server would find an objectionable origin. What "meaning" is the client trying to communicate to the server? ----- 6.3. User Agent Requirements The rule about "two consecutive serialized-origin productions" not being identical implies that there is some semantics in the ordering of the serialized origins in an Origin header field. Also the mention of the way that the "ascii-serialization of the origin of previous-uri" is appended to the previous request Origin header field implies an ordering. Does ordering have any semantics in the Origin header field? -- Bill McQuillan From julian.reschke@gmx.de Sat Jan 1 09:41:07 2011 Return-Path: X-Original-To: websec@core3.amsl.com Delivered-To: websec@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 6F21A3A6841 for ; Sat, 1 Jan 2011 09:41:07 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -104.491 X-Spam-Level: X-Spam-Status: No, score=-104.491 tagged_above=-999 required=5 tests=[AWL=-1.892, BAYES_00=-2.599, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DWRBX4WENfFQ for ; Sat, 1 Jan 2011 09:41:06 -0800 (PST) Received: from mail.gmx.net (mailout-de.gmx.net [213.165.64.22]) by core3.amsl.com (Postfix) with SMTP id 7CA423A6869 for ; Sat, 1 Jan 2011 09:41:04 -0800 (PST) Received: (qmail invoked by alias); 01 Jan 2011 17:43:09 -0000 Received: from p508FB23A.dip.t-dialin.net (EHLO [192.168.178.33]) [80.143.178.58] by mail.gmx.net (mp018) with SMTP; 01 Jan 2011 18:43:09 +0100 X-Authenticated: #1915285 X-Provags-ID: V01U2FsdGVkX1/UVU5MMIHUXVJl/7Zce5wn0I+3NkYDdqt2Kx1sdk kL9Eb03WMpT3I2 Message-ID: <4D1F67A2.30003@gmx.de> Date: Sat, 01 Jan 2011 18:42:58 +0100 From: Julian Reschke User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101207 Lightning/1.0b2 Thunderbird/3.1.7 MIME-Version: 1.0 To: Bill McQuillan References: <1828847721.20101231103626@pobox.com> In-Reply-To: <1828847721.20101231103626@pobox.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Y-GMX-Trusted: 0 Cc: websec@ietf.org Subject: Re: [websec] Comments on draft-ietf-websec-origin-00.txt X-BeenThere: websec@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Web Application Security Minus Authentication and Transport List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 01 Jan 2011 17:41:07 -0000 On 31.12.2010 19:36, Bill McQuillan wrote: > Reposting this to the websec list as requested. > > My comments on draft-ietf-websec-origin-00. > > 2.2. Syntax Notation > > The use of allows for header fields containing lines > with nothing but spaces and tabs. Does http handle this? > ... It's supposed to be in sync with what the HTTPbis drafts say, see . Best regards, Julian From ietf@adambarth.com Sat Jan 1 16:23:56 2011 Return-Path: X-Original-To: websec@core3.amsl.com Delivered-To: websec@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 7D1493A6878 for ; Sat, 1 Jan 2011 16:23:56 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.022 X-Spam-Level: X-Spam-Status: No, score=-4.022 tagged_above=-999 required=5 tests=[AWL=-1.045, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, RCVD_IN_DNSWL_LOW=-1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id itcWWhSC82Vs for ; Sat, 1 Jan 2011 16:23:54 -0800 (PST) Received: from mail-gx0-f172.google.com (mail-gx0-f172.google.com [209.85.161.172]) by core3.amsl.com (Postfix) with ESMTP id 746FB3A6851 for ; Sat, 1 Jan 2011 16:23:54 -0800 (PST) Received: by gxk28 with SMTP id 28so5993064gxk.31 for ; Sat, 01 Jan 2011 16:26:00 -0800 (PST) Received: by 10.100.42.2 with SMTP id p2mr832362anp.143.1293927959066; Sat, 01 Jan 2011 16:25:59 -0800 (PST) Received: from mail-iy0-f172.google.com (mail-iy0-f172.google.com [209.85.210.172]) by mx.google.com with ESMTPS id j14sm25831531anb.39.2011.01.01.16.25.56 (version=SSLv3 cipher=RC4-MD5); Sat, 01 Jan 2011 16:25:57 -0800 (PST) Received: by iyi42 with SMTP id 42so12240807iyi.31 for ; Sat, 01 Jan 2011 16:25:55 -0800 (PST) Received: by 10.231.156.1 with SMTP id u1mr2720854ibw.52.1293927955877; Sat, 01 Jan 2011 16:25:55 -0800 (PST) MIME-Version: 1.0 Received: by 10.231.11.140 with HTTP; Sat, 1 Jan 2011 16:25:25 -0800 (PST) In-Reply-To: <1828847721.20101231103626@pobox.com> References: <1828847721.20101231103626@pobox.com> From: Adam Barth Date: Sat, 1 Jan 2011 16:25:25 -0800 Message-ID: To: Bill McQuillan Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Cc: websec@ietf.org Subject: Re: [websec] Comments on draft-ietf-websec-origin-00.txt X-BeenThere: websec@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Web Application Security Minus Authentication and Transport List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 02 Jan 2011 00:23:56 -0000 On Fri, Dec 31, 2010 at 10:36 AM, Bill McQuillan wrote= : > Reposting this to the websec list as requested. > > My comments on draft-ietf-websec-origin-00. > > 2.2. =A0Syntax Notation > > The use of allows for header fields containing lines > with nothing but spaces and tabs. Does http handle this? What Julian said. > 4. =A0Comparing Origins > > Although Section 3 discusses an "implementation-defined value" > and '"sandbox" bits', the comparison algorithm does not mention > how these are to be handled. Sandbox bits are just an example of a way an implementation might extend an origin value. There's nothing for this document to say about them. An implementation can also extend origins with lettuce, but that doesn't mean we should explain the procedure for comparing vegetables. As for implementation-defined values, they're just that: implementation defined. If we defined them in this document, then they wouldn't be defined by the implementations. > 5. =A0Serializing Origins > > The "implementation-defined value" and '"sandbox" bits' are not > discussed in the serialization algorithm. Yes, for the same reasons as above. > In step 5 of each algorithm the port is omitted if it is not > "different than the default port". This could be problem since it > requires three different algorithms to agree on that default. > > =A01 - At the point where the resource is fetched from the > =A0 =A0 =A0"origin" and the default port MUST be known if the > =A0 =A0 =A0correct connection is to be made. > > =A02 - At the serialization point. > > =A03 - At the server receiving the "Origin:" header field. That's correct. > Instead I recommend that the actual port always be included in > the serialization to avoid ambiguity. After all it's mainly for > machine consumption. Unfortunately, the various serializations of an origin are already in wide use throughout the Internet. It would be prohibitively expensive to change them in this way. > 6. =A0The HTTP Origin header > 6.2. =A0Semantics > > It is not clear what the meaning of multiple origins is. When included in an HTTP request, the Origin header indicates th= e origin(s) that caused the user agent to issue the request. If there are multiple origins listed in the header, that means that they collectively caused the user agent to issue the request. This is an Aristotelian notion of causality, not a Lamportian notion. > Should > the client issuing a request include all of the origins that it > knows about? No. The client should follow the instructions in the document. For example, the client might know about the origin http://safeway.com, but most of the time it would be incorrect to include it in the header. > This might make it more likely that the server > receiving the request would find an origin it "likes". Or it > might make it more likely that the server would find an > objectionable origin. Indeed. > What "meaning" is the client trying to > communicate to the server? Precisely what the document says: When included in an HTTP request, the Origin header indicates th= e origin(s) that caused the user agent to issue the request. > 6.3. =A0User Agent Requirements > > The rule about "two consecutive serialized-origin productions" > not being identical implies that there is some semantics in the > ordering of the serialized origins in an Origin header field. I disagree. It's a syntactic requirement, not a semantic requirement. > Also the mention of the way that the "ascii-serialization of the > origin of previous-uri" is appended to the previous request > Origin header field implies an ordering. Yes. The syntax of the Origin header is indeed ordered. This is a consequence of the header field being represented using a sequence of octets transmitted over a network. > Does ordering have any semantics in the Origin header field? Nope. All the semantic information is described in the section entitled "Semantics". Adam From Internet-Drafts@ietf.org Wed Jan 5 02:15:03 2011 Return-Path: X-Original-To: websec@core3.amsl.com Delivered-To: websec@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 100823A6B6F; Wed, 5 Jan 2011 02:15:03 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -102.569 X-Spam-Level: X-Spam-Status: No, score=-102.569 tagged_above=-999 required=5 tests=[AWL=0.030, BAYES_00=-2.599, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xIpdvCZYBdQ4; Wed, 5 Jan 2011 02:15:02 -0800 (PST) Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 54D0A3A6A1A; Wed, 5 Jan 2011 02:15:02 -0800 (PST) MIME-Version: 1.0 Content-Type: Multipart/Mixed; Boundary="NextPart" From: Internet-Drafts@ietf.org To: i-d-announce@ietf.org X-Test-IDTracker: no X-IETF-IDTracker: 3.10 Message-ID: <20110105101502.25562.13185.idtracker@localhost> Date: Wed, 05 Jan 2011 02:15:02 -0800 Cc: websec@ietf.org Subject: [websec] I-D Action:draft-ietf-websec-strict-transport-sec-00.txt X-BeenThere: websec@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Web Application Security Minus Authentication and Transport List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 05 Jan 2011 10:15:03 -0000 --NextPart A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Web Security Working Group of the IETF. Title : HTTP Strict Transport Security (HSTS) Author(s) : J. Hodges, et al. Filename : draft-ietf-websec-strict-transport-sec-00.txt Pages : 29 Date : 2011-01-04 This specification defines a mechanism enabling Web sites to declare themselves accessible only via secure connections, and/or for users to be able to direct their user agent(s) to interact with given sites only over secure connections. This overall policy is referred to as HTTP Strict Transport Security (HSTS). The policy is declared by Web sites via the Strict-Transport-Security HTTP Response Header Field, and/or by other means, e.g. user agent configuration. A URL for this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-ietf-websec-strict-transport-sec-00.txt Internet-Drafts are also available by anonymous FTP at: ftp://ftp.ietf.org/internet-drafts/ Below is the data which will enable a MIME compliant mail reader implementation to automatically retrieve the ASCII version of the Internet-Draft. --NextPart Content-Type: Message/External-body; name="draft-ietf-websec-strict-transport-sec-00.txt"; site="ftp.ietf.org"; access-type="anon-ftp"; directory="internet-drafts" Content-Type: text/plain Content-ID: <2011-01-05020715.I-D@ietf.org> --NextPart-- From sayrer@gmail.com Wed Jan 5 17:26:08 2011 Return-Path: X-Original-To: websec@core3.amsl.com Delivered-To: websec@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id CB5A13A6E4C; Wed, 5 Jan 2011 17:26:08 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.999 X-Spam-Level: X-Spam-Status: No, score=-4.999 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, GB_I_LETTER=-2, J_CHICKENPOX_57=0.6, RCVD_IN_DNSWL_LOW=-1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kfd7k09rhiTF; Wed, 5 Jan 2011 17:26:07 -0800 (PST) Received: from mail-gx0-f172.google.com (mail-gx0-f172.google.com [209.85.161.172]) by core3.amsl.com (Postfix) with ESMTP id 1C1AE3A6DD2; Wed, 5 Jan 2011 17:26:03 -0800 (PST) Received: by gxk28 with SMTP id 28so7425497gxk.31 for ; Wed, 05 Jan 2011 17:28:10 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:received:in-reply-to :references:date:message-id:subject:from:to:cc:content-type :content-transfer-encoding; bh=SmSGVsL3s1/e2mEs3LupI5w3onGShvZ4UtUrWrsZAvc=; b=oqDjO5l9OasDvMqhtSRG5lBW5ly/sZVMnAjtawLZzAl/3BcHvbwgxm2A7LZBaVcfMN a9KveWQYf85Hokfz/WOSIeHFo5vugc3VUbSZ4nX7FUN/VFYr034yQl2lg0qKaJj1Dl2p 0X6JN5ZqZ8eGZJ643GK1sl/rs515U1g7olm48= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; b=MrgU77VixIxQZ2qTzxT40ypYmHsE2NSX6bk0ijTIlvi7TaDvo2k6K4qaw7P0+/hZSX clJhXNhTjD8ISKOAGHVBWw9YYGd3FJ6Qdm2ZMA4Z4qpL51b+FZmDyeKAjVv6EA5Y0kvH Vt1pSfmVsKKdhYbvPCUzUw5ewnPuywqbjy6UQ= MIME-Version: 1.0 Received: by 10.90.4.7 with SMTP id 7mr1387636agd.100.1294277289574; Wed, 05 Jan 2011 17:28:09 -0800 (PST) Received: by 10.90.133.12 with HTTP; Wed, 5 Jan 2011 17:28:08 -0800 (PST) In-Reply-To: <2230EA03-32C5-4D34-BC6B-304E813BE3A7@gbiv.com> References: <4D02AF81.6000907@stpeter.im> <78BD0B98-0F20-478B-85F1-DBB45691EB0D@padl.com> <4D0479E3.4050508@gmail.com> <4D04D7D6.4090105@isode.com> <4D051731.1020400@isode.com> <2230EA03-32C5-4D34-BC6B-304E813BE3A7@gbiv.com> Date: Wed, 5 Jan 2011 20:28:08 -0500 Message-ID: From: Robert Sayre To: "Roy T. Fielding" Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable X-Mailman-Approved-At: Thu, 06 Jan 2011 06:33:43 -0800 Cc: "apps-discuss@ietf.org" , websec , "kitten@ietf.org" , "http-auth@ietf.org" , "saag@ietf.org" , "ietf-http-wg@w3.org Group" Subject: Re: [websec] [kitten] [saag] HTTP authentication: the next generation X-BeenThere: websec@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Web Application Security Minus Authentication and Transport List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 06 Jan 2011 01:26:09 -0000 > Peter Saint-Andre wrote: > 2. In 2007, Robert Sayre put together a few slides on the topic: > http://people.mozilla.com/~sayrer/2007/auth.html These are back on the Web, in case anyone missed them (probably not). On Sun, Dec 12, 2010 at 5:39 PM, Roy T. Fielding wrote: > > Define them all and let's have a bake-off. =A0It has been 16 years since > HTTP auth was taken out of our hands so that the security experts could > define something perfect. =A0Zero progress so far. Hard to disagree with this assessment. It's pretty easy to define something better than the current HTTP authentication mechanisms, but pretty hard to design something more popular than forms+cookies. I've looked at this problem a little bit, and I gather the strictly technical security properties we're looking for are pretty well understood. Deployment and presentation control are the tough parts. Presentation control is actually a security trade-off--to get the control web designers want, you have to present graphics before the server has been authenticated. Also, I suspect it will be difficult to deploy a new HTTP mechanism that can withstand replay and DoS attacks, unless proxy conformance gets a lot better. So, I think those advocating TLS-only solutions might turn out to win the day, but not because the security properties on offer are particularly compelling. I think the IETF might do better to focus on a smaller problem, at first. People often use self-signed certificates with HTTP/TLS, even though the first thing their websites ask the user to do is type a username and password into a form. There are some well-understood ways to make this process more secure. Why hasn't the IETF fixed this problem? If this smaller problem has no ready solution, then the larger issue of authentication on the entire Web seems like a tough nut to crack. It could be that the reasons for this lack of progress are nontechnical. Just throwing that out there. --=20 Robert Sayre "I would have written a shorter letter, but I did not have the time." From benl@google.com Thu Jan 6 07:29:48 2011 Return-Path: X-Original-To: websec@core3.amsl.com Delivered-To: websec@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id C3DCE3A6DD4 for ; Thu, 6 Jan 2011 07:29:48 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -104.548 X-Spam-Level: X-Spam-Status: No, score=-104.548 tagged_above=-999 required=5 tests=[AWL=-1.572, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id o5l1SCa0JzqQ for ; Thu, 6 Jan 2011 07:29:47 -0800 (PST) Received: from smtp-out.google.com (smtp-out.google.com [216.239.44.51]) by core3.amsl.com (Postfix) with ESMTP id ED1953A6C33 for ; Thu, 6 Jan 2011 07:29:46 -0800 (PST) Received: from wpaz9.hot.corp.google.com (wpaz9.hot.corp.google.com [172.24.198.73]) by smtp-out.google.com with ESMTP id p06FVrmJ006216 for ; Thu, 6 Jan 2011 07:31:53 -0800 DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d=google.com; s=beta; t=1294327913; bh=UP69RRHWGGYUU/4X7jvHl3J8mX4=; h=MIME-Version:In-Reply-To:References:Date:Message-ID:Subject:From: To:Cc:Content-Type; b=tffwv5pj1cfBxD2UXrNiPA9hnISD7CFCPAfxxhAbDNjqV18FhGKKdq/fWbqDK2rlg pX5D1iypM0wn9OQoG9f9Q== Received: from qwk4 (qwk4.prod.google.com [10.241.195.132]) by wpaz9.hot.corp.google.com with ESMTP id p06FVNRv016678 for ; Thu, 6 Jan 2011 07:31:52 -0800 Received: by qwk4 with SMTP id 4so17212557qwk.4 for ; Thu, 06 Jan 2011 07:31:52 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=beta; h=domainkey-signature:mime-version:received:received:in-reply-to :references:date:message-id:subject:from:to:cc:content-type; bh=4HF7vbiBG5YS3CoUX9wu70DOSHl4iLZrUnsX4DNBd8w=; b=BWKqmSdEvTDeyQ2eqttv3+gBNEmZ8ZTujH6HL3DADxzsmbBUAlcazFi9amXmpe/stX C8Xwy0FBWlv0jfqgUknQ== DomainKey-Signature: a=rsa-sha1; c=nofws; d=google.com; s=beta; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; b=hH30kqLSSKa1ZEPU9Hu/va/17y7O5RquFN4F2cWEnZwLtv6zPxOQENUmecs1T29R8b EpxWBDsyopxO1loOVpOQ== MIME-Version: 1.0 Received: by 10.229.215.135 with SMTP id he7mr2980674qcb.104.1294327911945; Thu, 06 Jan 2011 07:31:51 -0800 (PST) Received: by 10.220.88.137 with HTTP; Thu, 6 Jan 2011 07:31:51 -0800 (PST) In-Reply-To: References: <4D02AF81.6000907@stpeter.im> <78BD0B98-0F20-478B-85F1-DBB45691EB0D@padl.com> <4D0479E3.4050508@gmail.com> <4D04D7D6.4090105@isode.com> <4D051731.1020400@isode.com> <2230EA03-32C5-4D34-BC6B-304E813BE3A7@gbiv.com> Date: Thu, 6 Jan 2011 15:31:51 +0000 Message-ID: From: Ben Laurie To: Robert Sayre Content-Type: multipart/alternative; boundary=00163630f5376a161c04992f33be X-System-Of-Record: true Cc: "apps-discuss@ietf.org" , "Roy T. Fielding" , websec , "kitten@ietf.org" , "http-auth@ietf.org" , "saag@ietf.org" , "ietf-http-wg@w3.org Group" Subject: Re: [websec] [kitten] [saag] HTTP authentication: the next generation X-BeenThere: websec@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Web Application Security Minus Authentication and Transport List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 06 Jan 2011 15:29:49 -0000 --00163630f5376a161c04992f33be Content-Type: text/plain; charset=ISO-8859-1 On 6 January 2011 01:28, Robert Sayre wrote: > > Peter Saint-Andre wrote: > > 2. In 2007, Robert Sayre put together a few slides on the topic: > > http://people.mozilla.com/~sayrer/2007/auth.html > > These are back on the Web, in case anyone missed them (probably not). > > On Sun, Dec 12, 2010 at 5:39 PM, Roy T. Fielding > wrote: > > > > Define them all and let's have a bake-off. It has been 16 years since > > HTTP auth was taken out of our hands so that the security experts could > > define something perfect. Zero progress so far. > > I think the IETF might do better to focus on a smaller problem, at > first. People often use self-signed certificates with HTTP/TLS, even > though the first thing their websites ask the user to do is type a > username and password into a form. There are some well-understood ways > to make this process more secure. Why hasn't the IETF fixed this > problem? If this smaller problem has no ready solution, then the > larger issue of authentication on the entire Web seems like a tough > nut to crack. > Two comments (one really being a response to Roy): 1. The IETF has fixed the problem, but no-one is using the fix - perhaps because it is not clear that it is the fix. I speak of RFC 4279, TLS pre-shared keys. These could be derived from a hash of the password and the site name, for example, and thus provide secure mutual authentication despite password reuse. 2. I have often heard (though I am not aware of hard evidence for this, nevertheless I find it plausible) that one reason no-one has bothered to improve HTTP auth is because no-one would use it since site owners want to control the user experience around signin. It seems to me, therefore, that HTTP is the wrong layer to fix the problem at - it needs to be pushed down into HTML or Javascript so that the page can control the look, while appropriate HTML elements or JS code can deal with the secure exchange of data. Of course, this still leaves the issue of trusted path: although we can provide elements which are safe to use, even when being phished, how does the user know those elements are actually being used, rather than simulated so as to get hold of the underlying password? The answer to this problem is hard, since it brings us back to taking the UI out of the sites hands. > It could be that the reasons for this lack of progress are > nontechnical. Just throwing that out there. > If you think UI is nontechnical, then I agree. Cheers, Ben. --00163630f5376a161c04992f33be Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable

On 6 January 2011 01:28, Robert Sayre <sayrer@gmail.com> wrote:
> Peter Saint-Andre <stpeter@stpeter.im> wrote:
> 2. In 2007, Robert Sayre put together a few slides on the topic:
> http://people.mozilla.com/~sayrer/2007/auth.html

These are back on the Web, in case anyone missed them (probably not).=

On Sun, Dec 12, 2010 at 5:39 PM, Roy T. Fielding <fielding@gbiv.com> wrote:
>
> Define them all and let's have a bake-off. =A0It has been 16 years= since
> HTTP auth was taken out of our hands so that the security experts coul= d
> define something perfect. =A0Zero progress so far.

I think the IETF might do better to focus on a smaller problem, at
first. People often use self-signed certificates with HTTP/TLS, even
though the first thing their websites ask the user to do is type a
username and password into a form. There are some well-understood ways
to make this process more secure. Why hasn't the IETF fixed this
problem? If this smaller problem has no ready solution, then the
larger issue of authentication on the entire Web seems like a tough
nut to crack.

Two comments (one really = being a response to Roy):

1. The IETF has fixed th= e problem, but no-one is using the fix - perhaps because it is not clear th= at it is the fix. I speak of RFC 4279, TLS pre-shared keys. These could be = derived from a hash of the password and the site name, for example, and thu= s provide secure mutual authentication despite password reuse.

2. I have often heard (though I am not aware of hard ev= idence for this, nevertheless I find it plausible) that one reason no-one h= as bothered to improve HTTP auth is because no-one would use it since site = owners want to control the user experience around signin. It seems to me, t= herefore, that HTTP is the wrong layer to fix the problem at - it needs to = be pushed down into HTML or Javascript so that the page can control the loo= k, while appropriate HTML elements or JS code can deal with the secure exch= ange of data.

Of course, this still leaves the issue of trusted path:= although we can provide elements which are safe to use, even when being ph= ished, how does the user know those elements are actually being used, rathe= r than simulated so as to get hold of the underlying password?

The answer to this problem is hard, since it brings us = back to taking the UI out of the sites hands.

=A0<= /div>
It could be that the reasons for this lack of progress are
nontechnical. Just throwing that out there.

=
If you think UI is nontechnical, then I agree.

Cheers,

Ben.

--00163630f5376a161c04992f33be-- From benl@google.com Thu Jan 6 10:48:12 2011 Return-Path: X-Original-To: websec@core3.amsl.com Delivered-To: websec@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 277453A6F40 for ; Thu, 6 Jan 2011 10:48:12 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -103.319 X-Spam-Level: X-Spam-Status: No, score=-103.319 tagged_above=-999 required=5 tests=[AWL=-1.342, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Kyx3IivYck4H for ; Thu, 6 Jan 2011 10:48:12 -0800 (PST) Received: from smtp-out.google.com (smtp-out.google.com [74.125.121.67]) by core3.amsl.com (Postfix) with ESMTP id ABD893A6CC6 for ; Thu, 6 Jan 2011 10:48:11 -0800 (PST) Received: from wpaz33.hot.corp.google.com (wpaz33.hot.corp.google.com [172.24.198.97]) by smtp-out.google.com with ESMTP id p06IGIRR011521 for ; Thu, 6 Jan 2011 10:16:18 -0800 DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d=google.com; s=beta; t=1294337778; bh=tOrSd+BaLDGYpH9HsyVCcafu+oA=; h=MIME-Version:In-Reply-To:References:Date:Message-ID:Subject:From: To:Cc:Content-Type; b=nhcwIisUO7oAkg66A8rDBAHv5zLtVTeKxgwhQrGOkd1tM+8dUs0mMmYzkOc12BMsQ vRwjIWFLBdC/r+miufS3g== Received: from qyk34 (qyk34.prod.google.com [10.241.83.162]) by wpaz33.hot.corp.google.com with ESMTP id p06IGG8d018636 (version=TLSv1/SSLv3 cipher=RC4-MD5 bits=128 verify=NOT) for ; Thu, 6 Jan 2011 10:16:16 -0800 Received: by qyk34 with SMTP id 34so17386494qyk.17 for ; Thu, 06 Jan 2011 10:16:16 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=beta; h=domainkey-signature:mime-version:received:received:in-reply-to :references:date:message-id:subject:from:to:cc:content-type; bh=ztYKyBRdnEWKJBsTrbql2FglzmqVhvAw6IaIUfdkB7w=; b=BxXEavN29UHyrsu3lhFh4wtPxqyyfTe7rbvsAK9O9yU8bnoEzoceDOSlCK6QPcd3dG ll62XjLsoR18WS0HmO5Q== DomainKey-Signature: a=rsa-sha1; c=nofws; d=google.com; s=beta; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; b=FCRb0q97ppk3nPf0vWscaA0RV1zaAaw54FU7Dt4Ih57ZFclnJC0C5VptKxZu+gFzH7 b9AIO/Z0ax7qhwFKRnlQ== MIME-Version: 1.0 Received: by 10.229.215.135 with SMTP id he7mr3108759qcb.104.1294337776341; Thu, 06 Jan 2011 10:16:16 -0800 (PST) Received: by 10.220.88.137 with HTTP; Thu, 6 Jan 2011 10:16:15 -0800 (PST) In-Reply-To: References: <4D02AF81.6000907@stpeter.im> <78BD0B98-0F20-478B-85F1-DBB45691EB0D@padl.com> <4D0479E3.4050508@gmail.com> <4D04D7D6.4090105@isode.com> <4D051731.1020400@isode.com> <2230EA03-32C5-4D34-BC6B-304E813BE3A7@gbiv.com> Date: Thu, 6 Jan 2011 18:16:15 +0000 Message-ID: From: Ben Laurie To: David Morris Content-Type: text/plain; charset=ISO-8859-1 X-System-Of-Record: true Cc: "apps-discuss@ietf.org" , websec , "kitten@ietf.org" , "http-auth@ietf.org" , "saag@ietf.org" , "ietf-http-wg@w3.org Group" Subject: Re: [websec] [saag] [kitten] HTTP authentication: the next generation X-BeenThere: websec@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Web Application Security Minus Authentication and Transport List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 06 Jan 2011 18:48:12 -0000 On 6 January 2011 16:03, David Morris wrote: > > > On Thu, 6 Jan 2011, Ben Laurie wrote: > >> The answer to this problem is hard, since it brings us back to taking the UI >> out of the sites hands. > > Which is only helpful if you can somehow gaurantee that the user agent > software hasn't been compromised. Not something I'd bet on... That's rather overstating it. It's perfectly helpful when the UA software hasn't been compromised, which is a non-zero fraction of the time. When the UA s/w has been compromised I'm quite happy to fail to fix the problem: the right answer to that is to improve the robustness of the UA. From dwm@xpasc.com Thu Jan 6 08:01:50 2011 Return-Path: X-Original-To: websec@core3.amsl.com Delivered-To: websec@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id C72A63A6EFF; Thu, 6 Jan 2011 08:01:50 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.307 X-Spam-Level: X-Spam-Status: No, score=-1.307 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, MISSING_HEADERS=1.292] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id n202LIwHccwW; Thu, 6 Jan 2011 08:01:49 -0800 (PST) Received: from mail.xpasc.com (mail.xpasc.com [68.164.244.189]) by core3.amsl.com (Postfix) with ESMTP id 640053A6E48; Thu, 6 Jan 2011 08:01:49 -0800 (PST) Received: from bslepgate.xpasc.com (localhost.localdomain [127.0.0.1]) by bslepgate.xpasc.com (Postfix-out) with ESMTP id CDB7510058A; Thu, 6 Jan 2011 08:03:55 -0800 (PST) X-Propel-Return-Path: Received: from mail.xpasc.com ([10.1.2.88]) by [127.0.0.1] ([127.0.0.1]) (port 7027) (Abaca EPG outproxy filter 3.1.2.exported $Rev: 9262 $) id iz6Urb16g3T0; Thu, 06 Jan 2011 08:03:55 -0800 Received: from xpasc.com (egate.xpasc.com [10.1.2.49]) by bslepgate.xpasc.com (Postfix-out) with ESMTP id 97631100585; Thu, 6 Jan 2011 08:03:55 -0800 (PST) Received: from egate.xpasc.com (egate.xpasc.com [10.1.2.49]) by xpasc.com (8.13.8/8.13.8) with ESMTP id p06G3shY018211; Thu, 6 Jan 2011 08:03:54 -0800 Date: Thu, 6 Jan 2011 08:03:54 -0800 (PST) From: David Morris In-Reply-To: Message-ID: References: <4D02AF81.6000907@stpeter.im> <78BD0B98-0F20-478B-85F1-DBB45691EB0D@padl.com> <4D0479E3.4050508@gmail.com> <4D04D7D6.4090105@isode.com> <4D051731.1020400@isode.com> <2230EA03-32C5-4D34-BC6B-304E813BE3A7@gbiv.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Propel-ID: iz6Urb16g3T0 X-Mailman-Approved-At: Thu, 06 Jan 2011 11:28:34 -0800 Cc: "apps-discuss@ietf.org" , websec , "kitten@ietf.org" , "http-auth@ietf.org" , "saag@ietf.org" , "ietf-http-wg@w3.org Group" Subject: Re: [websec] [kitten] [saag] HTTP authentication: the next generation X-BeenThere: websec@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Web Application Security Minus Authentication and Transport List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 06 Jan 2011 16:01:50 -0000 On Thu, 6 Jan 2011, Ben Laurie wrote: > The answer to this problem is hard, since it brings us back to taking the UI > out of the sites hands. Which is only helpful if you can somehow gaurantee that the user agent software hasn't been compromised. Not something I'd bet on... From tim-projects@sentinelchicken.org Thu Jan 6 08:23:56 2011 Return-Path: X-Original-To: websec@core3.amsl.com Delivered-To: websec@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 319863A6E35 for ; Thu, 6 Jan 2011 08:23:56 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.574 X-Spam-Level: X-Spam-Status: No, score=-2.574 tagged_above=-999 required=5 tests=[AWL=-0.309, BAYES_00=-2.599, IP_NOT_FRIENDLY=0.334] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JmaPj6MaEk7c for ; Thu, 6 Jan 2011 08:23:55 -0800 (PST) Received: from sentinelchicken.org (mail.sentinelchicken.org [69.168.48.72]) by core3.amsl.com (Postfix) with ESMTP id E99243A6D79 for ; Thu, 6 Jan 2011 08:23:54 -0800 (PST) Received: (qmail 3324 invoked from network); 6 Jan 2011 16:28:47 -0000 Received: from unknown (HELO pascal.sentinelchicken.org) (10.81.64.2) by feynman.sentinelchicken.org with ESMTPS (DHE-RSA-AES256-SHA encrypted); 6 Jan 2011 16:28:47 -0000 Received: (qmail 23661 invoked from network); 6 Jan 2011 16:29:18 -0000 Received: from shannon.sentinelchicken.org (10.81.64.4) by pascal.sentinelchicken.org with SMTP; 6 Jan 2011 16:29:18 -0000 Received: (nullmailer pid 15198 invoked by uid 1000); Thu, 06 Jan 2011 16:25:59 -0000 Date: Thu, 6 Jan 2011 08:25:59 -0800 From: Tim To: Ben Laurie Message-ID: <20110106162559.GQ6792@sentinelchicken.org> References: <78BD0B98-0F20-478B-85F1-DBB45691EB0D@padl.com> <4D0479E3.4050508@gmail.com> <4D04D7D6.4090105@isode.com> <4D051731.1020400@isode.com> <2230EA03-32C5-4D34-BC6B-304E813BE3A7@gbiv.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.20 (2009-06-14) X-Mailman-Approved-At: Thu, 06 Jan 2011 11:28:34 -0800 Cc: "apps-discuss@ietf.org" , "Roy T. Fielding" , websec , Robert Sayre , "kitten@ietf.org" , "http-auth@ietf.org" , "saag@ietf.org" , "ietf-http-wg@w3.org Group" Subject: Re: [websec] [kitten] [saag] HTTP authentication: the next generation X-BeenThere: websec@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Web Application Security Minus Authentication and Transport List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 06 Jan 2011 16:23:56 -0000 > 1. The IETF has fixed the problem, but no-one is using the fix - perhaps > because it is not clear that it is the fix. I speak of RFC 4279, TLS > pre-shared keys. These could be derived from a hash of the password and the > site name, for example, and thus provide secure mutual authentication > despite password reuse. > > 2. I have often heard (though I am not aware of hard evidence for this, > nevertheless I find it plausible) that one reason no-one has bothered to > improve HTTP auth is because no-one would use it since site owners want to > control the user experience around signin. It seems to me, therefore, that > HTTP is the wrong layer to fix the problem at - it needs to be pushed down > into HTML or Javascript so that the page can control the look, while > appropriate HTML elements or JS code can deal with the secure exchange of > data. Yes, the user experience piece is definitely the biggest adoption problem for HTTP auth, IMO. However, I disagree that HTTP is the wrong layer. It has already been shown (by myself and others) that using HTTP authentication and controlling the user experience can largely be achieved already. A few tweaks to browser 401 response behavior (which doesn't require standards changes) and the ability for servers to force a log out are all that's left to provide to make this reliable. As for RFC 4279, I'm not really familiar with it, but I imagine the mechansims which allow for user experience customization right now with HTTP auth could easily be extended to any TLS authentication mechansim. The only requirement there would be to add some simple language allowing for this behavior in [1]. That is, allow XMLHttpRequest objects to hand the credentials they already accept off to the TLS layer, either for RFC 4279 or for SRP/TLS. > Of course, this still leaves the issue of trusted path: although we can > provide elements which are safe to use, even when being phished, how does > the user know those elements are actually being used, rather than simulated > so as to get hold of the underlying password? > > The answer to this problem is hard, since it brings us back to taking the UI > out of the sites hands. Yes, so what I've outlined above and elsewhere is a relatively simple transition path to allow adoption of better authentication standards with customizable user interfaces. But those are problematic by design. However, I'd assert that moving web applications off of cookies to some lower-layer mechanism is going to be a required first step in order to provide authentication prompts that are part of the browser, for those who need that security. tim 1. http://www.w3.org/TR/XMLHttpRequest/ From mouse@Sparkle.Rodents-Montreal.ORG Thu Jan 6 10:39:24 2011 Return-Path: X-Original-To: websec@core3.amsl.com Delivered-To: websec@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 4CD5F3A6F43; Thu, 6 Jan 2011 10:39:24 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -8.792 X-Spam-Level: X-Spam-Status: No, score=-8.792 tagged_above=-999 required=5 tests=[AWL=1.196, BAYES_00=-2.599, HELO_MISMATCH_ORG=0.611, RCVD_IN_DNSWL_HI=-8] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PImVhi95MZYY; Thu, 6 Jan 2011 10:39:23 -0800 (PST) Received: from Sparkle.Rodents-Montreal.ORG (Sparkle.Rodents-Montreal.ORG [216.46.5.7]) by core3.amsl.com (Postfix) with ESMTP id CF3113A6F3A; Thu, 6 Jan 2011 10:39:22 -0800 (PST) Received: (from mouse@localhost) by Sparkle.Rodents-Montreal.ORG (8.8.8/8.8.8) id NAA23900; Thu, 6 Jan 2011 13:35:40 -0500 (EST) Date: Thu, 6 Jan 2011 13:35:40 -0500 (EST) From: der Mouse Message-Id: <201101061835.NAA23900@Sparkle.Rodents-Montreal.ORG> Mime-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 8bit X-Erik-Conspiracy: There is no Conspiracy - and if there were I wouldn't be part of it anyway. X-Message-Flag: Microsoft: the company who gave us the botnet zombies. X-Composition-Start-Date: Thu, 6 Jan 2011 13:19:53 -0500 (EST) To: apps-discuss@ietf.org, websec@ietf.org, kitten@ietf.org, http-auth@ietf.org, saag@ietf.org, ietf-http-wg@w3.org In-Reply-To: <4D0E8148.7060607@extendedsubset.com> References: <4D02AF81.6000907@stpeter.im> <78BD0B98-0F20-478B-85F1-DBB45691EB0D@padl.com> <4D0479E3.4050508@gmail.com> <4D04D7D6.4090105@isode.com> <4D051731.1020400@isode.com> <4D054041.7010203@cisco.com> <0435D11C-DF55-464D-B23F-F5D114DEE2C3@checkpoint.com> <2229.1292235952.971571@puncture> <4D05FB8F.3070804@qbik.com> <2229.1292239384.281779@puncture> <96517E19-5DC7-47A0-8C21-C710F6F8F772@tzi.org> <2229.1292253372.639419@puncture> <4D0DE882.50201@qbik.com> <4D0E8148.7060607@extendedsubset.com> X-Mailman-Approved-At: Thu, 06 Jan 2011 11:28:34 -0800 Subject: Re: [websec] [saag] [apps-discuss] [kitten] HTTP authentication: the next generation X-BeenThere: websec@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Web Application Security Minus Authentication and Transport List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 06 Jan 2011 18:39:24 -0000 > Look back far enough and you'll find all kinds of "electronic mail" > services implementing the full range of peer and end user > authentication, and sender-pays models. There was no spam on those > systems, or at least not enough that anyone felt like they needed a > word for it. There was basically no spam on open-Internet SMTP mail either, at the time. Certainly "no spam" by today's standards. > Guess why we use the one we use today. At the time, the services you deride weren't providing a significant value-add. Today? They would be. Perhaps not enough to make up for their costs; probably not, in fact, or there'd be businesses arising in that space. As a side note, it's interesting to see how well the early Internet designers built; their systems are routinely being stressed several orders of magnitude beyond what they were designed for, and are holding up remarkably well. The postal system did collapse when it started suffering from spam; that's why the paper chain mail is actually illegal in many jurisdictions - it took down the postal system, once upon a time. The telphone system would collapse if phone spam outnumbered real calls by 10, 25, 100 to 1. (Actually, in a sense they already do. I have a fax line set up, and get dozens of fax spams for every real fax. I've had to start adapting and applying my email spam fighting techniques there....) /~\ The ASCII Mouse \ / Ribbon Campaign X Against HTML mouse@rodents-montreal.org / \ Email! 7D C8 61 52 5D E7 2D 39 4E F1 31 3E E8 B3 27 4B From marsh@extendedsubset.com Thu Jan 6 11:49:54 2011 Return-Path: X-Original-To: websec@core3.amsl.com Delivered-To: websec@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 25C8F3A6F34; Thu, 6 Jan 2011 11:49:53 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.577 X-Spam-Level: X-Spam-Status: No, score=-2.577 tagged_above=-999 required=5 tests=[AWL=0.022, BAYES_00=-2.599] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5IsN4qZgy7XQ; Thu, 6 Jan 2011 11:49:50 -0800 (PST) Received: from mho-02-ewr.mailhop.org (mho-02-ewr.mailhop.org [204.13.248.72]) by core3.amsl.com (Postfix) with ESMTP id 601543A6D06; Thu, 6 Jan 2011 11:49:50 -0800 (PST) Received: from xs01.extendedsubset.com ([69.164.193.58]) by mho-02-ewr.mailhop.org with esmtpa (Exim 4.72) (envelope-from ) id 1PavsL-0007lR-0x; Thu, 06 Jan 2011 19:51:57 +0000 Received: from [192.168.1.15] (localhost [127.0.0.1]) by xs01.extendedsubset.com (Postfix) with ESMTP id 7DDDC603D; Thu, 6 Jan 2011 19:51:54 +0000 (UTC) X-Mail-Handler: MailHop Outbound by DynDNS X-Originating-IP: 69.164.193.58 X-Report-Abuse-To: abuse@dyndns.com (see http://www.dyndns.com/services/mailhop/outbound_abuse.html for abuse reporting information) X-MHO-User: U2FsdGVkX19YqhOZiaovwLDZ2QqifW+U3NXa/nAN2Ec= Message-ID: <4D261D59.9010405@extendedsubset.com> Date: Thu, 06 Jan 2011 13:51:53 -0600 From: Marsh Ray User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.13) Gecko/20101208 Thunderbird/3.1.7 MIME-Version: 1.0 To: der Mouse References: <4D02AF81.6000907@stpeter.im> <78BD0B98-0F20-478B-85F1-DBB45691EB0D@padl.com> <4D0479E3.4050508@gmail.com> <4D04D7D6.4090105@isode.com> <4D051731.1020400@isode.com> <4D054041.7010203@cisco.com> <0435D11C-DF55-464D-B23F-F5D114DEE2C3@checkpoint.com> <2229.1292235952.971571@puncture> <4D05FB8F.3070804@qbik.com> <2229.1292239384.281779@puncture> <96517E19-5DC7-47A0-8C21-C710F6F8F772@tzi.org> <2229.1292253372.639419@puncture> <4D0DE882.50201@qbik.com> <4D0E8148.7060607@extendedsubset.com> <201101061835.NAA23900@Sparkle.Rodents-Montreal.ORG> In-Reply-To: <201101061835.NAA23900@Sparkle.Rodents-Montreal.ORG> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: apps-discuss@ietf.org, websec@ietf.org, kitten@ietf.org, http-auth@ietf.org, saag@ietf.org, ietf-http-wg@w3.org Subject: Re: [websec] [saag] [apps-discuss] [kitten] HTTP authentication: the next generation X-BeenThere: websec@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Web Application Security Minus Authentication and Transport List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 06 Jan 2011 19:49:54 -0000 On 01/06/2011 12:35 PM, der Mouse wrote: >> Look back far enough and you'll find all kinds of "electronic mail" >> services implementing the full range of peer and end user >> authentication, and sender-pays models. There was no spam on those >> systems, or at least not enough that anyone felt like they needed a >> word for it. > > There was basically no spam on open-Internet SMTP mail either, at the > time. Certainly "no spam" by today's standards. > >> Guess why we use the one we use today. > > At the time, the services you deride weren't providing a significant > value-add. I wasn't so much deriding them but saying there were points all over the trade-off curve and the market voted with its feet. Unambiguously. Of course, the marketing creeps followed. > Today? They would be. Perhaps not enough to make up for their costs; > probably not, in fact, or there'd be businesses arising in that space. There are plenty. It's a commoditized low-margin business these days. But the network infrastructure costs are not nearly the biggest cost once you factor in things like end-user support. E.g. http://www.google.com/search?q=hosted+vpn It occurred to me last night that one might recreate the good old days of the Internet with a VPN which allowed access to the good old folks who were on it back then. Sounds a little crass and elitist now that I propose it out loud. But imagine a global authenticated VPN where the only reason you could be banned is for spamming? Or one where you had to be at a university CS department? Or a whole set of overlapping criteria and you could choose what the membership criteria for your own view of the network? Your own personal Virtual Public Internet. > As a side note, it's interesting to see how well the early Internet > designers built; their systems are routinely being stressed several > orders of magnitude beyond what they were designed for, and are holding > up remarkably well. It is amazing, isn't it? > The postal system did collapse when it started > suffering from spam; that's why the paper chain mail is actually > illegal in many jurisdictions - it took down the postal system, once > upon a time. Nice. > The telphone system would collapse if phone spam > outnumbered real calls by 10, 25, 100 to 1. (Actually, in a sense they > already do. I have a fax line set up, and get dozens of fax spams for > every real fax. I've had to start adapting and applying my email spam > fighting techniques there....) We get so many unsolicited calls from telemarketers and robot dialers at home we don't answer the phone unless we recognize the caller ID. Sometimes family calling from roaming cell phones show up as 'unidentified caller' and we mistakenly don't answer. How much more broken can it be? - Marsh From travis+ml-websec@subspacefield.org Thu Jan 6 13:33:53 2011 Return-Path: X-Original-To: websec@core3.amsl.com Delivered-To: websec@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 55B6F3A6CEC for ; Thu, 6 Jan 2011 13:33:53 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.599 X-Spam-Level: X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8YkxBcVMy3FW for ; Thu, 6 Jan 2011 13:33:51 -0800 (PST) Received: from nexus.subspacefield.org (nexus.subspacefield.org [64.156.192.208]) by core3.amsl.com (Postfix) with ESMTP id 4BB813A6BD9 for ; Thu, 6 Jan 2011 13:33:50 -0800 (PST) Received: by nexus.subspacefield.org (Postfix, from userid 1001) id AF89D234C7E; Thu, 6 Jan 2011 13:35:56 -0800 (PST) Date: Thu, 6 Jan 2011 13:35:56 -0800 From: travis+ml-websec@subspacefield.org To: websec@ietf.org Message-ID: <20110106213556.GE19003@subspacefield.org> Mail-Followup-To: websec@ietf.org References: <4D054041.7010203@cisco.com> <0435D11C-DF55-464D-B23F-F5D114DEE2C3@checkpoint.com> <2229.1292235952.971571@puncture> <4D05FB8F.3070804@qbik.com> <2229.1292239384.281779@puncture> <96517E19-5DC7-47A0-8C21-C710F6F8F772@tzi.org> <2229.1292253372.639419@puncture> <11189_1292792454_oBJL0qAU019377_AANLkTi=iGWnBtOgPhN9tRtaJTxQhvRkjq3p0UCkRdT8=@mail.gmail.com> <1292958219.2800.22.camel@destiny> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="k3qmt+ucFURmlhDS" Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.18 (2008-05-17) Subject: [websec] key management, was Re: HTTP authentication X-BeenThere: websec@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Web Application Security Minus Authentication and Transport List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 06 Jan 2011 21:33:53 -0000 --k3qmt+ucFURmlhDS Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Wed, Dec 22, 2010 at 02:08:38AM +0000, Phillip Hallam-Baker wrote: > Raw public keys work less well than people think here. >=20 > A public key identifies a device, never a person. To make a binding to a > person you need infrastructure like I am describing here. If a human being can't remember the public key (and I'm sure most of us cannot), the human being must augment his or her memory by using some kind of external storage device. This is the way things must inevitably go; there is just not enough entropy in a memorized password to prevent anything but online attacks with a velocity check, or something used in a ZKP. And as bandwidth goes up, that space may also become too small by comparison. http://www.subspacefield.org/security/security_concepts/index.html#tth_sEc3= 6.5 If the human being chooses to use a different password or public key on different devices, or the same one on multiple devices, that is up to them. For example, some people keep SSH keys on a flash drive they carry around with them; while it may be read into the device, it is hard to say that it actually identifies the computing device. Perhaps it is more useful to reverse the anthropism, and say that human beings are such lousy, unreliable computing, networking, and storage devices that they cannot securely authenticate themselves. As such, as cryptographers, we are concerned with agents, and that passwords are a throwback, and should only be used to identify/authenticate a human to his more capable agent/proxy/device: http://www.subspacefield.org/security/security_concepts/index.html#tth_sEc1= 0.6 Anyway, back to the matter at hand; keys. In my experience, I've only seen key-means-device in IPSec. It seems that network security tended to ignore users and focus on devices (nodes): http://www.subspacefield.org/security/security_concepts/index.html#tth_sEc1= 0.1 OpenVPN has traditionally worked this way; you install in /etc/openvpn, so it is per-device. But lately, Ubuntu has moved towards having the user start it manually via NetworkManager, and the openvpn keys/certs are usually in your home directory, making the client side per-user. By putting them on a flash drive, you have keys that can move with the user between devices. Along this hybrid approach, it may well be the case that a device may have a key, and a user a key; for example, SSH has host keys on the server side and per-user identities on the client side. SSL works more-or-less the same way when client certs are involved. GPG tends to be key-per-person, but I suppose it can also be installed passwordless on a pseudo-user account, in which case it's hard to argue it really identifies a person, and more resembles the hybrid approach mentioned above. But this describes intent of identification; the issues are more complex: If all systems were only ever used by a single user, then we'd only need key-per-device. If we allow a single user to have multiple devices, we would then need a many-to-one mapping of keys to identities, so that a user could have multiple devices (SSH keys illustrate this point; many keys may get me into my shell account). Multiuser systems mean we must have keys for multiple users entered into the same device. The device is supposed to not misuse these keys, and only use them on behalf of the appropriate user. We SAY that the key identifies the user, but really we mean it identifies the device, and the device maps that to a single user, hopefully (by example, a multi-user Unix system may have many SSH keys on it, stored for many people, but if it operates securely, this is not semantically different than many single-user devices). However, if this security is broken, anyone in control of that system is in control of my key; then the idea of it identifying me is lost. Similarly, if someone sees or guesses my password, it no longer identifies me uniquely. IOW: The key identifies whatever has use of it, and that is almost never a human being alone, since we do not speak TCP/IP. In general, because of this agent-is-me problem, I try to avoid having the same key used with multiple devices. That is, I either have the key identifying a (device) or a (device, person). That way if the device is compromised, the key can be revoked without affecting me on other devices. But current systems which assume the key identifies me (e.g. web passwords) do not really facilitate this. Similarly, I would like to know from where a key was stolen, but if I have the same key in several places, I cannot tell. I think the future will be humans only remembering a key or set of keys that identify them to physically proximate devices; they should not be identifying themselves to remote systems directly, ever, ever, ever. Users of password safe who do not know their own randomly-generated web passwords know what I mean. Perhaps we need secure key management devices with some sort of contact interface - you select an identity on the device, and then touch it to the system in question. I didn't put this on http-auth since it's not strictly about HTTP authentication, but rather key management. I've been meaning to do a presentation on key-management, and this is a great idea for me to add into it. Thanks for bringing it up. You can find my other presentations here, if you're interested: http://www.subspacefield.org/ --=20 Good code works on most inputs; correct code works on all inputs. My emails do not have attachments; it's a digital signature that your mail program doesn't understand. | http://www.subspacefield.org/~travis/=20 If you are a spammer, please email john@subspacefield.org to get blackliste= d. --k3qmt+ucFURmlhDS Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (OpenBSD) iQIcBAEBAgAGBQJNJjW7AAoJEGQVZZEDJt9HsKkQAKEWkdw6UHtIf65IfyCJuJVJ 4CEjlYn9dyny1C2//+lmUaH3cXeHhRQCRFAXefrZ3bJHwARM5ZnNOHceFSzIVwdt oytXXzgh98KKGkdQij7g++BwYA+toQ7DExvac3hDVBCBLinaw5wHJKFP7sUCKKT4 ytCMFR1scjxD4cpmJuWMjBsM4kCmXHvrpFgokOlBgYj1ykkB4SN4NzV7JkJ5nlbX r3KFQj3ultDVv+46iRXzfLWBiKErPzEl/zVrywTKbE1C8AemMzCSI4J7bqFXc3Cf kKQa2RxX0BUrsRi4sVN57zrNC9peGkPosu+WrYUjUCOUsUfUwM17c8o1xPA+Bk9q Eb3HsYK39i2/BrbEPo8W8me4pr2EpKV5Q0t7hbtcKMLjExemewV9lotkoUsj0ehW /JBwKZt7IXrp1p/Hb2AIXVl3/RkxMECGc06Yq9RRu+c65+p6uMm3c7BJFMfDa1a+ gjZxtWS83fplDEVgC/ah8xCgWy7OX6nYz1u/t2vpScjT5JldrzVjzfCbnQNikkfJ MEumgIdPuNzQQPOi5P9rIfix5j0vtlbGoppIbgG/jhGyJ55GN7drN1A1goADw6Y0 DJfWizbkYzaoFhMjhsjgmSk5W70HLT5TU5IuwINH7fcN8gBpBLaeTJfQmDyqbn8U YofA/BohTj2GN/qoXIf2 =BmA2 -----END PGP SIGNATURE----- --k3qmt+ucFURmlhDS-- From benl@google.com Fri Jan 7 04:12:28 2011 Return-Path: X-Original-To: websec@core3.amsl.com Delivered-To: websec@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id E94303A6831 for ; Fri, 7 Jan 2011 04:12:28 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -104.495 X-Spam-Level: X-Spam-Status: No, score=-104.495 tagged_above=-999 required=5 tests=[AWL=-1.518, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, RCVD_IN_DNSWL_LOW=-1, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Rudk9ZjaBoK7 for ; Fri, 7 Jan 2011 04:12:28 -0800 (PST) Received: from smtp-out.google.com (smtp-out.google.com [74.125.121.67]) by core3.amsl.com (Postfix) with ESMTP id 7D86B3A6802 for ; Fri, 7 Jan 2011 04:12:28 -0800 (PST) Received: from kpbe20.cbf.corp.google.com (kpbe20.cbf.corp.google.com [172.25.105.84]) by smtp-out.google.com with ESMTP id p07CEYgP024199 for ; Fri, 7 Jan 2011 04:14:34 -0800 DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d=google.com; s=beta; t=1294402474; bh=ddHvYbpx8oj/DZTucKUBMRlo1fk=; h=MIME-Version:In-Reply-To:References:Date:Message-ID:Subject:From: To:Cc:Content-Type:Content-Transfer-Encoding; b=wA6U/9K5RFfTYIZRwJb1uCudgDYkgbrDYkvdHKtZzyXt3HelKVbE27NfFoELPkcBD 4yGap7dUDU9V26pfOrKtA== Received: from qwh6 (qwh6.prod.google.com [10.241.194.198]) by kpbe20.cbf.corp.google.com with ESMTP id p07CEWEV025899 for ; Fri, 7 Jan 2011 04:14:32 -0800 Received: by qwh6 with SMTP id 6so18365578qwh.35 for ; Fri, 07 Jan 2011 04:14:32 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=beta; h=domainkey-signature:mime-version:received:received:in-reply-to :references:date:message-id:subject:from:to:cc:content-type :content-transfer-encoding; bh=tilmeHWzg1zhUdTg75BSgKYV8NkD8UASZdZvrU93zak=; b=LMMXaIfCReiFZpuNn9QVdkdKdYnjIxOU22yQIS4W/asj9CYD4e4gbNZnYQxo+ekrdn 8FGii/ktL/OIvFEceOgA== DomainKey-Signature: a=rsa-sha1; c=nofws; d=google.com; s=beta; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; b=LyjWj531N7H6aMeY0ZWVwuiSjteRmHAQORR8gGhS9KvvJ1rdlrTjZSRnyFCWqlUDHH YWH9D0/2l15l38TOUk0g== MIME-Version: 1.0 Received: by 10.229.95.11 with SMTP id b11mr22299686qcn.28.1294402472260; Fri, 07 Jan 2011 04:14:32 -0800 (PST) Received: by 10.220.88.137 with HTTP; Fri, 7 Jan 2011 04:14:32 -0800 (PST) In-Reply-To: <4D26CDB5.3090303@gmail.com> References: <4D02AF81.6000907@stpeter.im> <78BD0B98-0F20-478B-85F1-DBB45691EB0D@padl.com> <4D0479E3.4050508@gmail.com> <4D04D7D6.4090105@isode.com> <4D051731.1020400@isode.com> <2230EA03-32C5-4D34-BC6B-304E813BE3A7@gbiv.com> <4D26CDB5.3090303@gmail.com> Date: Fri, 7 Jan 2011 12:14:32 +0000 Message-ID: From: Ben Laurie To: Yaron Sheffer Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable X-System-Of-Record: true Cc: "Roy T. Fielding" , websec , Robert Sayre , "kitten@ietf.org" , "http-auth@ietf.org" , "ietf-http-wg@w3.org Group" Subject: Re: [websec] [saag] [kitten] HTTP authentication: the next generation X-BeenThere: websec@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Web Application Security Minus Authentication and Transport List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 07 Jan 2011 12:12:29 -0000 On 7 January 2011 08:24, Yaron Sheffer wrote: > [Culling down the mailing lists] > > Hi Ben, > > No, RFC 4279 should not be used with (a hash of) human-memorable password= s, > because it would be vulnerable to dictionary attacks. See > http://tools.ietf.org/html/rfc4279#section-7.2. SRP, EKE and similar sche= mes > should be used instead. Fair point, though there seem to be at least political barriers to using SRP, and EKE and friends have other issues. > > Thanks, > =A0 =A0 =A0 =A0Yaron > > On 01/06/2011 05:31 PM, Ben Laurie wrote: > [...] > >> >> >> Two comments (one really being a response to Roy): >> >> 1. The IETF has fixed the problem, but no-one is using the fix - perhaps >> because it is not clear that it is the fix. I speak of RFC 4279, TLS >> pre-shared keys. These could be derived from a hash of the password and >> the site name, for example, and thus provide secure mutual >> authentication despite password reuse. >> > [...] > From yaronf.ietf@gmail.com Fri Jan 7 00:22:22 2011 Return-Path: X-Original-To: websec@core3.amsl.com Delivered-To: websec@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id D19753A67DF; Fri, 7 Jan 2011 00:22:22 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -103.599 X-Spam-Level: X-Spam-Status: No, score=-103.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uhJL-wf+X3uj; Fri, 7 Jan 2011 00:22:22 -0800 (PST) Received: from mail-wy0-f172.google.com (mail-wy0-f172.google.com [74.125.82.172]) by core3.amsl.com (Postfix) with ESMTP id 51F4F3A67AC; Fri, 7 Jan 2011 00:22:21 -0800 (PST) Received: by wyf23 with SMTP id 23so18048837wyf.31 for ; Fri, 07 Jan 2011 00:24:27 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from :user-agent:mime-version:to:cc:subject:references:in-reply-to :content-type:content-transfer-encoding; bh=bvz62BK4fx12WA6hU/WbK/IYmXIVZb/p3SDFBYoNc2U=; b=MDF1aMuJ4Y+z/44T285Lxq9VULCvQ5CayDkxd8BuJrL0W7HkQTcmju1SaI/rucgQ+B wkV05oOcnKG3HFzYxy3KdqSPAHJm2TTLOuDbTTZJFl2oMu8+CVmxx7LQS3j07BleCN19 G6W1OCki2WtDoivXxeGMBu00nWlUrX/OVy54E= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:user-agent:mime-version:to:cc:subject :references:in-reply-to:content-type:content-transfer-encoding; b=BBbgYNF5bKC3+tM3USxnTgL3ULhBA74Su7NC7uoQIFG7kEEOQY8jktEkQvQr0jAjeL DUAqJeoPIzR7wjaz3aSh5Oj5MQaEF1iCfvMXLRSwPRb2VCrDzJf+FPe8NuTEA49AB7nw ecJpb0G75tPhHMUzvtUYUEmQxEkYuX/6JKwxo= Received: by 10.227.144.9 with SMTP id x9mr5823639wbu.103.1294388666421; Fri, 07 Jan 2011 00:24:26 -0800 (PST) Received: from [10.0.0.6] (bzq-109-67-17-212.red.bezeqint.net [109.67.17.212]) by mx.google.com with ESMTPS id q18sm17451343wbe.5.2011.01.07.00.24.23 (version=SSLv3 cipher=RC4-MD5); Fri, 07 Jan 2011 00:24:24 -0800 (PST) Message-ID: <4D26CDB5.3090303@gmail.com> Date: Fri, 07 Jan 2011 10:24:21 +0200 From: Yaron Sheffer User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.13) Gecko/20101208 Lightning/1.0b2 Thunderbird/3.1.7 MIME-Version: 1.0 To: Ben Laurie References: <4D02AF81.6000907@stpeter.im> <78BD0B98-0F20-478B-85F1-DBB45691EB0D@padl.com> <4D0479E3.4050508@gmail.com> <4D04D7D6.4090105@isode.com> <4D051731.1020400@isode.com> <2230EA03-32C5-4D34-BC6B-304E813BE3A7@gbiv.com> In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Mailman-Approved-At: Fri, 07 Jan 2011 04:37:45 -0800 Cc: "Roy T. Fielding" , websec , Robert Sayre , "kitten@ietf.org" , "http-auth@ietf.org" , "ietf-http-wg@w3.org Group" Subject: Re: [websec] [saag] [kitten] HTTP authentication: the next generation X-BeenThere: websec@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Web Application Security Minus Authentication and Transport List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 07 Jan 2011 08:22:22 -0000 [Culling down the mailing lists] Hi Ben, No, RFC 4279 should not be used with (a hash of) human-memorable passwords, because it would be vulnerable to dictionary attacks. See http://tools.ietf.org/html/rfc4279#section-7.2. SRP, EKE and similar schemes should be used instead. Thanks, Yaron On 01/06/2011 05:31 PM, Ben Laurie wrote: [...] > > > Two comments (one really being a response to Roy): > > 1. The IETF has fixed the problem, but no-one is using the fix - perhaps > because it is not clear that it is the fix. I speak of RFC 4279, TLS > pre-shared keys. These could be derived from a hash of the password and > the site name, for example, and thus provide secure mutual > authentication despite password reuse. > [...] From simon@josefsson.org Fri Jan 7 03:56:37 2011 Return-Path: X-Original-To: websec@core3.amsl.com Delivered-To: websec@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 932173A681A; Fri, 7 Jan 2011 03:56:37 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -102.599 X-Spam-Level: X-Spam-Status: No, score=-102.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pf3ZVe7Hfli6; Fri, 7 Jan 2011 03:56:36 -0800 (PST) Received: from yxa-v.extundo.com (yxa-v.extundo.com [213.115.69.139]) by core3.amsl.com (Postfix) with ESMTP id 0B3843A6802; Fri, 7 Jan 2011 03:56:35 -0800 (PST) Received: from latte.josefsson.org ([213.115.69.138]) (authenticated bits=0) by yxa-v.extundo.com (8.14.3/8.14.3/Debian-5+lenny1) with ESMTP id p07BwHLE016162 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NOT); Fri, 7 Jan 2011 12:58:18 +0100 From: Simon Josefsson To: Yaron Sheffer References: <4D02AF81.6000907@stpeter.im> <78BD0B98-0F20-478B-85F1-DBB45691EB0D@padl.com> <4D0479E3.4050508@gmail.com> <4D04D7D6.4090105@isode.com> <4D051731.1020400@isode.com> <2230EA03-32C5-4D34-BC6B-304E813BE3A7@gbiv.com> <4D26CDB5.3090303__44301.5923993245$1294388684$gmane$org@gmail.com> OpenPGP: id=B565716F; url=http://josefsson.org/key.txt X-Hashcash: 1:22:110107:yaronf.ietf@gmail.com::8nDH00IPo3MDcAi5:0OkO X-Hashcash: 1:22:110107:benl@google.com::dHOlZwuujRml5L2l:22Js X-Hashcash: 1:22:110107:ietf-http-wg@w3.org::rU0voKwWmjJ0QWHV:4WYj X-Hashcash: 1:22:110107:fielding@gbiv.com::t/XSArwNppLa4r67:8VPg X-Hashcash: 1:22:110107:websec@ietf.org::cdv3XLGXhP86BgxX:H38W X-Hashcash: 1:22:110107:sayrer@gmail.com::fmh47cJIN2zlmH47:Ki/j X-Hashcash: 1:22:110107:http-auth@ietf.org::N8uIJ3hvQ1W7Sazv:X+gA X-Hashcash: 1:22:110107:kitten@ietf.org::FgG+yHbN3JD0r9Uq:kmyB Date: Fri, 07 Jan 2011 12:57:29 +0100 In-Reply-To: <4D26CDB5.3090303__44301.5923993245$1294388684$gmane$org@gmail.com> (Yaron Sheffer's message of "Fri, 07 Jan 2011 10:24:21 +0200") Message-ID: <87lj2xj592.fsf@latte.josefsson.org> User-Agent: Gnus/5.110011 (No Gnus v0.11) Emacs/23.2 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Virus-Scanned: clamav-milter 0.96.5 at yxa-v X-Virus-Status: Clean X-Mailman-Approved-At: Fri, 07 Jan 2011 04:37:45 -0800 Cc: "Roy T. Fielding" , websec , Robert Sayre , "kitten@ietf.org" , "http-auth@ietf.org" , "ietf-http-wg@w3.org Group" Subject: Re: [websec] HTTP authentication: the next generation X-BeenThere: websec@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Web Application Security Minus Authentication and Transport List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 07 Jan 2011 11:56:37 -0000 One way to mitigate the dictionary attack problem is to do PBKDF#2 processing of the password before it hits TLS-PSK. However I agree that TLS-SRP have superior properties, and it is widely implemented. There is no practical reason to prefer TLS-PSK over TLS-PSK for password-based TLS authentication. One issue is that RFC 5054 is Informational rather than Standards Track (same issue as for TLS-OpenPGP), which is due to political reasons. /Simon Yaron Sheffer writes: > [Culling down the mailing lists] > > Hi Ben, > > No, RFC 4279 should not be used with (a hash of) human-memorable > passwords, because it would be vulnerable to dictionary attacks. See > http://tools.ietf.org/html/rfc4279#section-7.2. SRP, EKE and similar > schemes should be used instead. > > Thanks, > Yaron > > On 01/06/2011 05:31 PM, Ben Laurie wrote: > [...] > >> >> >> Two comments (one really being a response to Roy): >> >> 1. The IETF has fixed the problem, but no-one is using the fix - perhaps >> because it is not clear that it is the fix. I speak of RFC 4279, TLS >> pre-shared keys. These could be derived from a hash of the password and >> the site name, for example, and thus provide secure mutual >> authentication despite password reuse. >> > [...] From simon@josefsson.org Fri Jan 7 06:28:47 2011 Return-Path: X-Original-To: websec@core3.amsl.com Delivered-To: websec@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id DD4083A68D7; Fri, 7 Jan 2011 06:28:47 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -102.599 X-Spam-Level: X-Spam-Status: No, score=-102.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oP9OxbQBMBkV; Fri, 7 Jan 2011 06:28:46 -0800 (PST) Received: from yxa-v.extundo.com (yxa-v.extundo.com [213.115.69.139]) by core3.amsl.com (Postfix) with ESMTP id 4DC553A68BE; Fri, 7 Jan 2011 06:28:46 -0800 (PST) Received: from latte.josefsson.org ([213.115.69.138]) (authenticated bits=0) by yxa-v.extundo.com (8.14.3/8.14.3/Debian-5+lenny1) with ESMTP id p07EUT7V023012 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NOT); Fri, 7 Jan 2011 15:30:31 +0100 From: Simon Josefsson To: Yaron Sheffer References: <4D02AF81.6000907@stpeter.im> <78BD0B98-0F20-478B-85F1-DBB45691EB0D@padl.com> <4D0479E3.4050508@gmail.com> <4D04D7D6.4090105@isode.com> <4D051731.1020400@isode.com> <2230EA03-32C5-4D34-BC6B-304E813BE3A7@gbiv.com> <4D26CDB5.3090303__44301.5923993245$1294388684$gmane$org@gmail.com> <87lj2xj592.fsf@latte.josefsson.org> <4D270DA1.7020408__25077.7970803485$1294405057$gmane$org@gmail.com> OpenPGP: id=B565716F; url=http://josefsson.org/key.txt X-Hashcash: 1:22:110107:http-auth@ietf.org::GFndAU08IAgP67Rw:8ppA X-Hashcash: 1:22:110107:benl@google.com::SQghvywdCmUGonlm:BhSZ X-Hashcash: 1:22:110107:ietf-http-wg@w3.org::15dxnKRibF4RdeUL:HacJ X-Hashcash: 1:22:110107:websec@ietf.org::OgsJlC8FfpBk4Sw+:Ir1K X-Hashcash: 1:22:110107:sayrer@gmail.com::0uhHwungE9rrSt8t:Mjeq X-Hashcash: 1:22:110107:yaronf.ietf@gmail.com::GSKndXAjUb6XHs0d:GUHu X-Hashcash: 1:22:110107:fielding@gbiv.com::Db1vcS1WnfJxHa0F:eba1 X-Hashcash: 1:22:110107:kitten@ietf.org::LJT0AtYQinVS7GSd:p9dv Date: Fri, 07 Jan 2011 15:29:40 +0100 In-Reply-To: <4D270DA1.7020408__25077.7970803485$1294405057$gmane$org@gmail.com> (Yaron Sheffer's message of "Fri, 07 Jan 2011 14:57:05 +0200") Message-ID: <874o9kiy7f.fsf@latte.josefsson.org> User-Agent: Gnus/5.110011 (No Gnus v0.11) Emacs/23.2 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Virus-Scanned: clamav-milter 0.96.5 at yxa-v X-Virus-Status: Clean Cc: "Roy T. Fielding" , websec , Robert Sayre , "kitten@ietf.org" , "http-auth@ietf.org" , "ietf-http-wg@w3.org Group" Subject: Re: [websec] HTTP authentication: the next generation X-BeenThere: websec@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Web Application Security Minus Authentication and Transport List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 07 Jan 2011 14:28:48 -0000 The initial paper contains a security analysis with some reduction-style arguments: http://srp.stanford.edu/ndss.html#SECTION00040000000000000000 As with any crypto document from that time, it will lack in how the assumptions are stated and the reductions are made. That considered, is there something in particular that you think is missing in there? We can fix the problem with lack of review by implementing and deploying the protocol, then certainly researchers are bound to focus on it. ;-) /Simon Yaron Sheffer writes: > Another issue is that SRP (as opposed to other protocols in this > space) is not provably secure, and in fact has had relatively little > cryptographic review, AFAIK. I would be glad to be proven wrong on the > second point. > > Thanks, > Yaron > > On 01/07/2011 01:57 PM, Simon Josefsson wrote: >> One way to mitigate the dictionary attack problem is to do PBKDF#2 >> processing of the password before it hits TLS-PSK. >> >> However I agree that TLS-SRP have superior properties, and it is widely >> implemented. There is no practical reason to prefer TLS-PSK over >> TLS-PSK for password-based TLS authentication. One issue is that RFC >> 5054 is Informational rather than Standards Track (same issue as for >> TLS-OpenPGP), which is due to political reasons. >> >> /Simon >> >> Yaron Sheffer writes: >> >>> [Culling down the mailing lists] >>> >>> Hi Ben, >>> >>> No, RFC 4279 should not be used with (a hash of) human-memorable >>> passwords, because it would be vulnerable to dictionary attacks. See >>> http://tools.ietf.org/html/rfc4279#section-7.2. SRP, EKE and similar >>> schemes should be used instead. >>> >>> Thanks, >>> Yaron >>> >>> On 01/06/2011 05:31 PM, Ben Laurie wrote: >>> [...] >>> >>>> >>>> >>>> Two comments (one really being a response to Roy): >>>> >>>> 1. The IETF has fixed the problem, but no-one is using the fix - perhaps >>>> because it is not clear that it is the fix. I speak of RFC 4279, TLS >>>> pre-shared keys. These could be derived from a hash of the password and >>>> the site name, for example, and thus provide secure mutual >>>> authentication despite password reuse. >>>> >>> [...] From simon@josefsson.org Fri Jan 7 08:53:49 2011 Return-Path: X-Original-To: websec@core3.amsl.com Delivered-To: websec@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id A04343A691B; Fri, 7 Jan 2011 08:53:49 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -103.599 X-Spam-Level: X-Spam-Status: No, score=-103.599 tagged_above=-999 required=5 tests=[AWL=-1.000, BAYES_00=-2.599, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fRYHDcNAmnt7; Fri, 7 Jan 2011 08:53:48 -0800 (PST) Received: from yxa-v.extundo.com (yxa-v.extundo.com [213.115.69.139]) by core3.amsl.com (Postfix) with ESMTP id 1A4573A68D0; Fri, 7 Jan 2011 08:53:46 -0800 (PST) Received: from latte.josefsson.org ([213.115.69.138]) (authenticated bits=0) by yxa-v.extundo.com (8.14.3/8.14.3/Debian-5+lenny1) with ESMTP id p07GtadB029494 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NOT); Fri, 7 Jan 2011 17:55:37 +0100 From: Simon Josefsson To: Yaron Sheffer References: <4D02AF81.6000907@stpeter.im> <78BD0B98-0F20-478B-85F1-DBB45691EB0D@padl.com> <4D0479E3.4050508@gmail.com> <4D04D7D6.4090105@isode.com> <4D051731.1020400@isode.com> <2230EA03-32C5-4D34-BC6B-304E813BE3A7@gbiv.com> <4D26CDB5.3090303__44301.5923993245$1294388684$gmane$org@gmail.com> <87lj2xj592.fsf@latte.josefsson.org> <4D270DA1.7020408__25077.7970803485$1294405057$gmane$org@gmail.com> <874o9kiy7f.fsf@latte.josefsson.org> <4D2739B5.5060107@gmail.com> OpenPGP: id=B565716F; url=http://josefsson.org/key.txt X-Hashcash: 1:22:110107:sayrer@gmail.com::nKbrDoVZ8ntVn1sL:0vDu X-Hashcash: 1:22:110107:fielding@gbiv.com::Z60jztLM1WmVf/qd:5qoh X-Hashcash: 1:22:110107:http-auth@ietf.org::GkOKc/hUdEd3jjQ6:7Jem X-Hashcash: 1:22:110107:ietf-http-wg@w3.org::/a2sto5LOdFoRft1:9U3R X-Hashcash: 1:22:110107:benl@google.com::OwwzH5bedfc1Wks0:91D9 X-Hashcash: 1:22:110107:yaronf.ietf@gmail.com::QpYfSjOpmEpPPQqY:FztG X-Hashcash: 1:22:110107:kitten@ietf.org::Ztv2C0I277++hhXP:tdIu X-Hashcash: 1:22:110107:websec@ietf.org::sNFLAbNnd90XYcDs:+6RP Date: Fri, 07 Jan 2011 17:54:46 +0100 In-Reply-To: <4D2739B5.5060107@gmail.com> (Yaron Sheffer's message of "Fri, 07 Jan 2011 18:05:09 +0200") Message-ID: <87fwt4ejs9.fsf@latte.josefsson.org> User-Agent: Gnus/5.110011 (No Gnus v0.11) Emacs/23.2 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Virus-Scanned: clamav-milter 0.96.5 at yxa-v X-Virus-Status: Clean Cc: "Roy T. Fielding" , websec , Robert Sayre , "kitten@ietf.org" , "http-auth@ietf.org" , "ietf-http-wg@w3.org Group" Subject: Re: [websec] HTTP authentication: the next generation X-BeenThere: websec@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Web Application Security Minus Authentication and Transport List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 07 Jan 2011 16:53:49 -0000 Yaron Sheffer writes: > - I am not a cryptographer, so I am treading on extremely thin ice here. > > - SRP is certainly better than using PSK with passwords, which is > *definitely* vulnerable to dictionary attacks. One final addition here, the situation for PSK depends on the flavour and whether you are talking about active or passive attackers. The statement is true for plain PSK, but less so for DHE_PSK and RSA_PSK. Section 7.2 of 4279: For the PSK ciphersuites, an attacker can get the information required for an off-line attack by eavesdropping on a TLS handshake, or by getting a valid client to attempt connection with the attacker (by tricking the client to connect to the wrong address, or by intercepting a connection attempt to the correct address, for instance). For the DHE_PSK ciphersuites, an attacker can obtain the information by getting a valid client to attempt connection with the attacker. Passive eavesdropping alone is not sufficient. For the RSA_PSK ciphersuites, only the server (authenticated using RSA and certificates) can obtain sufficient information for an off-line attack. /Simon > - That said, I have done my little bit of due diligence (talked to the > author of SRP and to several cryptographers who've played with some of > these schemes). Personally, I would rather use a protocol that's been > formally proven (PACE, AugPAKE, other descendants of EKE) or has had > real solid cryptographic review (the original EKE). Again, I would be > happy to be proven wrong on this. > > - Even if we start with a mathematically perfect protocol, we are > bound to make design and engineering mistakes. And Marsh and his like > will happily poke holes into these implementations :-) But I'd like to > avoid compounding the risk with cryptographically unsound protocols. > > Thanks, > Yaron > > On 01/07/2011 04:29 PM, Simon Josefsson wrote: >> The initial paper contains a security analysis with some reduction-style >> arguments: >> >> http://srp.stanford.edu/ndss.html#SECTION00040000000000000000 >> >> As with any crypto document from that time, it will lack in how the >> assumptions are stated and the reductions are made. That considered, is >> there something in particular that you think is missing in there? >> >> We can fix the problem with lack of review by implementing and deploying >> the protocol, then certainly researchers are bound to focus on it. ;-) >> >> /Simon >> >> Yaron Sheffer writes: >> >>> Another issue is that SRP (as opposed to other protocols in this >>> space) is not provably secure, and in fact has had relatively little >>> cryptographic review, AFAIK. I would be glad to be proven wrong on the >>> second point. >>> >>> Thanks, >>> Yaron >>> >>> On 01/07/2011 01:57 PM, Simon Josefsson wrote: >>>> One way to mitigate the dictionary attack problem is to do PBKDF#2 >>>> processing of the password before it hits TLS-PSK. >>>> >>>> However I agree that TLS-SRP have superior properties, and it is widely >>>> implemented. There is no practical reason to prefer TLS-PSK over >>>> TLS-PSK for password-based TLS authentication. One issue is that RFC >>>> 5054 is Informational rather than Standards Track (same issue as for >>>> TLS-OpenPGP), which is due to political reasons. >>>> >>>> /Simon >>>> >>>> Yaron Sheffer writes: >>>> >>>>> [Culling down the mailing lists] >>>>> >>>>> Hi Ben, >>>>> >>>>> No, RFC 4279 should not be used with (a hash of) human-memorable >>>>> passwords, because it would be vulnerable to dictionary attacks. See >>>>> http://tools.ietf.org/html/rfc4279#section-7.2. SRP, EKE and similar >>>>> schemes should be used instead. >>>>> >>>>> Thanks, >>>>> Yaron >>>>> >>>>> On 01/06/2011 05:31 PM, Ben Laurie wrote: >>>>> [...] >>>>> >>>>>> >>>>>> >>>>>> Two comments (one really being a response to Roy): >>>>>> >>>>>> 1. The IETF has fixed the problem, but no-one is using the fix - perhaps >>>>>> because it is not clear that it is the fix. I speak of RFC 4279, TLS >>>>>> pre-shared keys. These could be derived from a hash of the password and >>>>>> the site name, for example, and thus provide secure mutual >>>>>> authentication despite password reuse. >>>>>> >>>>> [...] > _______________________________________________ > Kitten mailing list > Kitten@ietf.org > https://www.ietf.org/mailman/listinfo/kitten From hallam@gmail.com Sat Jan 8 08:05:36 2011 Return-Path: X-Original-To: websec@core3.amsl.com Delivered-To: websec@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id ED07028C116; Sat, 8 Jan 2011 08:05:35 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -3.394 X-Spam-Level: X-Spam-Status: No, score=-3.394 tagged_above=-999 required=5 tests=[AWL=0.204, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6gCSwpkqFCfA; Sat, 8 Jan 2011 08:05:34 -0800 (PST) Received: from mail-yi0-f44.google.com (mail-yi0-f44.google.com [209.85.218.44]) by core3.amsl.com (Postfix) with ESMTP id 980FE28C115; Sat, 8 Jan 2011 08:05:30 -0800 (PST) Received: by yie19 with SMTP id 19so5709246yie.31 for ; Sat, 08 Jan 2011 08:07:38 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:received:in-reply-to :references:date:message-id:subject:from:to:cc:content-type; bh=EZat7nI2OqohWyhSuZ4/WUlxZZdT1hBAk9ZOiTKdMs8=; b=IsStjSvSUvS0dPFDf1N3Ml3awrq6X6rj5PoZzGDm8t25H5pVn6+V+O8BlPF4zYXGiw 15TFFqfUG6WgkHRo9pfnC6zEIrglsN88NS7dz4gkaK9K3deHlpnk8vEW0vNrYsxJ4yyZ hWZlZEK/FamRcOPXqikvjrHHlsdrGvTmrl/lo= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; b=WSyrgGBaHg3J5BznJYd6ZsF1Ar8HJ3QQhdyo4tPV51GGUNa4oJNsQCdx/zvFY8FyWK C5j2k8JRj00t4G/7PZ1MX0RU3qlQtl2dosSeNZKMm9U++nWz2mXgPU/iACBsZyYyhIrg IKFedcrAXxE3YeAiKRUmipB+NPHJj2bdEiEzY= MIME-Version: 1.0 Received: by 10.100.173.13 with SMTP id v13mr2476968ane.171.1294502858509; Sat, 08 Jan 2011 08:07:38 -0800 (PST) Received: by 10.100.31.8 with HTTP; Sat, 8 Jan 2011 08:07:38 -0800 (PST) In-Reply-To: References: <4D02AF81.6000907@stpeter.im> <78BD0B98-0F20-478B-85F1-DBB45691EB0D@padl.com> <4D0479E3.4050508@gmail.com> <4D04D7D6.4090105@isode.com> <4D051731.1020400@isode.com> <2230EA03-32C5-4D34-BC6B-304E813BE3A7@gbiv.com> Date: Sat, 8 Jan 2011 11:07:38 -0500 Message-ID: From: Phillip Hallam-Baker To: Ben Laurie Content-Type: multipart/alternative; boundary=0016e644dbc60acc57049957ef07 Cc: "apps-discuss@ietf.org" , "Roy T. Fielding" , websec , Robert Sayre , "kitten@ietf.org" , "http-auth@ietf.org" , "saag@ietf.org" , "ietf-http-wg@w3.org Group" Subject: Re: [websec] [saag] [kitten] HTTP authentication: the next generation X-BeenThere: websec@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Web Application Security Minus Authentication and Transport List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 08 Jan 2011 16:05:36 -0000 --0016e644dbc60acc57049957ef07 Content-Type: text/plain; charset=ISO-8859-1 I think that Ben is right that we are solving the wrong problem. The problem is that users are asked to maintain accounts at literally HUNDREDS of accounts. And some cretins, some utter morons, some bog-brained berks think it is reasonable to tell the user to have a different password for every one! I can't remember the account names, the password is easy as I only had one (for non financial) - until those cretins at Gawker screwed up. Now I have to reset my password at all those places. We have to solve the federated auth problem and it is really, really easy: Account Name is the RFC 821/822 email address. This is what the Web has started to adopt of its own accord as a user account identifier. It is the only one that people can remember reliably. Authentication service is resolved via DNS service lookup i.e. SRV or similar. I can show people how to fix up the issues to do with use of non-canonical names. Client authenticates to authentication service using any protocol they both support. This is quite simple to implement, just stick a list of supported auth services in the DNS. We can re-use all those existing auth protocols that work (SAML would be a good choice but we don't need to be overly restrictive here.) HTTP carries a standardized, non-linkable auth token I have some ideas on how we could modify DIGEST to do this. DIGEST would not be problematic if the password had 128 bits of ergodicity and we upgraded the digest function. The reason for re-using DIGEST here would be to avoid patent encumbrances. I considered the issue of linkability at great length when writing the original DIGEST design. At the moment I am focused on getting the foundation laid. But I will try to come up with a full proposal before Prague. I know that you can achieve some of the desired authentication properties with public keys at the client. The problem is that our current use of computers has gone way beyond the one-machine-per-person paradigm On a recent trip to Europe with the family I counted that we had 10 computers with us capable of supporting IP (3 laptops, 3 iPhones, 2 Nintendos, 1 iPad and a kindle). Cardspace has some really, really great properties but they are totally lost when you try to make the service accessible from multiple machines by putting it 'in the cloud'. In fact, other than a manager, I have never found anyone who reven thinks they know what they mean by 'in the cloud' for CardSpace. I certainly have never seen an explanation I can understand. Devices get lost. Devices get stolen. We don't want to encourage that so there needs to be something more than just a certificate based client auth scheme. I think we need some form of centralized (for given account) account management in the mix so that the user can authorize/deauthorize devices for use (c.f. Amazon's Kindle account management) So there are basically two architectural options for using public key. One is to use it strictly between the client and the auth service and use a token like approach as discussed above. Another is for the auth service to issue an assertion of the form 'you can tell its fred by this public key (amongst others)'. SAML already has support for both approaches BTW. On Thu, Jan 6, 2011 at 10:31 AM, Ben Laurie wrote: > > > On 6 January 2011 01:28, Robert Sayre wrote: >> >> > Peter Saint-Andre wrote: >> > 2. In 2007, Robert Sayre put together a few slides on the topic: >> > http://people.mozilla.com/~sayrer/2007/auth.html >> >> These are back on the Web, in case anyone missed them (probably not). >> >> On Sun, Dec 12, 2010 at 5:39 PM, Roy T. Fielding >> wrote: >> > >> > Define them all and let's have a bake-off. It has been 16 years since >> > HTTP auth was taken out of our hands so that the security experts could >> > define something perfect. Zero progress so far. >> >> I think the IETF might do better to focus on a smaller problem, at >> first. People often use self-signed certificates with HTTP/TLS, even >> though the first thing their websites ask the user to do is type a >> username and password into a form. There are some well-understood ways >> to make this process more secure. Why hasn't the IETF fixed this >> problem? If this smaller problem has no ready solution, then the >> larger issue of authentication on the entire Web seems like a tough >> nut to crack. > > Two comments (one really being a response to Roy): > 1. The IETF has fixed the problem, but no-one is using the fix - perhaps > because it is not clear that it is the fix. I speak of RFC 4279, TLS > pre-shared keys. These could be derived from a hash of the password and the > site name, for example, and thus provide secure mutual authentication > despite password reuse. > 2. I have often heard (though I am not aware of hard evidence for this, > nevertheless I find it plausible) that one reason no-one has bothered to > improve HTTP auth is because no-one would use it since site owners want to > control the user experience around signin. It seems to me, therefore, that > HTTP is the wrong layer to fix the problem at - it needs to be pushed down > into HTML or Javascript so that the page can control the look, while > appropriate HTML elements or JS code can deal with the secure exchange of > data. > Of course, this still leaves the issue of trusted path: although we can > provide elements which are safe to use, even when being phished, how does > the user know those elements are actually being used, rather than simulated > so as to get hold of the underlying password? > The answer to this problem is hard, since it brings us back to taking the UI > out of the sites hands. > >> >> It could be that the reasons for this lack of progress are >> nontechnical. Just throwing that out there. > > If you think UI is nontechnical, then I agree. > Cheers, > Ben. > > _______________________________________________ > saag mailing list > saag@ietf.org > https://www.ietf.org/mailman/listinfo/saag > > -- Website: http://hallambaker.com/ --0016e644dbc60acc57049957ef07 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable I think that Ben is right that we are solving the wrong problem.

The= problem is that users are asked to maintain accounts at literally HUNDREDS= of accounts.

And some cretins, some utter morons, some bog-brained= berks think it is reasonable to tell the user to have a different password= for every one!


I can't remember the account names, the password is easy as I o= nly had one (for non financial) - until those cretins at Gawker screwed up.= Now I have to reset my password at all those places.


We have to= solve the federated auth problem and it is really, really easy:

Account Name is the RFC 821/822 email address.

This is what the Web has started to adopt of its own accord as= a user account identifier. It is the only one that people can remember rel= iably.

Authentication service is resolved via DNS service lookup

i.e. SRV or similar. I can show people = how to fix up the issues to do with use of non-canonical names.

Client authenticates to authentication ser= vice using any protocol they both support.

This is quite simple to implement, just stick a list of supported auth= services in the DNS.

We can re-use all those exis= ting auth protocols that work (SAML would be a good choice but we don't= need to be overly restrictive here.)

HTTP carries a standardized, non-linkable = auth token

I have so= me ideas on how we could modify DIGEST to do this. DIGEST would not be prob= lematic if the password had 128 bits of ergodicity and we upgraded the dige= st function.

The reason for re-using DIGEST here would be to avoid p= atent encumbrances. I considered the issue of linkability at great length w= hen writing the original DIGEST design.


At the moment I am focused on getting the foundation laid. B= ut I will try to come up with a full proposal before Prague.


I know that you can achieve some of the desired aut= hentication properties with public keys at the client. The problem is that = our current use of computers has gone way beyond the one-machine-per-person= paradigm

On a recent trip to Europe with the family I counted th= at we had 10 computers with us capable of supporting IP (3 laptops, 3 iPhon= es, 2 Nintendos, 1 iPad and a kindle).

Cardspace h= as some really, really great properties but they are totally lost when you = try to make the service accessible from multiple machines by putting it = 9;in the cloud'. In fact, other than a manager, I have never found anyo= ne who reven thinks they know what they mean by 'in the cloud' for = CardSpace. I certainly have never seen an explanation I can understand.=A0<= /div>

Devices get lost. Devices get stolen. We don't want= to encourage that so there needs to be something more than just a certific= ate based client auth scheme.


I thi= nk we need some form of centralized (for given account) account management = in the mix so that the user can authorize/deauthorize devices for use (c.f.= Amazon's Kindle account management)

So there are basically two architectural options for us= ing public key. One is to use it strictly between the client and the auth s= ervice and use a token like approach as discussed above. Another is for the= auth service to issue an assertion of the form 'you can tell its fred = by this public key (amongst others)'.

SAML already has support for both approaches BTW.=A0


On Thu, Jan 6, 2011 at 10:31 AM, Ben Laurie <= benl@google.com> wrote:
> >
> On 6 January 2011 01:28, Robert Sayre <sayrer@gmail.com> wrote:
>>
>> >= ; Peter Saint-Andre <stpeter@stpet= er.im> wrote:
>> > 2. In 2007, Robert Sayre put together a few slides on the top= ic:
>> > http://people.mozilla.com/~sayrer/2007/auth.html
>>
>> These are back on the Web, in case anyone missed them (probably no= t).
>>
>> On Sun, Dec 12, 2010 at 5:39 PM, Roy T. Fieldin= g <fielding@gbiv.com>
>= ;> wrote:
>> >
>> > Define them all and let's have a bake-of= f. =A0It has been 16 years since
>> > HTTP auth was taken out o= f our hands so that the security experts could
>> > define some= thing perfect. =A0Zero progress so far.
>>
>> I think the IETF might do better to focus on a smaller= problem, at
>> first. People often use self-signed certificates w= ith HTTP/TLS, even
>> though the first thing their websites ask th= e user to do is type a
>> username and password into a form. There are some well-understood = ways
>> to make this process more secure. Why hasn't the IETF = fixed this
>> problem? If this smaller problem has no ready soluti= on, then the
>> larger issue of authentication on the entire Web seems like a toug= h
>> nut to crack.
>
> Two comments (one really being = a response to Roy):
> 1. The IETF has fixed the problem, but no-one i= s using the fix - perhaps
> because it is not clear that it is the fix. I speak of RFC 4279, TLS> pre-shared keys. These could be derived from a hash of the password = and the
> site name, for example, and thus provide secure mutual auth= entication
> despite password reuse.
> 2. I have often heard (though I am not= aware of hard evidence for this,
> nevertheless I find it plausible)= that one reason no-one has bothered to
> improve HTTP auth is becaus= e no-one would use it since site owners want to
> control the user experience around signin. It seems to me, therefore, = that
> HTTP is the wrong layer to fix the problem at - it needs to be= pushed down
> into HTML or Javascript so that the page can control t= he look, while
> appropriate HTML elements or JS code can deal with the secure exchange= of
> data.
> Of course, this still leaves the issue of trusted= path: although we can
> provide elements which are safe to use, even= when being phished, how does
> the user know those elements are actually being used, rather than simu= lated
> so as to get hold of the underlying password?
> The ans= wer to this problem is hard, since it brings us back to taking the UI
> out of the sites hands.
> =A0
>>
>> It could b= e that the reasons for this lack of progress are
>> nontechnical. = Just throwing that out there.
>
> If you think UI is nontechnic= al, then I agree.
> Cheers,
> Ben.
>
> _________________________________= ______________
> saag mailing list
> saag@ietf.org
> https://www.ietf.org/mailman/listinfo/saag
>
>



--
Website: http://hallambaker.com/


--0016e644dbc60acc57049957ef07-- From hallam@gmail.com Sat Jan 8 08:19:38 2011 Return-Path: X-Original-To: websec@core3.amsl.com Delivered-To: websec@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 0B3AE28C13A; Sat, 8 Jan 2011 08:19:38 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -3.426 X-Spam-Level: X-Spam-Status: No, score=-3.426 tagged_above=-999 required=5 tests=[AWL=0.172, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rv2k8-0ECqSB; Sat, 8 Jan 2011 08:19:36 -0800 (PST) Received: from mail-yx0-f172.google.com (mail-yx0-f172.google.com [209.85.213.172]) by core3.amsl.com (Postfix) with ESMTP id DD14728C116; Sat, 8 Jan 2011 08:19:34 -0800 (PST) Received: by yxt33 with SMTP id 33so7991387yxt.31 for ; Sat, 08 Jan 2011 08:21:43 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:received:in-reply-to :references:date:message-id:subject:from:to:cc:content-type; bh=P/kVq8JqTkbriAI2YHZ98j+IH6nPYaKiXLgMS1MrhJg=; b=gj3y71kH8mkwf9cxcnOrEcJQbI+UOFHppgDDPLZGHIdfFFp2xvOoVOpWrXtvD+yUkA +LKTe3Xre6ZFVGT3kLsOPfjpJ4+FCR/k4ryZHG6UBxHuR3hliF/G0Ra32UC7Ftq25kiT CSSObZqQKWywj3P9ZvOUXBi4SBO5ct7i6a2U8= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; b=akVsGITiA3khO4gDCJU1IG1XlVTf0CvbBpjMaP9HTk7XT1qtjcDuiz08xafz+rqNOS +wqrQGZtiyzvfSjsGG6J0XLtD94i1iVJMpQmw12JwA00AmVcNDKtrDrIp3Wm4HuFW/B6 MyZXCnpieOCjP1JWjS/yGhBmH0vu4YVZLrxzI= MIME-Version: 1.0 Received: by 10.101.67.16 with SMTP id u16mr15882518ank.1.1294503702896; Sat, 08 Jan 2011 08:21:42 -0800 (PST) Received: by 10.100.31.8 with HTTP; Sat, 8 Jan 2011 08:21:42 -0800 (PST) In-Reply-To: References: <4D02AF81.6000907@stpeter.im> <78BD0B98-0F20-478B-85F1-DBB45691EB0D@padl.com> <4D0479E3.4050508@gmail.com> <4D04D7D6.4090105@isode.com> <4D051731.1020400@isode.com> <2230EA03-32C5-4D34-BC6B-304E813BE3A7@gbiv.com> Date: Sat, 8 Jan 2011 11:21:42 -0500 Message-ID: From: Phillip Hallam-Baker To: Ben Laurie Content-Type: multipart/alternative; boundary=00163662e65b5f211d049958212f Cc: "apps-discuss@ietf.org" , David Morris , websec , "kitten@ietf.org" , "http-auth@ietf.org" , "saag@ietf.org" , "ietf-http-wg@w3.org Group" Subject: Re: [websec] [saag] [kitten] HTTP authentication: the next generation X-BeenThere: websec@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Web Application Security Minus Authentication and Transport List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 08 Jan 2011 16:19:38 -0000 --00163662e65b5f211d049958212f Content-Type: text/plain; charset=ISO-8859-1 On Thu, Jan 6, 2011 at 1:16 PM, Ben Laurie wrote: > On 6 January 2011 16:03, David Morris wrote: > > > > > > On Thu, 6 Jan 2011, Ben Laurie wrote: > > > >> The answer to this problem is hard, since it brings us back to taking > the UI > >> out of the sites hands. > > > > Which is only helpful if you can somehow gaurantee that the user agent > > software hasn't been compromised. Not something I'd bet on... > > That's rather overstating it. It's perfectly helpful when the UA > software hasn't been compromised, which is a non-zero fraction of the > time. > > When the UA s/w has been compromised I'm quite happy to fail to fix > the problem: the right answer to that is to improve the robustness of > the UA. +1 If the UA is stuffed then the user is totally and utterly stuffed anyway. In particular if the UA is stuffed then a forms based experience is just as stuffed. If we are going to hypothecate attack models people have to be willing to apply them to their preferred solution too. The sensible approach is to work out how to stop the user from being stuffed e.g. * Comodo's free Anti-Virus with Default Deny Protection (TM) * Use code signing + trustworthy computing * Use a restricted browser Now I have a lot of ideas on how we can tackle these, but they are not relevant to this debate. I do however have a different take on the UI issue. HTML forms did have an advantage over the pathetic UI that browsers provided for BASIC and DIGEST (most don't even tell the user which is in use). But a federated auth scheme supported at the HTTP level could be simpler still. Instead of the user having to register for each site, they register once. Instead of the user having to log in to each site they log in once per session. Instead of the site having to manage lost passwords and forgotten accounts because the user has hundreds, this problem does not exist. It is a user interface crisis that is driving this need in my view. -- Website: http://hallambaker.com/ --00163662e65b5f211d049958212f Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable On Thu, Jan 6, 2011 at 1:16 PM, Ben Laurie <benl@google.com> wrote:
On 6 January 2011 16:03, David Morris <dwm@xpasc.com> wrote:
>
>
> On Thu, 6 Jan 2011, Ben Laurie wrote:
>
>> The answer to this problem is hard, since it brings us back to tak= ing the UI
>> out of the sites hands.
>
> Which is only helpful if you can somehow gaurantee that the user agent=
> software hasn't been compromised. Not something I'd bet on...<= br>
That's rather overstating it. It's perfectly helpful when the= UA
software hasn't been compromised, which is a non-zero fraction of the time.

When the UA s/w has been compromised I'm quite happy to fail to fix
the problem: the right answer to that is to improve the robustness of
the UA.

+1

If the = UA is stuffed then the user is totally and utterly stuffed anyway.=A0
=

In particular if the UA is stuffed then a forms based e= xperience is just as stuffed. If we are going to hypothecate attack models = people have to be willing to apply them to their preferred solution too.


The sensible approach is to work out how= to stop the user from being stuffed e.g.=A0

=A0* = Comodo's free Anti-Virus with Default Deny Protection (TM)
= =A0* Use code signing + trustworthy computing
=A0* Use a restricted browser=A0

Now I have a= lot of ideas on how we can tackle these, but they are not relevant to this= debate.


I do however have a differ= ent take on the UI issue.=A0

HTML forms did have an advantage over the pathetic UI t= hat browsers provided for BASIC and DIGEST (most don't even tell the us= er which is in use).

But a federated auth scheme s= upported at the HTTP level could be simpler still. Instead of the user havi= ng to register for each site, they register once. Instead of the user havin= g to log in to each site they log in once per session. Instead of the site = having to manage lost passwords and forgotten accounts because the user has= hundreds, this problem does not exist.


It is a user interface crisis that is dr= iving this need in my view.


-- Website: http://hallambaker.com/
--00163662e65b5f211d049958212f-- From hallam@gmail.com Sat Jan 8 09:50:39 2011 Return-Path: X-Original-To: websec@core3.amsl.com Delivered-To: websec@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 3C2C23A67FB; Sat, 8 Jan 2011 09:50:39 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -3.428 X-Spam-Level: X-Spam-Status: No, score=-3.428 tagged_above=-999 required=5 tests=[AWL=0.170, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 20paQQnmkSN0; Sat, 8 Jan 2011 09:50:37 -0800 (PST) Received: from mail-gx0-f172.google.com (mail-gx0-f172.google.com [209.85.161.172]) by core3.amsl.com (Postfix) with ESMTP id 4885D3A67E3; Sat, 8 Jan 2011 09:50:37 -0800 (PST) Received: by gxk28 with SMTP id 28so8482976gxk.31 for ; Sat, 08 Jan 2011 09:52:45 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:received:in-reply-to :references:date:message-id:subject:from:to:cc:content-type; bh=6bo8ZioF39rKL6lWvOQo5g2WqHHhQncsxAnkblyge2E=; b=jWIHeGDUOh6avcUiKYI7wTYJwXy3jV8Acwp85reJHuvwsDKt8TaSgr8SGj5bn7Q7bv jG2GSHJKVTAA9sgZKU7NZ4wuZ42O+jZbnhxcQUq74l1TCZaXmMIaC0yNxPR6LkqMfWnL tuiYH6ugrFSmbfe0lfKwHBKdlGFwnHo2lWpJk= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; b=g3FpArmvl34jXqveOoAO3WWa9XUrTArhTTE14LqMm9R3QH4k7wPphX8fK/KgZnsYnM jBigHkW3i9jMtNPJtsOOxoaJFUSZhDnDiNwBUhJwN42VR72PMU6XBpttZm04NoXcFF3p +mWIZVwfHvsxDrYrql6OzS8B9K/d4dEIHJ0SA= MIME-Version: 1.0 Received: by 10.100.173.13 with SMTP id v13mr2521122ane.171.1294509165388; Sat, 08 Jan 2011 09:52:45 -0800 (PST) Received: by 10.100.31.8 with HTTP; Sat, 8 Jan 2011 09:52:45 -0800 (PST) In-Reply-To: References: <4D02AF81.6000907@stpeter.im> <78BD0B98-0F20-478B-85F1-DBB45691EB0D@padl.com> <4D0479E3.4050508@gmail.com> <4D04D7D6.4090105@isode.com> <4D051731.1020400@isode.com> <2230EA03-32C5-4D34-BC6B-304E813BE3A7@gbiv.com> Date: Sat, 8 Jan 2011 12:52:45 -0500 Message-ID: From: Phillip Hallam-Baker To: Blaine Cook Content-Type: multipart/alternative; boundary=0016e644dbc6f623100499596635 Cc: "apps-discuss@ietf.org" , David Morris , websec , "kitten@ietf.org" , "http-auth@ietf.org" , "saag@ietf.org" , "ietf-http-wg@w3.org Group" Subject: Re: [websec] [apps-discuss] [saag] [kitten] HTTP authentication: the next generation X-BeenThere: websec@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Web Application Security Minus Authentication and Transport List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 08 Jan 2011 17:50:39 -0000 --0016e644dbc6f623100499596635 Content-Type: text/plain; charset=ISO-8859-1 OAUTH and Webfinger are both pretty much as good as you can expect to achieve if you decide at the start that you are not going to modify the infrastructure. But that decision limits what you can expect to achieve. A particular problem with OAuth is that you can only use the identity providers that are supported by the particular site. So I had to use my Twitter account to play spymaster. And when Twitter got shirty and started blocking other players accounts they lost their game account and their twitter account at the same time. There are people who think I should get a facebook account just so that I can use their application. Not happening. As for WebFinger, it works, but not nearly as well as a clean DNS scheme. DNS is designed to address this problem, HTTP is not. And solving the problem with HTTP requires us to have a scheme that involves DNS + HTTP + SSL + PKIX which is rather a lot of moving parts and to make matters work some those parts are not just moving, they are changing. I think it is a very good idea to look at WebFinger and OAuth and see how to realize these approaches direct in the infrastructure. But they should be seen as starting points, not ends. On Sat, Jan 8, 2011 at 12:37 PM, Blaine Cook wrote: > Two points: > > 1. In this entire thread, no-one has mentioned OAuth. Maybe y'all > don't like it, but it's used to authenticate more HTTP requests by > volume and users than everything-except-cookies combined. You may want > to consider the design of OAuth when proceeding with these > discussions, rather than the laundry list of [completely] failed > protocols. > > 2. With respect to federated auth, especially using email address-like > identifiers, there has been a bevy of (deployed) work in this regard. > The effort is called webfinger, and is worth a look. Instead of DNS, > we use host-meta based HTTP lookups to dereference the identifiers. > Many diaspora and status.net installs are using it today, and there > are several proposals towards building a security & privacy > infrastructure on top of webfinger (webid is one such proposal whose > incorporation of client-side TLS certificates in a browser context > makes me very weary of its potential for success). > > b. > > On 8 January 2011 08:21, Phillip Hallam-Baker wrote: > > On Thu, Jan 6, 2011 at 1:16 PM, Ben Laurie wrote: > >> > >> On 6 January 2011 16:03, David Morris wrote: > >> > > >> > > >> > On Thu, 6 Jan 2011, Ben Laurie wrote: > >> > > >> >> The answer to this problem is hard, since it brings us back to taking > >> >> the UI > >> >> out of the sites hands. > >> > > >> > Which is only helpful if you can somehow gaurantee that the user agent > >> > software hasn't been compromised. Not something I'd bet on... > >> > >> That's rather overstating it. It's perfectly helpful when the UA > >> software hasn't been compromised, which is a non-zero fraction of the > >> time. > >> > >> When the UA s/w has been compromised I'm quite happy to fail to fix > >> the problem: the right answer to that is to improve the robustness of > >> the UA. > > > > +1 > > If the UA is stuffed then the user is totally and utterly stuffed anyway. > > In particular if the UA is stuffed then a forms based experience is just > as > > stuffed. If we are going to hypothecate attack models people have to be > > willing to apply them to their preferred solution too. > > > > The sensible approach is to work out how to stop the user from being > stuffed > > e.g. > > * Comodo's free Anti-Virus with Default Deny Protection (TM) > > * Use code signing + trustworthy computing > > * Use a restricted browser > > Now I have a lot of ideas on how we can tackle these, but they are not > > relevant to this debate. > > > > I do however have a different take on the UI issue. > > HTML forms did have an advantage over the pathetic UI that browsers > provided > > for BASIC and DIGEST (most don't even tell the user which is in use). > > But a federated auth scheme supported at the HTTP level could be simpler > > still. Instead of the user having to register for each site, they > register > > once. Instead of the user having to log in to each site they log in once > per > > session. Instead of the site having to manage lost passwords and > forgotten > > accounts because the user has hundreds, this problem does not exist. > > > > It is a user interface crisis that is driving this need in my view. > > > > -- > > Website: http://hallambaker.com/ > > > > > > _______________________________________________ > > apps-discuss mailing list > > apps-discuss@ietf.org > > https://www.ietf.org/mailman/listinfo/apps-discuss > > > > > -- Website: http://hallambaker.com/ --0016e644dbc6f623100499596635 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable OAUTH and Webfinger are both pretty much as good as you can expect to achie= ve if you decide at the start that you are not going to modify the infrastr= ucture.

But that decision limits what you can expect to = achieve.


A particular problem with OAuth is that = you can only use the identity providers that are supported by the particula= r site. So I had to use my Twitter account to play spymaster. And when Twit= ter got shirty and started blocking other players accounts they lost their = game account and their twitter account at the same time.

There are people who think I should get a facebook acco= unt just so that I can use their application. Not happening.

=

As for WebFinger, it works, but not nearly as wel= l as a clean DNS scheme. DNS is designed to address this problem, HTTP is n= ot. And solving the problem with HTTP requires us to have a scheme that inv= olves DNS + HTTP + SSL + PKIX which is rather a lot of moving parts and to = make matters work some those parts are not just moving, they are changing.<= /div>


I think it is a very good idea to look a= t WebFinger and OAuth and see how to realize these approaches direct in the= infrastructure. But they should be seen as starting points, not ends.


On Sat, Jan 8, 2011 at 12:37 PM, Bl= aine Cook <romeda@= gmail.com> wrote:
Two points:

1. In this entire thread, no-one has mentioned OAuth. Maybe y'all
don't like it, but it's used to authenticate more HTTP requests by<= br> volume and users than everything-except-cookies combined. You may want
to consider the design of OAuth when proceeding with these
discussions, rather than the laundry list of [completely] failed
protocols.

2. With respect to federated auth, especially using email address-like
identifiers, there has been a bevy of (deployed) work in this regard.
The effort is called webfinger, and is worth a look. Instead of DNS,
we use host-meta based HTTP lookups to dereference the identifiers.
Many diaspora and status.ne= t installs are using it today, and there
are several proposals towards building a security & privacy
infrastructure on top of webfinger (webid is one such proposal whose
incorporation of client-side TLS certificates in a browser context
makes me very weary of its potential for success).

b.

On 8 January 2011 08:21, Phillip Hallam-Baker <hallam@gmail.com> wrote:
> On Thu, Jan 6, 2011 at 1:16 PM, Ben Laurie <benl@google.com> wrote:
>>
>> On 6 January 2011 16:03, David Morris <dwm@xpasc.com> wrote:
>> >
>> >
>> > On Thu, 6 Jan 2011, Ben Laurie wrote:
>> >
>> >> The answer to this problem is hard, since it brings us ba= ck to taking
>> >> the UI
>> >> out of the sites hands.
>> >
>> > Which is only helpful if you can somehow gaurantee that the u= ser agent
>> > software hasn't been compromised. Not something I'd b= et on...
>>
>> That's rather overstating it. It's perfectly helpful when = the UA
>> software hasn't been compromised, which is a non-zero fraction= of the
>> time.
>>
>> When the UA s/w has been compromised I'm quite happy to fail t= o fix
>> the problem: the right answer to that is to improve the robustness= of
>> the UA.
>
> +1
> If the UA is stuffed then the user is totally and utterly stuffed anyw= ay.
> In particular if the UA is stuffed then a forms based experience is ju= st as
> stuffed. If we are going to hypothecate attack models people have to b= e
> willing to apply them to their preferred solution too.
>
> The sensible approach is to work out how to stop the user from being s= tuffed
> e.g.
> =A0* Comodo's free Anti-Virus with Default Deny Protection (TM) > =A0* Use code signing + trustworthy computing
> =A0* Use a restricted browser
> Now I have a lot of ideas on how we can tackle these, but they are not=
> relevant to this debate.
>
> I do however have a different take on the UI issue.
> HTML forms did have an advantage over the pathetic UI that browsers pr= ovided
> for BASIC and DIGEST (most don't even tell the user which is in us= e).
> But a federated auth scheme supported at the HTTP level could be simpl= er
> still. Instead of the user having to register for each site, they regi= ster
> once. Instead of the user having to log in to each site they log in on= ce per
> session. Instead of the site having to manage lost passwords and forgo= tten
> accounts because the user has hundreds, this problem does not exist. >
> It is a user interface crisis that is driving this need in my view. >
> --
> Website: http://= hallambaker.com/
>
>
> _______________________________________________
> apps-discuss mailing list
> apps-discuss@ietf.org
> https://www.ietf.org/mailman/listinfo/apps-discuss
>
>



--
Website: http://hallambaker.com/

--0016e644dbc6f623100499596635-- From yaronf.ietf@gmail.com Fri Jan 7 04:55:13 2011 Return-Path: X-Original-To: websec@core3.amsl.com Delivered-To: websec@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 46F443A686E; Fri, 7 Jan 2011 04:55:13 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -103.599 X-Spam-Level: X-Spam-Status: No, score=-103.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id L07Vm7cKoG49; Fri, 7 Jan 2011 04:55:12 -0800 (PST) Received: from mail-ww0-f44.google.com (mail-ww0-f44.google.com [74.125.82.44]) by core3.amsl.com (Postfix) with ESMTP id C40053A6873; Fri, 7 Jan 2011 04:55:11 -0800 (PST) Received: by wwa36 with SMTP id 36so17450279wwa.13 for ; Fri, 07 Jan 2011 04:57:13 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from :user-agent:mime-version:to:cc:subject:references:in-reply-to :content-type:content-transfer-encoding; bh=8wB0BVHtoZNLSagh8m1PIgBE1XzJFln/PN6afWFMKh4=; b=QTG8DuwxYK0cZzA6ewan7/LdBbZYmKKxpzg2DNm/xhX8G7uB5Q/m/C93aeI/dxnyaX eiMykX00X8Oc3ayEBouf3tPxvn7BRNgxJU6sv1PLiLKbo3nmI7wUNwH+GJ/mHmea7Ed8 nLTsxkv2Y9Q/5gTg03Y9VubfDodTM0DZiGmzI= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:user-agent:mime-version:to:cc:subject :references:in-reply-to:content-type:content-transfer-encoding; b=T09V7sxDVE5FcbtNEmBRmlCkwYQJJqg7IlHHFYQjTB8aKt33za5sqgjjIfBCWPoqxU U1r23HIBdfdMahaVbuRanLxQ134YuLZRSeLjjMPWhlSr8Cq17tUKHV0m3BOlnnl2C/Gy 8ZVIQ+/6DOVts8WRKg/hBey8kdSTErwi/HSHI= Received: by 10.227.177.10 with SMTP id bg10mr9575207wbb.148.1294405033432; Fri, 07 Jan 2011 04:57:13 -0800 (PST) Received: from [10.0.0.6] ([109.67.17.212]) by mx.google.com with ESMTPS id f35sm17642679wbf.20.2011.01.07.04.57.08 (version=SSLv3 cipher=RC4-MD5); Fri, 07 Jan 2011 04:57:12 -0800 (PST) Message-ID: <4D270DA1.7020408@gmail.com> Date: Fri, 07 Jan 2011 14:57:05 +0200 From: Yaron Sheffer User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.13) Gecko/20101208 Lightning/1.0b2 Thunderbird/3.1.7 MIME-Version: 1.0 To: Simon Josefsson References: <4D02AF81.6000907@stpeter.im> <78BD0B98-0F20-478B-85F1-DBB45691EB0D@padl.com> <4D0479E3.4050508@gmail.com> <4D04D7D6.4090105@isode.com> <4D051731.1020400@isode.com> <2230EA03-32C5-4D34-BC6B-304E813BE3A7@gbiv.com> <4D26CDB5.3090303__44301.5923993245$1294388684$gmane$org@gmail.com> <87lj2xj592.fsf@latte.josefsson.org> In-Reply-To: <87lj2xj592.fsf@latte.josefsson.org> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit X-Mailman-Approved-At: Sat, 08 Jan 2011 10:46:17 -0800 Cc: "Roy T. Fielding" , websec , Robert Sayre , "kitten@ietf.org" , "http-auth@ietf.org" , "ietf-http-wg@w3.org Group" Subject: Re: [websec] HTTP authentication: the next generation X-BeenThere: websec@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Web Application Security Minus Authentication and Transport List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 07 Jan 2011 12:55:13 -0000 Another issue is that SRP (as opposed to other protocols in this space) is not provably secure, and in fact has had relatively little cryptographic review, AFAIK. I would be glad to be proven wrong on the second point. Thanks, Yaron On 01/07/2011 01:57 PM, Simon Josefsson wrote: > One way to mitigate the dictionary attack problem is to do PBKDF#2 > processing of the password before it hits TLS-PSK. > > However I agree that TLS-SRP have superior properties, and it is widely > implemented. There is no practical reason to prefer TLS-PSK over > TLS-PSK for password-based TLS authentication. One issue is that RFC > 5054 is Informational rather than Standards Track (same issue as for > TLS-OpenPGP), which is due to political reasons. > > /Simon > > Yaron Sheffer writes: > >> [Culling down the mailing lists] >> >> Hi Ben, >> >> No, RFC 4279 should not be used with (a hash of) human-memorable >> passwords, because it would be vulnerable to dictionary attacks. See >> http://tools.ietf.org/html/rfc4279#section-7.2. SRP, EKE and similar >> schemes should be used instead. >> >> Thanks, >> Yaron >> >> On 01/06/2011 05:31 PM, Ben Laurie wrote: >> [...] >> >>> >>> >>> Two comments (one really being a response to Roy): >>> >>> 1. The IETF has fixed the problem, but no-one is using the fix - perhaps >>> because it is not clear that it is the fix. I speak of RFC 4279, TLS >>> pre-shared keys. These could be derived from a hash of the password and >>> the site name, for example, and thus provide secure mutual >>> authentication despite password reuse. >>> >> [...] From yaronf.ietf@gmail.com Fri Jan 7 08:34:11 2011 Return-Path: X-Original-To: websec@core3.amsl.com Delivered-To: websec@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 3931C3A68D0; Fri, 7 Jan 2011 08:34:11 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -103.599 X-Spam-Level: X-Spam-Status: No, score=-103.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MdmEHsYHNX-5; Fri, 7 Jan 2011 08:34:09 -0800 (PST) Received: from mail-wy0-f172.google.com (mail-wy0-f172.google.com [74.125.82.172]) by core3.amsl.com (Postfix) with ESMTP id 6CCEF3A68C0; Fri, 7 Jan 2011 08:34:07 -0800 (PST) Received: by wyf23 with SMTP id 23so18465156wyf.31 for ; Fri, 07 Jan 2011 08:36:12 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from :user-agent:mime-version:to:cc:subject:references:in-reply-to :content-type:content-transfer-encoding; bh=f+fhP7UPeAW6UH0hkHpFz2PBxTHW8cDCICMCIxYY4y4=; b=bkAQbjgZzk7YNxPuU63NW1UzbRZ7Kv5eCS5KDn1eyGXHRiObV7DbDXiVTZXfEC7R18 4ZF3VLRiu8PSb233/p1fm2rYP+YV0iNw7AT7x4z90QzN9B2JIeg97FNIF1Pmzo9uQF0/ o3DhSuD8r5FFERLjJCBceK8KP+j9YkLdAHnjk= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:user-agent:mime-version:to:cc:subject :references:in-reply-to:content-type:content-transfer-encoding; b=b0E815ule1RlK1rqsgYuXpdVdjAgrqfNLgC9tuiKDDdTo6w7IlCoXO58vRbHlPQMhq LGNGsC3DQEVTajKdcBMyy0xZoIkfrbrGhuZiy0kzCtQq1S5fQWo/L0YG850z72IheJb/ EoOXqRNnMBryTt3rrxdWSWZ54kOOwD87dhAMo= Received: by 10.227.141.197 with SMTP id n5mr8212052wbu.100.1294416320023; Fri, 07 Jan 2011 08:05:20 -0800 (PST) Received: from [10.0.0.6] ([109.67.17.212]) by mx.google.com with ESMTPS id 11sm17773721wbj.13.2011.01.07.08.05.12 (version=SSLv3 cipher=RC4-MD5); Fri, 07 Jan 2011 08:05:18 -0800 (PST) Message-ID: <4D2739B5.5060107@gmail.com> Date: Fri, 07 Jan 2011 18:05:09 +0200 From: Yaron Sheffer User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.13) Gecko/20101208 Lightning/1.0b2 Thunderbird/3.1.7 MIME-Version: 1.0 To: Simon Josefsson References: <4D02AF81.6000907@stpeter.im> <78BD0B98-0F20-478B-85F1-DBB45691EB0D@padl.com> <4D0479E3.4050508@gmail.com> <4D04D7D6.4090105@isode.com> <4D051731.1020400@isode.com> <2230EA03-32C5-4D34-BC6B-304E813BE3A7@gbiv.com> <4D26CDB5.3090303__44301.5923993245$1294388684$gmane$org@gmail.com> <87lj2xj592.fsf@latte.josefsson.org> <4D270DA1.7020408__25077.7970803485$1294405057$gmane$org@gmail.com> <874o9kiy7f.fsf@latte.josefsson.org> In-Reply-To: <874o9kiy7f.fsf@latte.josefsson.org> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit X-Mailman-Approved-At: Sat, 08 Jan 2011 10:46:17 -0800 Cc: "Roy T. Fielding" , websec , Robert Sayre , "kitten@ietf.org" , "http-auth@ietf.org" , "ietf-http-wg@w3.org Group" Subject: Re: [websec] HTTP authentication: the next generation X-BeenThere: websec@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Web Application Security Minus Authentication and Transport List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 07 Jan 2011 16:34:11 -0000 - I am not a cryptographer, so I am treading on extremely thin ice here. - SRP is certainly better than using PSK with passwords, which is *definitely* vulnerable to dictionary attacks. - That said, I have done my little bit of due diligence (talked to the author of SRP and to several cryptographers who've played with some of these schemes). Personally, I would rather use a protocol that's been formally proven (PACE, AugPAKE, other descendants of EKE) or has had real solid cryptographic review (the original EKE). Again, I would be happy to be proven wrong on this. - Even if we start with a mathematically perfect protocol, we are bound to make design and engineering mistakes. And Marsh and his like will happily poke holes into these implementations :-) But I'd like to avoid compounding the risk with cryptographically unsound protocols. Thanks, Yaron On 01/07/2011 04:29 PM, Simon Josefsson wrote: > The initial paper contains a security analysis with some reduction-style > arguments: > > http://srp.stanford.edu/ndss.html#SECTION00040000000000000000 > > As with any crypto document from that time, it will lack in how the > assumptions are stated and the reductions are made. That considered, is > there something in particular that you think is missing in there? > > We can fix the problem with lack of review by implementing and deploying > the protocol, then certainly researchers are bound to focus on it. ;-) > > /Simon > > Yaron Sheffer writes: > >> Another issue is that SRP (as opposed to other protocols in this >> space) is not provably secure, and in fact has had relatively little >> cryptographic review, AFAIK. I would be glad to be proven wrong on the >> second point. >> >> Thanks, >> Yaron >> >> On 01/07/2011 01:57 PM, Simon Josefsson wrote: >>> One way to mitigate the dictionary attack problem is to do PBKDF#2 >>> processing of the password before it hits TLS-PSK. >>> >>> However I agree that TLS-SRP have superior properties, and it is widely >>> implemented. There is no practical reason to prefer TLS-PSK over >>> TLS-PSK for password-based TLS authentication. One issue is that RFC >>> 5054 is Informational rather than Standards Track (same issue as for >>> TLS-OpenPGP), which is due to political reasons. >>> >>> /Simon >>> >>> Yaron Sheffer writes: >>> >>>> [Culling down the mailing lists] >>>> >>>> Hi Ben, >>>> >>>> No, RFC 4279 should not be used with (a hash of) human-memorable >>>> passwords, because it would be vulnerable to dictionary attacks. See >>>> http://tools.ietf.org/html/rfc4279#section-7.2. SRP, EKE and similar >>>> schemes should be used instead. >>>> >>>> Thanks, >>>> Yaron >>>> >>>> On 01/06/2011 05:31 PM, Ben Laurie wrote: >>>> [...] >>>> >>>>> >>>>> >>>>> Two comments (one really being a response to Roy): >>>>> >>>>> 1. The IETF has fixed the problem, but no-one is using the fix - perhaps >>>>> because it is not clear that it is the fix. I speak of RFC 4279, TLS >>>>> pre-shared keys. These could be derived from a hash of the password and >>>>> the site name, for example, and thus provide secure mutual >>>>> authentication despite password reuse. >>>>> >>>> [...] From tim-research@sentinelchicken.org Fri Jan 7 09:40:09 2011 Return-Path: X-Original-To: websec@core3.amsl.com Delivered-To: websec@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 6E2193A6920 for ; Fri, 7 Jan 2011 09:40:09 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.211 X-Spam-Level: X-Spam-Status: No, score=-2.211 tagged_above=-999 required=5 tests=[AWL=0.054, BAYES_00=-2.599, IP_NOT_FRIENDLY=0.334] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id iYxbRhChvSXa for ; Fri, 7 Jan 2011 09:40:08 -0800 (PST) Received: from sentinelchicken.org (mail.sentinelchicken.org [69.168.48.72]) by core3.amsl.com (Postfix) with ESMTP id 9915D3A68C5 for ; Fri, 7 Jan 2011 09:40:08 -0800 (PST) Received: (qmail 11445 invoked from network); 7 Jan 2011 17:44:41 -0000 Received: from unknown (HELO pascal.sentinelchicken.org) (10.81.64.2) by feynman.sentinelchicken.org with ESMTPS (DHE-RSA-AES256-SHA encrypted); 7 Jan 2011 17:44:41 -0000 Received: (qmail 26929 invoked from network); 7 Jan 2011 17:45:32 -0000 Received: from shannon.sentinelchicken.org (10.81.64.4) by pascal.sentinelchicken.org with SMTP; 7 Jan 2011 17:45:32 -0000 Received: (nullmailer pid 20253 invoked by uid 1000); Fri, 07 Jan 2011 17:42:13 -0000 Date: Fri, 7 Jan 2011 09:42:13 -0800 From: Tim To: Simon Josefsson Message-ID: <20110107174213.GA6792@sentinelchicken.org> References: <4D051731.1020400@isode.com> <2230EA03-32C5-4D34-BC6B-304E813BE3A7@gbiv.com> <4D26CDB5.3090303__44301.5923993245$1294388684$gmane$org@gmail.com> <87lj2xj592.fsf@latte.josefsson.org> <4D270DA1.7020408__25077.7970803485$1294405057$gmane$org@gmail.com> <874o9kiy7f.fsf@latte.josefsson.org> <4D2739B5.5060107@gmail.com> <87fwt4ejs9.fsf@latte.josefsson.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <87fwt4ejs9.fsf@latte.josefsson.org> User-Agent: Mutt/1.5.20 (2009-06-14) X-Mailman-Approved-At: Sat, 08 Jan 2011 10:46:17 -0800 Cc: "kitten@ietf.org" , "http-auth@ietf.org" , websec , "ietf-http-wg@w3.org Group" Subject: Re: [websec] [http-auth] HTTP authentication: the next generation X-BeenThere: websec@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Web Application Security Minus Authentication and Transport List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 07 Jan 2011 17:40:09 -0000 > One final addition here, the situation for PSK depends on the flavour > and whether you are talking about active or passive attackers. The > statement is true for plain PSK, but less so for DHE_PSK and RSA_PSK. > Section 7.2 of 4279: > > For the PSK ciphersuites, an attacker can get the information > required for an off-line attack by eavesdropping on a TLS handshake, > or by getting a valid client to attempt connection with the attacker > (by tricking the client to connect to the wrong address, or by > intercepting a connection attempt to the correct address, for > instance). > > For the DHE_PSK ciphersuites, an attacker can obtain the information > by getting a valid client to attempt connection with the attacker. > Passive eavesdropping alone is not sufficient. > > For the RSA_PSK ciphersuites, only the server (authenticated using > RSA and certificates) can obtain sufficient information for an > off-line attack. In the general case, I don't think it is useful to differentiate between passive and active attackers. Performing man-in-the-middle attacks is no more difficult (in a big-O sense) than performing passive attacks. In almost every modern network, these attacks require the same level of network access. Just a pet peeve of mine. cheers, tim From romeda@gmail.com Sat Jan 8 09:35:35 2011 Return-Path: X-Original-To: websec@core3.amsl.com Delivered-To: websec@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id B324D3A67B5; Sat, 8 Jan 2011 09:35:35 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -103.349 X-Spam-Level: X-Spam-Status: No, score=-103.349 tagged_above=-999 required=5 tests=[AWL=0.250, BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id K1de9OjHbzeT; Sat, 8 Jan 2011 09:35:34 -0800 (PST) Received: from mail-wy0-f172.google.com (mail-wy0-f172.google.com [74.125.82.172]) by core3.amsl.com (Postfix) with ESMTP id E3BA93A67AD; Sat, 8 Jan 2011 09:35:17 -0800 (PST) Received: by wyf23 with SMTP id 23so19276867wyf.31 for ; Sat, 08 Jan 2011 09:37:22 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:mime-version:received:in-reply-to :references:from:date:message-id:subject:to:cc:content-type :content-transfer-encoding; bh=K/xHYytBU+XmnS87+Mqw5HmwQyDfHfNbg8QAUiR6Wps=; b=FU7xxzQDcdWQZzLfDdqfAvH5LhwNpJwDoV5kMBUDLVRqgOtgxKKTgb6scom9ELoz5U TTUnuSDNxTuODZ0ZYkw4PPEB1/Ot7pTnPBnHfVpfQRaOQEPNhr+aVxRElpsF7dqxUPEL 2bsgcy/+LYq9A9JDJzhkxvmFOqzeQlzPCk0Z8= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type:content-transfer-encoding; b=gNBj6PYnDHrSnvc/htfrh9KcFkHuYGy9L16H7r83JLBiGwvaWyy+HhTTfx+0WR5UXs HnoZAXB8V/u5aA50esEsA1o+wr6xcDrbrPLaZ3BQq8t8JI83jyVDCHhRiAP+n7TcVTDM j0SN1HZkPd+tBnieT7PjD7bisA2tRMECNkIJk= Received: by 10.216.59.143 with SMTP id s15mr410638wec.49.1294508241087; Sat, 08 Jan 2011 09:37:21 -0800 (PST) MIME-Version: 1.0 Received: by 10.216.240.197 with HTTP; Sat, 8 Jan 2011 09:37:00 -0800 (PST) In-Reply-To: References: <4D02AF81.6000907@stpeter.im> <78BD0B98-0F20-478B-85F1-DBB45691EB0D@padl.com> <4D0479E3.4050508@gmail.com> <4D04D7D6.4090105@isode.com> <4D051731.1020400@isode.com> <2230EA03-32C5-4D34-BC6B-304E813BE3A7@gbiv.com> From: Blaine Cook Date: Sat, 8 Jan 2011 09:37:00 -0800 Message-ID: To: Phillip Hallam-Baker Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable X-Mailman-Approved-At: Sat, 08 Jan 2011 10:46:17 -0800 Cc: "apps-discuss@ietf.org" , David Morris , websec , "kitten@ietf.org" , "http-auth@ietf.org" , "saag@ietf.org" , "ietf-http-wg@w3.org Group" Subject: Re: [websec] [apps-discuss] [saag] [kitten] HTTP authentication: the next generation X-BeenThere: websec@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Web Application Security Minus Authentication and Transport List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 08 Jan 2011 17:35:35 -0000 Two points: 1. In this entire thread, no-one has mentioned OAuth. Maybe y'all don't like it, but it's used to authenticate more HTTP requests by volume and users than everything-except-cookies combined. You may want to consider the design of OAuth when proceeding with these discussions, rather than the laundry list of [completely] failed protocols. 2. With respect to federated auth, especially using email address-like identifiers, there has been a bevy of (deployed) work in this regard. The effort is called webfinger, and is worth a look. Instead of DNS, we use host-meta based HTTP lookups to dereference the identifiers. Many diaspora and status.net installs are using it today, and there are several proposals towards building a security & privacy infrastructure on top of webfinger (webid is one such proposal whose incorporation of client-side TLS certificates in a browser context makes me very weary of its potential for success). b. On 8 January 2011 08:21, Phillip Hallam-Baker wrote: > On Thu, Jan 6, 2011 at 1:16 PM, Ben Laurie wrote: >> >> On 6 January 2011 16:03, David Morris wrote: >> > >> > >> > On Thu, 6 Jan 2011, Ben Laurie wrote: >> > >> >> The answer to this problem is hard, since it brings us back to taking >> >> the UI >> >> out of the sites hands. >> > >> > Which is only helpful if you can somehow gaurantee that the user agent >> > software hasn't been compromised. Not something I'd bet on... >> >> That's rather overstating it. It's perfectly helpful when the UA >> software hasn't been compromised, which is a non-zero fraction of the >> time. >> >> When the UA s/w has been compromised I'm quite happy to fail to fix >> the problem: the right answer to that is to improve the robustness of >> the UA. > > +1 > If the UA is stuffed then the user is totally and utterly stuffed anyway. > In particular if the UA is stuffed then a forms based experience is just = as > stuffed. If we are going to hypothecate attack models people have to be > willing to apply them to their preferred solution too. > > The sensible approach is to work out how to stop the user from being stuf= fed > e.g. > =C2=A0* Comodo's free Anti-Virus with Default Deny Protection (TM) > =C2=A0* Use code signing + trustworthy computing > =C2=A0* Use a restricted browser > Now I have a lot of ideas on how we can tackle these, but they are not > relevant to this debate. > > I do however have a different take on the UI issue. > HTML forms did have an advantage over the pathetic UI that browsers provi= ded > for BASIC and DIGEST (most don't even tell the user which is in use). > But a federated auth scheme supported at the HTTP level could be simpler > still. Instead of the user having to register for each site, they registe= r > once. Instead of the user having to log in to each site they log in once = per > session. Instead of the site having to manage lost passwords and forgotte= n > accounts because the user has hundreds, this problem does not exist. > > It is a user interface crisis that is driving this need in my view. > > -- > Website: http://hallambaker.com/ > > > _______________________________________________ > apps-discuss mailing list > apps-discuss@ietf.org > https://www.ietf.org/mailman/listinfo/apps-discuss > > From zedshaw@zedshaw.com Sat Jan 8 11:47:45 2011 Return-Path: X-Original-To: websec@core3.amsl.com Delivered-To: websec@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 834943A6818; Sat, 8 Jan 2011 11:47:45 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: 0.352 X-Spam-Level: X-Spam-Status: No, score=0.352 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FH_HOST_EQ_D_D_D_D=0.765, FH_HOST_EQ_D_D_D_DB=0.888, HELO_MISMATCH_COM=0.553, HOST_MISMATCH_NET=0.311, IP_NOT_FRIENDLY=0.334, RDNS_DYNAMIC=0.1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gH1qQ8WU6rNZ; Sat, 8 Jan 2011 11:47:44 -0800 (PST) Received: from mail.zedshaw.com (67-207-134-146.slicehost.net [67.207.134.146]) by core3.amsl.com (Postfix) with ESMTP id 562A03A6814; Sat, 8 Jan 2011 11:47:43 -0800 (PST) Received: by mail.zedshaw.com (Postfix, from userid 1000) id 55D6D1D87C1; Sat, 8 Jan 2011 11:49:52 -0800 (PST) Date: Sat, 8 Jan 2011 11:49:52 -0800 From: "Zed A. Shaw" To: Blaine Cook Message-ID: <20110108194952.GS12542@zedshaw> Mail-Followup-To: "Zed A. Shaw" , Blaine Cook , Phillip Hallam-Baker , Ben Laurie , "apps-discuss@ietf.org" , David Morris , websec , "kitten@ietf.org" , "http-auth@ietf.org" , "saag@ietf.org" , "ietf-http-wg@w3.org Group" References: <4D04D7D6.4090105@isode.com> <4D051731.1020400@isode.com> <2230EA03-32C5-4D34-BC6B-304E813BE3A7@gbiv.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.21 (2010-09-15) X-Mailman-Approved-At: Sat, 08 Jan 2011 12:55:03 -0800 Cc: "apps-discuss@ietf.org" , David Morris , websec , "kitten@ietf.org" , "http-auth@ietf.org" , "saag@ietf.org" , "ietf-http-wg@w3.org Group" Subject: Re: [websec] [apps-discuss] [saag] [kitten] HTTP authentication: the next generation X-BeenThere: websec@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Web Application Security Minus Authentication and Transport List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 08 Jan 2011 20:18:07 -0000 On Sat, Jan 08, 2011 at 09:37:00AM -0800, Blaine Cook wrote: > Two points: > > 1. In this entire thread, no-one has mentioned OAuth. Maybe y'all > don't like it, but it's used to authenticate more HTTP requests by > volume and users than everything-except-cookies combined. You may want > to consider the design of OAuth when proceeding with these > discussions, rather than the laundry list of [completely] failed > protocols. I don't normally respond, just being a lurker, but this statement is competely wrong Blaine. OAuth may be used for more requests, but not more sites. It's used on a tiny number of sites, with OpenID being used on way many more, and even then, not nowhere near the number of websites that form based authentication and browser authentication methods. Don't equate twitter having a ton of traffic to OAuth being some kind of raving success, and sure as hell don't evaluate the technical merits of something by its popularity. > 2. With respect to federated auth, especially using email address-like > identifiers, there has been a bevy of (deployed) work in this regard. > The effort is called webfinger, and is worth a look. Instead of DNS, > we use host-meta based HTTP lookups to dereference the identifiers. > Many diaspora and status.net installs are using it today, and there > are several proposals towards building a security & privacy > infrastructure on top of webfinger (webid is one such proposal whose > incorporation of client-side TLS certificates in a browser context > makes me very weary of its potential for success). While I agree that TLS client side isn't going to work, none of the proposed authentication methods will work without a change to browsers to support a way for two websites to establish a session in the browser. If that feature existed you would cut down on a lot of the complexity of things like OpenID and OAuth. -- Zed A. Shaw http://zedshaw.com/ From marsh@extendedsubset.com Sat Jan 8 13:31:00 2011 Return-Path: X-Original-To: websec@core3.amsl.com Delivered-To: websec@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 05D5A3A683E; Sat, 8 Jan 2011 13:31:00 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.578 X-Spam-Level: X-Spam-Status: No, score=-2.578 tagged_above=-999 required=5 tests=[AWL=0.021, BAYES_00=-2.599] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id X4bPP+UTK2H0; Sat, 8 Jan 2011 13:30:58 -0800 (PST) Received: from mho-01-ewr.mailhop.org (mho-01-ewr.mailhop.org [204.13.248.71]) by core3.amsl.com (Postfix) with ESMTP id 493D93A683C; Sat, 8 Jan 2011 13:30:58 -0800 (PST) Received: from xs01.extendedsubset.com ([69.164.193.58]) by mho-01-ewr.mailhop.org with esmtpa (Exim 4.72) (envelope-from ) id 1PbgPH-000IjG-DU; Sat, 08 Jan 2011 21:33:03 +0000 Received: from [192.168.1.15] (localhost [127.0.0.1]) by xs01.extendedsubset.com (Postfix) with ESMTP id BB8EB603D; Sat, 8 Jan 2011 21:33:00 +0000 (UTC) X-Mail-Handler: MailHop Outbound by DynDNS X-Originating-IP: 69.164.193.58 X-Report-Abuse-To: abuse@dyndns.com (see http://www.dyndns.com/services/mailhop/outbound_abuse.html for abuse reporting information) X-MHO-User: U2FsdGVkX1/yNdr6BhRuIy23ofn2b5a1o+UJfu2Keao= Message-ID: <4D28D80B.2020006@extendedsubset.com> Date: Sat, 08 Jan 2011 15:32:59 -0600 From: Marsh Ray User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.13) Gecko/20101208 Thunderbird/3.1.7 MIME-Version: 1.0 To: Phillip Hallam-Baker References: <4D02AF81.6000907@stpeter.im> <78BD0B98-0F20-478B-85F1-DBB45691EB0D@padl.com> <4D0479E3.4050508@gmail.com> <4D04D7D6.4090105@isode.com> <4D051731.1020400@isode.com> <2230EA03-32C5-4D34-BC6B-304E813BE3A7@gbiv.com> In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Mailman-Approved-At: Sat, 08 Jan 2011 16:02:05 -0800 Cc: "apps-discuss@ietf.org" , "Roy T. Fielding" , websec , Robert Sayre , "kitten@ietf.org" , "http-auth@ietf.org" , "saag@ietf.org" , "ietf-http-wg@w3.org Group" Subject: Re: [websec] [http-auth] [saag] [kitten] HTTP authentication: the next generation X-BeenThere: websec@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Web Application Security Minus Authentication and Transport List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 08 Jan 2011 21:31:00 -0000 On 01/08/2011 10:07 AM, Phillip Hallam-Baker wrote: > I think that Ben is right that we are solving the wrong problem. I think Ben is nearly always right. :-) But let me toss out a different perspective. I'll try carefully and hope that this doesn't come across as trolling, but it is a bit contrarian (hopefully in a good way). > The problem is that users are asked to maintain accounts at literally > HUNDREDS of accounts. > > And some cretins, some utter morons, some bog-brained berks think it is > reasonable to tell the user to have a different password for every one! Such users have asked to do business with hundreds of entities, so at least something is working right. The user is free to use the same password everywhere (more convenient), or use a different password at every site (more secure). Many users like to set up "domains of password re-use" among several like-sites. The user is free to decide the point on the trade-off that works for them. I use a different password for everything. I write them down on blank business cards and keep them physically secure. I have taught some small children to use this scheme and they have no trouble with it. Most web browsers and sites remember the passwords anyway so the paper is really just backup. > I can't remember the account names, the password is easy as I only had > one (for non financial) - until those cretins at Gawker screwed up. Now > I have to reset my password at all those places. So you had decided on a coarse-grained scheme: financial and non-financial. Seems reasonable on the surface. Say you have a dozen sites across which you share a password. These sites are really secure - let's estimate the probability that each one will be breached or compromised or you will accidentally login unencrypted from a public internet location is only 1 in 10 per year. Hey a 90% success rate isn't bad, right? But the probability that they will all succeed is 0.9^12 = 28% over a year. Expect to be changing that password every few months. In the case of "HUNDREDS of accounts", 0.9^200 = 0.000000001. Well, those of the sort of odds you're supposed to serve the attacker, not yourself. > We have to solve the federated auth problem and it is really, really easy: No, it borders on the impossible. > Account Name is the RFC 821/822 email address. > > This is what the Web has started to adopt of its own accord as a > user account identifier. It is the only one that people can remember > reliably. Which is why everyone just has one email address? Come on, most people have several. And often they do so for a reason, it's not just that people get new ISPs or switch for new features all the time. I train my kids to lie about their names and ages when they do stuff online. They don't have emails. You don't have a personal email and a work email at least? > Authentication service is resolved via DNS service lookup > i.e. SRV or similar. I can show people how to fix up the issues to > do with use of non-canonical names. [skipping a bunch of technical stuff] > I know that you can achieve some of the desired authentication > properties with public keys at the client. The problem is that our > current use of computers has gone way beyond the one-machine-per-person > paradigm > On a recent trip to Europe with the family I counted that we had 10 > computers with us capable of supporting IP (3 laptops, 3 iPhones, 2 > Nintendos, 1 iPad and a kindle). It was only a brief period in the history of computing that might have ever been true anyway. Before networks "user identity" hardly mattered. Immediately after networks, we got heterogeneous networks. As soon as heterogeneous networks arrived, we got single sign-on. I think the deeper problem today is that most people looking at the issue are coming from the service provider side. Their job is made greatly simpler if they can assume 1 user = 1 person = 1 email etc. So they make this assumption as much as they can get away with it. But the reality is that people don't work that way. Historically, people have had multiple identities and they presented themselves differently to different parties. This is intentional and it's not duplicitous, its part of normal social interaction. When you discuss business matters at work you give out a business card with a business phone number and address on it. When you meet people at church or school, you give people your home phone. Your home phone and address were the ones printed in the directory. So the fact that "a person" has more than one "device" is not the big problem (that's actually sometimes a desperate solution from the perspective of the user). The problem for the service provider is that they don't want to give up the simplifying assumption (and the behavioral tracking it enables) that a real person represents an atomic unit of identity. Aside from the brittleness of their security, this is one reason why centralized identity, top-down federated authentication and single-sign-on schemes are not a good plan for the web. They don't accurately model the problem domain. These schemes originated for use in corporate and university settings which, at the end of the day, have all of the protected resources owned by a single party. The universal ritual for everyone's first day at a new job is the granting of a new username, password, and email identity for use in that specific context. So single sign-on was designed so that one person could be granted access to, say, the file server, email, printer, and maybe the phone system, all within the restricted context of their "employee-ness" at one specific company. Even though multiple systems are involved, it's still fundamentally a one-to-one relationship between two identities, the person-as-employee and the company-as-employer. This doesn't map to the web with multiple persons each needing to control the mapping of their own multiple identities to multiple corporations. I don't want to pull out my US State Department-issued passport in order to leave a comment on some random blog or log into an online game. I don't want to use any of my gmail addresses for that either. Bad things happen when you force-fit the wrong model on to the design. Security and privacy are always the first to go. (Somewhere I saw the other day somebody seriously proposing using Facebook as a centralized identity authority.) More subtly, people find the system harder to use, and overall they just don't like it or trust it as much. People won't use it, or they'll use it and not like it, or they won't use it as much, or they'll figure out a way to defeat it. > Cardspace has some really, really great properties but they are totally > lost when you try to make the service accessible from multiple machines > by putting it 'in the cloud'. In fact, other than a manager, I have > never found anyone who reven thinks they know what they mean by 'in the > cloud' for CardSpace. I certainly have never seen an explanation I can > understand. Cloud is largely an experiment in making unwarranted assumptions about identity in the other direction: between the corporation and their devices. > Devices get lost. Devices get stolen. My impression is that lost and stolen devices are significant, but they're by far not the biggest security issue on the web. > We don't want to encourage that so > there needs to be something more than just a certificate based client > auth scheme. > > I think we need some form of centralized (for given account) account > management in the mix so that the user can authorize/deauthorize devices > for use (c.f. Amazon's Kindle account management) You're not going to create everybody's favorite web authentication infrastructure if it has the goal of controlling people use of their own devices. > So there are basically two architectural options for using public key. > One is to use it strictly between the client and the auth service and > use a token like approach as discussed above. Another is for the auth > service to issue an assertion of the form 'you can tell its fred by this > public key (amongst others)'. > SAML already has support for both approaches BTW. Forget the wants of corporations and websites, they exist only because of their customers and users who outnumber them a millionfold. Forget mechanisms for now, those are simple engineering once the problem is stated correctly. What do people want to do? What would they want to do if they knew to ask for it? How can we help them do it in the most secure way possible? How can we give people the tools to manage their own identities and make their own security-convenience trade-offs in the most informed way? Regards, - Marsh From romeda@gmail.com Sat Jan 8 17:27:45 2011 Return-Path: X-Original-To: websec@core3.amsl.com Delivered-To: websec@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 878EC28C157; Sat, 8 Jan 2011 17:27:45 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -104.349 X-Spam-Level: X-Spam-Status: No, score=-104.349 tagged_above=-999 required=5 tests=[AWL=-0.750, BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1CHuczRPWZBj; Sat, 8 Jan 2011 17:27:43 -0800 (PST) Received: from mail-ww0-f44.google.com (mail-ww0-f44.google.com [74.125.82.44]) by core3.amsl.com (Postfix) with ESMTP id 716E728C0D8; Sat, 8 Jan 2011 17:27:42 -0800 (PST) Received: by wwa36 with SMTP id 36so18596520wwa.13 for ; Sat, 08 Jan 2011 17:29:51 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:mime-version:received:in-reply-to :references:from:date:message-id:subject:to:content-type :content-transfer-encoding; bh=afxLGSrBPz4bvHwp6VG7sozjob/7t1YO0xeVPH7/4wU=; b=LAQdyT9SddL8nJPhVQM29j6ZoZWBU/E9RdL3dcQirexwAxBPozXDZ7R8vOxplF5rDX pFjcIvOVsoXraVaAoigoriOzby1Vb5bpOibBUZFxefgem0XrfG3Rn9ZgZZb3HPJCgqNi R8mjqJHHWIO0driOK5UwZbhB8m9IcGUiv4KRQ= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :content-type:content-transfer-encoding; b=W00D/vRaeMJ9JFN6mWMx9sDgFjHR+OAwMhDTnEtxnjcdIaIr5rkVlZ7DByNvMeDYzG 5/zSOQnpfLw3pRace51aLC/URn3bISpnzt4Im8calKLP9JFUc4/cInuXHJkc/AsqHLnA Cp3q0SjBiSJ/ix2U6AtTOIZ27Ltj1Pjqyu1Q0= Received: by 10.216.142.101 with SMTP id h79mr26233429wej.49.1294536590896; Sat, 08 Jan 2011 17:29:50 -0800 (PST) MIME-Version: 1.0 Received: by 10.216.240.197 with HTTP; Sat, 8 Jan 2011 17:29:29 -0800 (PST) In-Reply-To: <20110108194952.GS12542@zedshaw> References: <4D04D7D6.4090105@isode.com> <4D051731.1020400@isode.com> <2230EA03-32C5-4D34-BC6B-304E813BE3A7@gbiv.com> <20110108194952.GS12542@zedshaw> From: Blaine Cook Date: Sat, 8 Jan 2011 17:29:29 -0800 Message-ID: To: "Zed A. Shaw" , Blaine Cook , Phillip Hallam-Baker , Ben Laurie , "apps-discuss@ietf.org" , David Morris , websec , "kitten@ietf.org" , "http-auth@ietf.org" , "saag@ietf.org" , "ietf-http-wg@w3.org Group" Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable X-Mailman-Approved-At: Sun, 09 Jan 2011 04:23:22 -0800 Subject: Re: [websec] [apps-discuss] [saag] [kitten] HTTP authentication: the next generation X-BeenThere: websec@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Web Application Security Minus Authentication and Transport List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 09 Jan 2011 01:27:45 -0000 On 8 January 2011 11:49, Zed A. Shaw wrote: > On Sat, Jan 08, 2011 at 09:37:00AM -0800, Blaine Cook wrote: > I don't normally respond, just being a lurker, but this statement is > competely wrong Blaine. =C2=A0OAuth may be used for more requests, but no= t > more sites. =C2=A0It's used on a tiny number of sites, with OpenID being = used > on way many more, and even then, not nowhere near the number of websites > that form based authentication and browser authentication methods. > > Don't equate twitter having a ton of traffic to OAuth being some kind of > raving success, and sure as hell don't evaluate the technical merits of > something by its popularity. Agreed - though, facebook is also using oauth-based (not 1.0, but essentially the same approach) logins, and there are a number of other sites that do provide oauth-based login infrastructure. Moreover, the nudge towards oauth is intended with the movement towards a new auth infrastructure in mind. We'd need some kind of discovery / negotiation mechanism on top to make it not the one-or-two-companies-own-the-web play that login-over-oauth is now. (c.f. OpenID Connect). b. > While I agree that TLS client side isn't going to work, none of the > proposed authentication methods will work without a change to browsers > to support a way for two websites to establish a session in the browser. > If that feature existed you would cut down on a lot of the complexity of > things like OpenID and OAuth. Again, agreed. ;-) for the record, I don't think that OAuth itself is a suitable replacement for HTTP authorisation, but wanted to stir the pot, especially away from overwrought technical solutions that don't actually solve anyone's needs. b. From benl@google.com Sun Jan 9 06:19:41 2011 Return-Path: X-Original-To: websec@core3.amsl.com Delivered-To: websec@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id E43E03A69B9 for ; Sun, 9 Jan 2011 06:19:41 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -104.255 X-Spam-Level: X-Spam-Status: No, score=-104.255 tagged_above=-999 required=5 tests=[AWL=-1.278, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, RCVD_IN_DNSWL_LOW=-1, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3pB11vZ4ybn8 for ; Sun, 9 Jan 2011 06:19:41 -0800 (PST) Received: from smtp-out.google.com (smtp-out.google.com [216.239.44.51]) by core3.amsl.com (Postfix) with ESMTP id 6FD923A69B1 for ; Sun, 9 Jan 2011 06:19:40 -0800 (PST) Received: from wpaz21.hot.corp.google.com (wpaz21.hot.corp.google.com [172.24.198.85]) by smtp-out.google.com with ESMTP id p09DiELc027793 for ; Sun, 9 Jan 2011 05:44:14 -0800 DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d=google.com; s=beta; t=1294580654; bh=/mk8a9m6BHBI1j9A8YYpAAJT3g0=; h=MIME-Version:In-Reply-To:References:Date:Message-ID:Subject:From: To:Cc:Content-Type:Content-Transfer-Encoding; b=rBd7e5LDKWOIj5qUWv3wG0oA2pnQGelokPC4sYnssr7Zzj8vz/Z6UYrf25BqbH1/I wOBB+UrZDr/XjglaTzg2Q== Received: from vws9 (vws9.prod.google.com [10.241.21.137]) by wpaz21.hot.corp.google.com with ESMTP id p09DiCWh019485 for ; Sun, 9 Jan 2011 05:44:13 -0800 Received: by vws9 with SMTP id 9so7678484vws.13 for ; Sun, 09 Jan 2011 05:44:12 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=beta; h=domainkey-signature:mime-version:received:received:in-reply-to :references:date:message-id:subject:from:to:cc:content-type :content-transfer-encoding; bh=ZRWqqE2GC4FvKBmajUqrY7ravsT74mc/cg/K4kzh7cM=; b=GcGbegD1O4aILaEJyw/n4kMpuLQjeb5LMacygSf0Zp49ph4nEnffspaTdOBCTWDX8Y A1EW0TKeMxpuyF7lmcZg== DomainKey-Signature: a=rsa-sha1; c=nofws; d=google.com; s=beta; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; b=WX+kK4B4G3HeErl5S2/G/I1bA3Ykj3FXsZiU9f1dd+V96cJhNoRJYYontlCDmNFKW/ qNFiploG2G8enySMzZHg== MIME-Version: 1.0 Received: by 10.220.202.131 with SMTP id fe3mr8379018vcb.183.1294580652479; Sun, 09 Jan 2011 05:44:12 -0800 (PST) Received: by 10.220.88.137 with HTTP; Sun, 9 Jan 2011 05:44:12 -0800 (PST) In-Reply-To: References: <4D04D7D6.4090105@isode.com> <4D051731.1020400@isode.com> <2230EA03-32C5-4D34-BC6B-304E813BE3A7@gbiv.com> <20110108194952.GS12542@zedshaw> Date: Sun, 9 Jan 2011 13:44:12 +0000 Message-ID: From: Ben Laurie To: Blaine Cook Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable X-System-Of-Record: true X-Mailman-Approved-At: Sun, 09 Jan 2011 09:01:36 -0800 Cc: "apps-discuss@ietf.org" , David Morris , websec , "kitten@ietf.org" , "Zed A. Shaw" , "http-auth@ietf.org" , "saag@ietf.org" , "ietf-http-wg@w3.org Group" Subject: Re: [websec] [apps-discuss] [saag] [kitten] HTTP authentication: the next generation X-BeenThere: websec@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Web Application Security Minus Authentication and Transport List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 09 Jan 2011 14:19:42 -0000 On 9 January 2011 01:29, Blaine Cook wrote: > On 8 January 2011 11:49, Zed A. Shaw wrote: >> On Sat, Jan 08, 2011 at 09:37:00AM -0800, Blaine Cook wrote: >> I don't normally respond, just being a lurker, but this statement is >> competely wrong Blaine. =A0OAuth may be used for more requests, but not >> more sites. =A0It's used on a tiny number of sites, with OpenID being us= ed >> on way many more, and even then, not nowhere near the number of websites >> that form based authentication and browser authentication methods. >> >> Don't equate twitter having a ton of traffic to OAuth being some kind of >> raving success, and sure as hell don't evaluate the technical merits of >> something by its popularity. > > Agreed - though, facebook is also using oauth-based (not 1.0, but > essentially the same approach) logins, and there are a number of other > sites that do provide oauth-based login infrastructure. > > Moreover, the nudge towards oauth is intended with the movement > towards a new auth infrastructure in mind. We'd need some kind of > discovery / negotiation mechanism on top to make it not the > one-or-two-companies-own-the-web play that login-over-oauth is now. > (c.f. OpenID Connect). > > b. > >> While I agree that TLS client side isn't going to work, none of the >> proposed authentication methods will work without a change to browsers >> to support a way for two websites to establish a session in the browser. >> If that feature existed you would cut down on a lot of the complexity of >> things like OpenID and OAuth. > > Again, agreed. ;-) > > for the record, I don't think that OAuth itself is a suitable > replacement for HTTP authorisation, but wanted to stir the pot, > especially away from overwrought technical solutions that don't > actually solve anyone's needs. Towards ones that are ripe for phishing and have no privacy protections? I don't believe that's a good direction. From romeda@gmail.com Sun Jan 9 08:49:58 2011 Return-Path: X-Original-To: websec@core3.amsl.com Delivered-To: websec@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 92D3E3A677E; Sun, 9 Jan 2011 08:49:58 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -104.682 X-Spam-Level: X-Spam-Status: No, score=-104.682 tagged_above=-999 required=5 tests=[AWL=-1.083, BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id E-915Pk+xrKV; Sun, 9 Jan 2011 08:49:57 -0800 (PST) Received: from mail-wy0-f172.google.com (mail-wy0-f172.google.com [74.125.82.172]) by core3.amsl.com (Postfix) with ESMTP id 806623A6816; Sun, 9 Jan 2011 08:49:56 -0800 (PST) Received: by wyf23 with SMTP id 23so19771279wyf.31 for ; Sun, 09 Jan 2011 08:52:06 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:mime-version:received:in-reply-to :references:from:date:message-id:subject:to:cc:content-type; bh=WIm+nFsAde/ye4Tom3yY4aVsYWqIxOmEG0wpwlytdzI=; b=Clwy4B80sy6LoL3fprCaKqTJWjn5jUnpqvWX13saEtPhxSf5b7x8DxNHBQSjcDcjCd lfcG5pVl93HS5iW0GIedlgBOnavigJXk4i2/IydnDkOElogTRR0AhkBJJLExNslRhjcb 3VhXaddZVP6P01QaxCJX/3QLZLRMHhtPUbNbY= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type; b=SCyIoxVnZRbGdpwm6boOG67l5B48h3JNw3U4Qv7Uwv2Fgk2Zdex0rweQm3owUIDeF7 p6Z+OnAy9Cb1o11hDx+iBjjsxaDOGtwHOfDokx3hRjYxfdoNN0LQ+E37lyu16j3Dhpyk refSLACQIk5R32y/JZB1jn0f41uSaOrFKq+z4= Received: by 10.216.177.9 with SMTP id c9mr26823431wem.34.1294591283468; Sun, 09 Jan 2011 08:41:23 -0800 (PST) MIME-Version: 1.0 Received: by 10.216.240.197 with HTTP; Sun, 9 Jan 2011 08:40:54 -0800 (PST) In-Reply-To: References: <4D04D7D6.4090105@isode.com> <4D051731.1020400@isode.com> <2230EA03-32C5-4D34-BC6B-304E813BE3A7@gbiv.com> <20110108194952.GS12542@zedshaw> From: Blaine Cook Date: Sun, 9 Jan 2011 08:40:54 -0800 Message-ID: To: Ben Laurie Content-Type: text/plain; charset=UTF-8 X-Mailman-Approved-At: Sun, 09 Jan 2011 09:01:36 -0800 Cc: "apps-discuss@ietf.org" , David Morris , websec , "kitten@ietf.org" , "Zed A. Shaw" , "http-auth@ietf.org" , "saag@ietf.org" , "ietf-http-wg@w3.org Group" Subject: Re: [websec] [apps-discuss] [saag] [kitten] HTTP authentication: the next generation X-BeenThere: websec@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Web Application Security Minus Authentication and Transport List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 09 Jan 2011 16:49:58 -0000 > Towards ones that are ripe for phishing and have no privacy > protections? I don't believe that's a good direction. *shrug* If the alternative is Facebook handling everyone's logins, it can't get much worse, can it? b. From john-ietf@jck.com Sun Jan 9 10:19:58 2011 Return-Path: X-Original-To: websec@core3.amsl.com Delivered-To: websec@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 261273A67DF; Sun, 9 Jan 2011 10:19:58 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -103.091 X-Spam-Level: X-Spam-Status: No, score=-103.091 tagged_above=-999 required=5 tests=[AWL=-0.492, BAYES_00=-2.599, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zf1MTOuKT715; Sun, 9 Jan 2011 10:19:57 -0800 (PST) Received: from bs.jck.com (ns.jck.com [209.187.148.211]) by core3.amsl.com (Postfix) with ESMTP id A1B653A67D4; Sun, 9 Jan 2011 10:19:56 -0800 (PST) Received: from [127.0.0.1] (helo=localhost) by bs.jck.com with esmtp (Exim 4.34) id 1Pbzu1-0009d1-SY; Sun, 09 Jan 2011 13:22:06 -0500 Date: Sun, 09 Jan 2011 13:22:04 -0500 From: John C Klensin To: Marsh Ray Message-ID: In-Reply-To: <4D28D80B.2020006@extendedsubset.com> References: <4D02AF81.6000907@stpeter.im> <78BD0B98-0F20-478B-85F1-DBB45691EB0D@padl.com> <4D0479E3.4050508@gmail.com> <4D04D7D6.4090105@isode.com> <4D051731.1020400@isode.com> <2230EA03-32C5-4D34-BC6B-304E813BE3A7@gbiv.com> <4D28D80B.2020006@extendedsubset.com> X-Mailer: Mulberry/4.0.8 (Win32) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Content-Disposition: inline X-Mailman-Approved-At: Sun, 09 Jan 2011 12:00:48 -0800 Cc: apps-discuss@ietf.org, "Roy T. Fielding" , websec , Robert Sayre , kitten@ietf.org, http-auth@ietf.org, saag@ietf.org, "ietf-http-wg@w3.org Group" Subject: Re: [websec] [apps-discuss] [http-auth] [saag] [kitten] HTTP authentication: the next generation X-BeenThere: websec@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Web Application Security Minus Authentication and Transport List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 09 Jan 2011 18:19:58 -0000 --On Saturday, January 08, 2011 15:32 -0600 Marsh Ray wrote: > On 01/08/2011 10:07 AM, Phillip Hallam-Baker wrote: >> I think that Ben is right that we are solving the wrong >> problem. > > I think Ben is nearly always right. :-) > > But let me toss out a different perspective. I'll try > carefully and hope that this doesn't come across as trolling, > but it is a bit contrarian (hopefully in a good way). >... Well, actually, I think this is constructive, useful, and rather nicely describes the other side of the problem. I would add that one important variation on "Person = Identity = Email address" has historically involved the use of subaddresses. Not only do they help considerably with mail management (pretty much their original purpose) but they provide an additional (weak but convenient) measure against email fraud and identify theft attempts (if I know that mail from my bank is going to be addressed to "john+12345@example.com" because that is the only address they have, then it is pretty clear where mail that supposedly comes from them but is addressed to "john+LargeRetailer@example.com" should be routed. Obviously, if an address that is used for only one vendor or correspondent gets into the hands of a spammer, it is lots easier to fix that problem as well. Address-per-correspondent also makes password-per-correspondent much easier too. Lots of web sites and providers have been really resistant to that approach. I had assumed before this that the problem was just stupidity, but parts of your comments could be expanded to lead to the inference that having me use more than one address is not in their interests. Whatever becomes of that tradeoff, the IETF should not, IMO, be doing things that encourage them in directions that reduce our privacy and ability to control our identities. >... > Which is why everyone just has one email address? Come on, > most people have several. And often they do so for a reason, > it's not just that people get new ISPs or switch for new > features all the time. I train my kids to lie about their > names and ages when they do stuff online. They don't have > emails. > > You don't have a personal email and a work email at least? >... exactly. with the emphasis on "at least" >... > Bad things happen when you force-fit the wrong model on to the > design. Security and privacy are always the first to go. > (Somewhere I saw the other day somebody seriously proposing > using Facebook as a centralized identity authority.) More > subtly, people find the system harder to use, and overall they > just don't like it or trust it as much. People won't use it, > or they'll use it and not like it, or they won't use it as > much, or they'll figure out a way to defeat it. Indeed. In all of the really significant cases, probably the latter. If I had a nickel for every sticky note with a password (sometimes slightly-disguised) stuck to a screen... But those notes are precisely a workaround for "you have to change your password frequently, you can't share passwords between systems, and we will insist by various means that you passwords are strong and that a given password is not obviously derivable from its predecessors" policies. >... john From benl@google.com Sun Jan 9 11:19:27 2011 Return-Path: X-Original-To: websec@core3.amsl.com Delivered-To: websec@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id EBC473A67D4 for ; Sun, 9 Jan 2011 11:19:27 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -103.807 X-Spam-Level: X-Spam-Status: No, score=-103.807 tagged_above=-999 required=5 tests=[AWL=-0.830, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, RCVD_IN_DNSWL_LOW=-1, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xzTVLJz871LF for ; Sun, 9 Jan 2011 11:19:27 -0800 (PST) Received: from smtp-out.google.com (smtp-out.google.com [74.125.121.67]) by core3.amsl.com (Postfix) with ESMTP id CE8573A6833 for ; Sun, 9 Jan 2011 11:19:26 -0800 (PST) Received: from hpaq1.eem.corp.google.com (hpaq1.eem.corp.google.com [172.25.149.1]) by smtp-out.google.com with ESMTP id p09JLbTr014152 for ; Sun, 9 Jan 2011 11:21:37 -0800 DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d=google.com; s=beta; t=1294600897; bh=P5fHISLk/lO2e3DNf66/oc7YEsw=; h=MIME-Version:In-Reply-To:References:Date:Message-ID:Subject:From: To:Content-Type:Content-Transfer-Encoding; b=Uqzl+VVDOfxAdlWsmDj8AOw2YkL8Vo7mZdNEj3JQyJxCP/wAWNt2i9KK2wyLYR/1T TWFz1PypiODDfVKfjIn7g== Received: from vws13 (vws13.prod.google.com [10.241.21.141]) by hpaq1.eem.corp.google.com with ESMTP id p09JLZ47015942 for ; Sun, 9 Jan 2011 11:21:36 -0800 Received: by vws13 with SMTP id 13so7400040vws.39 for ; Sun, 09 Jan 2011 11:21:35 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=beta; h=domainkey-signature:mime-version:received:received:in-reply-to :references:date:message-id:subject:from:to:content-type :content-transfer-encoding; bh=huqt9woLFjVdG0rNeZu+5K/N6b16t1pAHbnnc7jOhbE=; b=sDgpLwAvCSPX/1UhP1lfxPZeJThR7bpM+mQosqvme2HLR0gXUfChWxoo1RAN4X70ik A6mw1b4SxGFWnvfPfp+w== DomainKey-Signature: a=rsa-sha1; c=nofws; d=google.com; s=beta; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type:content-transfer-encoding; b=PcgNAAYdrsTihx9s+Vw7rPx3d7e6QjPs3bRNsD0aOk3tvZrb869ZxPlOzLtgTVgSEK XRAZf2E+CitZ3OWQwfBA== MIME-Version: 1.0 Received: by 10.220.200.13 with SMTP id eu13mr8472527vcb.148.1294600895187; Sun, 09 Jan 2011 11:21:35 -0800 (PST) Received: by 10.220.88.137 with HTTP; Sun, 9 Jan 2011 11:21:34 -0800 (PST) In-Reply-To: <20110109183236.GZ12542@zedshaw> References: <2230EA03-32C5-4D34-BC6B-304E813BE3A7@gbiv.com> <20110108194952.GS12542@zedshaw> <20110109183236.GZ12542@zedshaw> Date: Sun, 9 Jan 2011 19:21:34 +0000 Message-ID: From: Ben Laurie To: "Zed A. Shaw" , Ben Laurie , Blaine Cook , Phillip Hallam-Baker , "apps-discuss@ietf.org" , David Morris , websec , "kitten@ietf.org" , "http-auth@ietf.org" , "saag@ietf.org" , "ietf-http-wg@w3.org Group" Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable X-System-Of-Record: true X-Mailman-Approved-At: Sun, 09 Jan 2011 12:00:48 -0800 Subject: Re: [websec] [apps-discuss] [saag] [kitten] HTTP authentication: the next generation X-BeenThere: websec@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Web Application Security Minus Authentication and Transport List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 09 Jan 2011 19:19:28 -0000 On 9 January 2011 18:32, Zed A. Shaw wrote: > On Sun, Jan 09, 2011 at 01:44:12PM +0000, Ben Laurie wrote: >> > for the record, I don't think that OAuth itself is a suitable >> > replacement for HTTP authorisation, but wanted to stir the pot, >> > especially away from overwrought technical solutions that don't >> > actually solve anyone's needs. >> >> Towards ones that are ripe for phishing and have no privacy >> protections? I don't believe that's a good direction. > > Ripe for phishing? =A0I must have missed a whole conversation in all this > cross posting, because last I checked none of the proposed solutions > prevent phishing. > > If you can phish one site you can phish another. =A0It's not the sites or > the protocol that causes phishing, or whether you've got a billion > redirects or diffie-helman to the hilt. =A0OpenID or Oauth or > plain-old-form-auth don't prevent or cause phishing. > > What causes phishing is users have no idea that two websites are > different. Whilst I do not disagree with this claim, you are wrong. There are protocols which effectively prevent phishing - so long as password entry is done in an unspoofable UI. I am sure that you will respond that UI can be spoofed as easily as a website can be, and I'm almost ready to agree with that, given that we still don't have a good answer to that, however, my one small ray of hope in this regard is that there's only one UI we need to make unspoofable as opposed to a million websites. And, what's more, we don't really need to invoke it every time a user logs in to a website - really what we want is for the user to authenticate to their device and have the device handle the rest. OpenID and OAuth are particularly nasty, even by today's standards, because they provide a trivial route for the phisher to do a perfect MitM attack on the IdP. From zedshaw@zedshaw.com Sun Jan 9 12:14:17 2011 Return-Path: X-Original-To: websec@core3.amsl.com Delivered-To: websec@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 25F773A681D; Sun, 9 Jan 2011 12:14:17 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.017 X-Spam-Level: X-Spam-Status: No, score=-1.017 tagged_above=-999 required=5 tests=[AWL=-1.369, BAYES_00=-2.599, FH_HOST_EQ_D_D_D_D=0.765, FH_HOST_EQ_D_D_D_DB=0.888, HELO_MISMATCH_COM=0.553, HOST_MISMATCH_NET=0.311, IP_NOT_FRIENDLY=0.334, RDNS_DYNAMIC=0.1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SnMopMB45VYx; Sun, 9 Jan 2011 12:14:16 -0800 (PST) Received: from mail.zedshaw.com (67-207-134-146.slicehost.net [67.207.134.146]) by core3.amsl.com (Postfix) with ESMTP id 3E8FE3A6810; Sun, 9 Jan 2011 12:14:16 -0800 (PST) Received: by mail.zedshaw.com (Postfix, from userid 1000) id 864A91D87C1; Sun, 9 Jan 2011 12:16:27 -0800 (PST) Date: Sun, 9 Jan 2011 12:16:27 -0800 From: "Zed A. Shaw" To: Ben Laurie Message-ID: <20110109201627.GC12542@zedshaw> Mail-Followup-To: "Zed A. Shaw" , Ben Laurie , Blaine Cook , Phillip Hallam-Baker , "apps-discuss@ietf.org" , David Morris , websec , "kitten@ietf.org" , "http-auth@ietf.org" , "saag@ietf.org" , "ietf-http-wg@w3.org Group" References: <20110108194952.GS12542@zedshaw> <20110109183236.GZ12542@zedshaw> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.21 (2010-09-15) X-Mailman-Approved-At: Sun, 09 Jan 2011 12:27:56 -0800 Cc: "apps-discuss@ietf.org" , David Morris , websec , "kitten@ietf.org" , "http-auth@ietf.org" , "saag@ietf.org" , "ietf-http-wg@w3.org Group" Subject: Re: [websec] [apps-discuss] [saag] [kitten] HTTP authentication: the next generation X-BeenThere: websec@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Web Application Security Minus Authentication and Transport List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 09 Jan 2011 20:14:17 -0000 On Sun, Jan 09, 2011 at 07:21:34PM +0000, Ben Laurie wrote: > Whilst I do not disagree with this claim, you are wrong. There are > protocols which effectively prevent phishing - so long as password > entry is done in an unspoofable UI. Alright, to avoid any "violent agreement", can you point me at any documentation you have on your proposed solution? -- Zed A. Shaw http://zedshaw.com/ From marsh@extendedsubset.com Sun Jan 9 13:05:34 2011 Return-Path: X-Original-To: websec@core3.amsl.com Delivered-To: websec@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id F29593A6845; Sun, 9 Jan 2011 13:05:33 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.278 X-Spam-Level: X-Spam-Status: No, score=-2.278 tagged_above=-999 required=5 tests=[AWL=-0.279, BAYES_00=-2.599, J_CHICKENPOX_23=0.6] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RF7L6vdLdzC4; Sun, 9 Jan 2011 13:05:33 -0800 (PST) Received: from mho-01-ewr.mailhop.org (mho-01-ewr.mailhop.org [204.13.248.71]) by core3.amsl.com (Postfix) with ESMTP id 1441E3A682A; Sun, 9 Jan 2011 13:05:33 -0800 (PST) Received: from xs01.extendedsubset.com ([69.164.193.58]) by mho-01-ewr.mailhop.org with esmtpa (Exim 4.72) (envelope-from ) id 1Pc2UI-000AWy-T8; Sun, 09 Jan 2011 21:07:43 +0000 Received: from [192.168.1.15] (localhost [127.0.0.1]) by xs01.extendedsubset.com (Postfix) with ESMTP id 02A48603E; Sun, 9 Jan 2011 21:07:39 +0000 (UTC) X-Mail-Handler: MailHop Outbound by DynDNS X-Originating-IP: 69.164.193.58 X-Report-Abuse-To: abuse@dyndns.com (see http://www.dyndns.com/services/mailhop/outbound_abuse.html for abuse reporting information) X-MHO-User: U2FsdGVkX1+pKk0IBf7xKDzPcNEDSwquAheGbBpfV5Q= Message-ID: <4D2A239C.6040801@extendedsubset.com> Date: Sun, 09 Jan 2011 15:07:40 -0600 From: Marsh Ray User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.13) Gecko/20101208 Thunderbird/3.1.7 MIME-Version: 1.0 To: "Zed A. Shaw" , Ben Laurie , Blaine Cook , Phillip Hallam-Baker , "apps-discuss@ietf.org" , David Morris , websec , "kitten@ietf.org" , "http-auth@ietf.org" , "saag@ietf.org" , "ietf-http-wg@w3.org Group" References: <20110108194952.GS12542@zedshaw> <20110109183236.GZ12542@zedshaw> <20110109201627.GC12542@zedshaw> In-Reply-To: <20110109201627.GC12542@zedshaw> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Mailman-Approved-At: Sun, 09 Jan 2011 13:15:37 -0800 Subject: Re: [websec] [apps-discuss] [saag] [kitten] HTTP authentication: the next generation X-BeenThere: websec@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Web Application Security Minus Authentication and Transport List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 09 Jan 2011 21:05:34 -0000 On 01/09/2011 02:16 PM, Zed A. Shaw wrote: > On Sun, Jan 09, 2011 at 07:21:34PM +0000, Ben Laurie wrote: >> Whilst I do not disagree with this claim, you are wrong. There are >> protocols which effectively prevent phishing - so long as password >> entry is done in an unspoofable UI. > > Alright, to avoid any "violent agreement", can you point me at any > documentation you have on your proposed solution? As you pointed out Zed, phishing isn't something that happens to a protocol or an application - it's something the user decides to do. Phishing can be said to have been prevented only when the user can be relied upon to refuse to enter his password into an insecure box. Now there may be some useful mitigations at the app or protocol level. For example, my bank asks for my username and then shows me a familiar picture (e.g., a rocking horse) that is supposed to prevent phishing. This stops phishing only in the sense that it requires the attacker to use a CGI proxy app rather than simple static phishing site. For some sites that probably cuts down on the rate of phishing attacks quite a bit. But something so easy to bypass is likely to depend on a steady supply of easier targets keeping the attackers busy. If I wanted that kind of security for my car, I should try to convince everyone else in town to leave theirs unlocked with the keys in the ignition. I don't think it will be useful against a determined, targeted attack. On 01/09/2011 02:13 PM, Peter Saint-Andre wrote: > > And please start cc'ing only http-auth@ietf.org, not all the other > lists. You're trying to convince users not to do something that the interface begs them to do, like hit 'reply all', or trying out every password they know. It's not part of the protocol. - Marsh From tytso@mit.edu Thu Jan 13 10:25:19 2011 Return-Path: X-Original-To: websec@core3.amsl.com Delivered-To: websec@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 5AC3B3A6BC5; Thu, 13 Jan 2011 10:25:19 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -6.599 X-Spam-Level: X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id juOwH3Aiz1Kx; Thu, 13 Jan 2011 10:25:18 -0800 (PST) Received: from dmz-mailsec-scanner-6.mit.edu (DMZ-MAILSEC-SCANNER-6.MIT.EDU [18.7.68.35]) by core3.amsl.com (Postfix) with ESMTP id C5E403A6A5E; Thu, 13 Jan 2011 10:25:17 -0800 (PST) X-AuditID: 12074423-b7bd0ae000000a00-16-4d2f441cdfc6 Received: from mailhub-auth-3.mit.edu ( [18.9.21.43]) by dmz-mailsec-scanner-6.mit.edu (Symantec Brightmail Gateway) with SMTP id E4.10.02560.C144F2D4; Thu, 13 Jan 2011 13:27:40 -0500 (EST) Received: from outgoing.mit.edu (OUTGOING-AUTH.MIT.EDU [18.7.22.103]) by mailhub-auth-3.mit.edu (8.13.8/8.9.2) with ESMTP id p0DIRd4p016603; Thu, 13 Jan 2011 13:27:40 -0500 Received: from [192.168.1.196] (c-71-194-208-146.hsd1.il.comcast.net [71.194.208.146]) (authenticated bits=0) (User authenticated as tytso@ATHENA.MIT.EDU) by outgoing.mit.edu (8.13.6/8.12.4) with ESMTP id p0DIRAXG003778 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NOT); Thu, 13 Jan 2011 13:27:36 -0500 (EST) Mime-Version: 1.0 (Apple Message framework v1082) Content-Type: text/plain; charset=us-ascii From: Theodore Tso In-Reply-To: Date: Thu, 13 Jan 2011 13:27:10 -0500 Content-Transfer-Encoding: quoted-printable Message-Id: <45F97DFD-3AAB-44DE-8DC9-3694608EB740@mit.edu> References: <4D02AF81.6000907@stpeter.im> <78BD0B98-0F20-478B-85F1-DBB45691EB0D@padl.com> <4D0479E3.4050508@gmail.com> <4D04D7D6.4090105@isode.com> <4D051731.1020400@isode.com> <2230EA03-32C5-4D34-BC6B-304E813BE3A7@gbiv.com> To: Phillip Hallam-Baker X-Mailer: Apple Mail (2.1082) X-Brightmail-Tracker: AAAAARcg5EE= X-Mailman-Approved-At: Fri, 14 Jan 2011 08:03:27 -0800 Cc: "apps-discuss@ietf.org" , "Roy T. Fielding" , websec , Robert Sayre , "kitten@ietf.org" , "http-auth@ietf.org" , "saag@ietf.org" , "ietf-http-wg@w3.org Group" Subject: Re: [websec] [saag] [kitten] HTTP authentication: the next generation X-BeenThere: websec@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Web Application Security Minus Authentication and Transport List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 13 Jan 2011 18:25:19 -0000 On Jan 8, 2011, at 11:07 AM, Phillip Hallam-Baker wrote: > I think that Ben is right that we are solving the wrong problem. >=20 > The problem is that users are asked to maintain accounts at literally = HUNDREDS of accounts.=20 >=20 > And some cretins, some utter morons, some bog-brained berks think it = is reasonable to tell the user to have a different password for every = one! >=20 > I can't remember the account names, the password is easy as I only had = one (for non financial) - until those cretins at Gawker screwed up. Now = I have to reset my password at all those places. The fact that web sites, like Gawker, will screw up, is why you need to = maintain different passwords at every single one. And at least Gawker = admitted that they screwed up, and told everyone to change their = passwords once this came out. Many large corporations would have tried = to stonewall and claim their security is perfect or at least not = publicize the security breach to their users. Personally, I think the horse left the barn a long, long time ago, and = this is not a problem we can fix today. What I use for my non-financial = accounts is the LastPass plugin, which scans HTML form pages looking for = username/password form fields, and if it finds them, looks up the = username/password in a database which is stored in the cloud in an = encrypted fashion, and populates them into HTML form. It also will = automatically generate nice, long, random passwords for every site when = you change your password, and allows you easily use long, = hard-to-memorize (and thus secure) passwords that are different for = every single web site. The only reason why I don't use it for my financial web sites is because = it's a closed source browser plugin, so I can't audit it to make sure = it's not stashing away passwords and publishing them to the manufacturer = via some covert channel. But if they want to steal my Financial Times = and Economists logins, hey, they can be my guest. It may be ugly that we're dealing with this at the HTML/presentation = battle, but any other solution will take years to roll out, and the = issues of trust and liability which to date have doomed any large-scale = PKI rollout are going to bite us here. And in a federated scheme, the = question of which federated entities a user should trust to potentially = give access to *all* of their web sites is still at best a research = problem. So at least for web security, maybe the best we can do is to = make things easier for the browser or browser plugins to manage = different accounts at hundreds of different web sites. This may = ultimately be an easier, and be a much more easily deployable, solution = than some kind of federated authentication proposal. -- Ted From benl@google.com Fri Jan 14 02:38:20 2011 Return-Path: X-Original-To: websec@core3.amsl.com Delivered-To: websec@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 97E7E3A6AA1 for ; Fri, 14 Jan 2011 02:38:20 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -103.715 X-Spam-Level: X-Spam-Status: No, score=-103.715 tagged_above=-999 required=5 tests=[AWL=-0.738, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, RCVD_IN_DNSWL_LOW=-1, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uxVpdClwgwRc for ; Fri, 14 Jan 2011 02:38:20 -0800 (PST) Received: from smtp-out.google.com (smtp-out.google.com [74.125.121.67]) by core3.amsl.com (Postfix) with ESMTP id 2DDB43A6A40 for ; Fri, 14 Jan 2011 02:38:20 -0800 (PST) Received: from hpaq5.eem.corp.google.com (hpaq5.eem.corp.google.com [172.25.149.5]) by smtp-out.google.com with ESMTP id p0EA0Lwj016879 for ; Fri, 14 Jan 2011 02:00:21 -0800 DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d=google.com; s=beta; t=1294999225; bh=4HjEKMmA6PPVeYrCzXGB9XJoaJc=; h=MIME-Version:In-Reply-To:References:Date:Message-ID:Subject:From: To:Cc:Content-Type:Content-Transfer-Encoding; b=GGim5A9v69BFBSu+BTY15UNHyY3FTcPI+VwWwqjycaOoiq2mhRJWsYDLN8RZs82YT Whb3DW0npmi1oyfgauk4A== Received: from qyj19 (qyj19.prod.google.com [10.241.83.83]) by hpaq5.eem.corp.google.com with ESMTP id p0EA0I12012202 (version=TLSv1/SSLv3 cipher=RC4-MD5 bits=128 verify=NOT) for ; Fri, 14 Jan 2011 02:00:19 -0800 Received: by qyj19 with SMTP id 19so2943304qyj.10 for ; Fri, 14 Jan 2011 02:00:18 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=beta; h=domainkey-signature:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type :content-transfer-encoding; bh=pOv0POGRSp4j8mzD5VRvAxYScXGJeD+JAQmTzfFsha8=; b=QlnWNTYdpnVqArTKVax8JGp+chiH908UHFXhpfKJHxQ9pdwSR1UnDQoKzHvmANLchD riQVXwbbQy5wyTvopi9Q== DomainKey-Signature: a=rsa-sha1; c=nofws; d=google.com; s=beta; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; b=Q42xBptqqqWzKPqxAdm9MCgsaqciCJPxGka8QYv4t96iB5eQwqPkGq1k2ZkcK6qwBU uC7s/RdAorxzTno2ce0Q== MIME-Version: 1.0 Received: by 10.229.95.11 with SMTP id b11mr537655qcn.28.1294999218581; Fri, 14 Jan 2011 02:00:18 -0800 (PST) Received: by 10.220.88.137 with HTTP; Fri, 14 Jan 2011 02:00:18 -0800 (PST) In-Reply-To: References: <4D2A239C.6040801@extendedsubset.com> Date: Fri, 14 Jan 2011 10:00:18 +0000 Message-ID: From: Ben Laurie To: Peter Gutmann Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable X-System-Of-Record: true X-Mailman-Approved-At: Fri, 14 Jan 2011 08:03:27 -0800 Cc: apps-discuss@ietf.org, dwm@xpasc.com, websec@ietf.org, kitten@ietf.org, zedshaw@zedshaw.com, http-auth@ietf.org, ietf-http-wg@w3.org, saag@ietf.org Subject: Re: [websec] [saag] [apps-discuss] [kitten] HTTP authentication: the next generation X-BeenThere: websec@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Web Application Security Minus Authentication and Transport List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 14 Jan 2011 10:38:20 -0000 On 14 January 2011 02:24, Peter Gutmann wrote: > Marsh Ray writes: > >>Phishing can be said to have been prevented only when the user can be rel= ied >>upon to refuse to enter his password into an insecure box. > > I think you need to phrase that more generally, "when the user can be rel= ied > upon to not authenticate to the wrong site", because there's more ways of > authenticating around than just typing a string into a web form. =A0For e= xample > some password managers do site-specifc passwords, so even if you go to th= e > wrong site you can't accidentally provide your credentials for the correc= t > site. That phrasing is only correct if the authentication method leaks the passwo= rd... > >>For example, my bank asks for my username and then shows me a familiar >>picture (e.g., a rocking horse) that is supposed to prevent phishing. Thi= s >>stops phishing only in the sense that it requires the attacker to use a C= GI >>proxy app rather than simple static phishing site. > > ... or display a broken-image GIF, or a message that the award-winning > security whatsit is being upgraded and will be back soon, or ... > > (this is from a real-world evaluation of the (in-)effectiveness of site > images, I can dig up the ref if required). =A0Site images rate more as a > security gimmick than any real security measure. Exactly. From marsh@extendedsubset.com Fri Jan 14 09:05:16 2011 Return-Path: X-Original-To: websec@core3.amsl.com Delivered-To: websec@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id B06A53A6BA3; Fri, 14 Jan 2011 09:05:16 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.572 X-Spam-Level: X-Spam-Status: No, score=-2.572 tagged_above=-999 required=5 tests=[AWL=0.027, BAYES_00=-2.599] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yVAyY+betpQV; Fri, 14 Jan 2011 09:05:15 -0800 (PST) Received: from mho-01-ewr.mailhop.org (mho-01-ewr.mailhop.org [204.13.248.71]) by core3.amsl.com (Postfix) with ESMTP id 74AE43A6B9A; Fri, 14 Jan 2011 09:05:15 -0800 (PST) Received: from xs01.extendedsubset.com ([69.164.193.58]) by mho-01-ewr.mailhop.org with esmtpa (Exim 4.72) (envelope-from ) id 1Pdn7h-0004Py-OE; Fri, 14 Jan 2011 17:07:37 +0000 Received: from [192.168.1.15] (localhost [127.0.0.1]) by xs01.extendedsubset.com (Postfix) with ESMTP id 4809C603E; Fri, 14 Jan 2011 17:07:33 +0000 (UTC) X-Mail-Handler: MailHop Outbound by DynDNS X-Originating-IP: 69.164.193.58 X-Report-Abuse-To: abuse@dyndns.com (see http://www.dyndns.com/services/mailhop/outbound_abuse.html for abuse reporting information) X-MHO-User: U2FsdGVkX18lbvaEQEauG/YHYvKNkaHDVNFTUVsfTMQ= Message-ID: <4D3082D5.6070801@extendedsubset.com> Date: Fri, 14 Jan 2011 11:07:33 -0600 From: Marsh Ray User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.13) Gecko/20101208 Thunderbird/3.1.7 MIME-Version: 1.0 To: Peter Gutmann References: In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Mailman-Approved-At: Fri, 14 Jan 2011 09:08:59 -0800 Cc: apps-discuss@ietf.org, dwm@xpasc.com, websec@ietf.org, kitten@ietf.org, zedshaw@zedshaw.com, http-auth@ietf.org, ietf-http-wg@w3.org, saag@ietf.org Subject: Re: [websec] [saag] [apps-discuss] [kitten] HTTP authentication: the next generation X-BeenThere: websec@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Web Application Security Minus Authentication and Transport List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 14 Jan 2011 17:05:16 -0000 On 01/13/2011 08:24 PM, Peter Gutmann wrote: > Marsh Ray writes: > >> Phishing can be said to have been prevented only when the user can >> be relied upon to refuse to enter his password into an insecure >> box. > > I think you need to phrase that more generally, "when the user can be > relied upon to not authenticate to the wrong site", because there's > more ways of authenticating around than just typing a string into a > web form. I was trying to be as general as possible but still thinking in terms of phising for passwords. (This conversation has bounced around a bit between "better HTTP password authentication don't you dare mention client certificates" and "open-minded discussion of login authentication methods". I'm happy to contribute to whatever, but we risk miscommunication-mistaken-for-disagreement unless we settle on the scope first.) The term "authenticate to the wrong site" has completely different meaning depending on whether or not we're talking about capture-and-reuse credentials like passwords or whether or not we're assuming encryption which authenticates the server to the user (https). So I was thinking of "password into insecure box" as being more general. Maybe the attack somehow doesn't even involve the "wrong site", maybe bad guy injects something into the right site instead? > For example some password managers do site-specifc > passwords, so even if you go to the wrong site you can't accidentally > provide your credentials for the correct site. OMG, I can't stand it when I type the right password (for something else) into the wrong box. I admit that I have not always immediately changed that password when I've done it into a computer I also sort-of trusted (but in a different scope). > Site images rate > more as a security gimmick than any real security measure. It'd be interesting to know if banks get an actual reduction in the rate of phishing from that. On 01/13/2011 08:33 PM, Peter Gutmann wrote: > Phillip Hallam-Baker writes: > >> Such users have asked to do business with hundreds of entities, so >> at least something is working right. > > Actually they haven't asked to to business with most of them, but > are required to have an account for > user-tracking/spam-defeating/who-knows-what purposes. Yep. I guess I was counting things like Slashdot and Twitter as "doing business", even though it wasn't a monetary transaction. There is some value stored in those credentials, or at least pain-in-the butt potential costs to me if they were compromised for some reason. > If browsers > provided a basic "generate a random password just for this site" > feature, as many password managers have been doing for years and > years, then we could focus on the tiny fraction of sites where > authentication really matters. That would be convenient, but how many people back up the password manager in their browser? I don't, I prefer to write them down. I use multiple computers and multiple browsers. No browser has every password. Encouraging them to be centralized in the browser seems less than ideal, since it's the browser that gets pwned more than anything else. > Two major problems that we initially > need to overcome are: > > 1. Browsers (I'm using this as a generic for "client-side software") > treat all passwords as being equal, from your high-value banking > one to your throwaway knitting-patterns-blog one. Yes, I agree that's a big problem. I don't think we should think of them as being fully-ordered on a dimension of 'value' however. For example, let's say I have: A. Password for current employer's single-sign-on Kerberos/Active Directory infrastructure. B. Password I use at job-hunting website C. Password I use for my pseudonym where I flame newbies and post obscene patterns on the knitting patterns blog. My work desktop computer will most likely be backdoored by my employer. They may not care about C, but I care greatly that they do not find B. I log in to the employer from a home PC or smartphone from a VPN A. I may have a sense of responsibility about protecting A, but apparently I'm looking for a new job anyway. I'm more interested that prospective employers don't find out about C. From a public internet terminal I may not care at all about accessing C because it doesn't seem plausible that it would associate back with my professional identity. > 2. Browsers (ditto) have close to zero support for even the most > basic password management that any number of plugins and add-ons have > had for years (the Firefox 3.6 password manager is, AFAICT, unchanged > since the Netscape 2.0 one from fifteen years ago). It works sort of OK for me. But I'm only happy with it because I wouldn't trust it with all of my passwords regardless of how . > If we could start to address this, and at least begin to bound the > problem, we've made a start. Theorising about blue-sky solutions > isn't useful when we haven't even defined the real problem we're > trying to solve. Yes, let's resist the attraction of actual solutions until we have defined the problem to death. The possible solutions and their pros and cons of will usually be obvious by that point. - Marsh From marsh@extendedsubset.com Fri Jan 14 09:24:36 2011 Return-Path: X-Original-To: websec@core3.amsl.com Delivered-To: websec@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 27C0C3A6BA3; Fri, 14 Jan 2011 09:24:36 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.572 X-Spam-Level: X-Spam-Status: No, score=-2.572 tagged_above=-999 required=5 tests=[AWL=0.027, BAYES_00=-2.599] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zqPHCjGSpFEG; Fri, 14 Jan 2011 09:24:35 -0800 (PST) Received: from mho-01-ewr.mailhop.org (mho-01-ewr.mailhop.org [204.13.248.71]) by core3.amsl.com (Postfix) with ESMTP id A0FAF3A6BB4; Fri, 14 Jan 2011 09:24:31 -0800 (PST) Received: from xs01.extendedsubset.com ([69.164.193.58]) by mho-01-ewr.mailhop.org with esmtpa (Exim 4.72) (envelope-from ) id 1PdnQM-000EKn-PO; Fri, 14 Jan 2011 17:26:54 +0000 Received: from [192.168.1.15] (localhost [127.0.0.1]) by xs01.extendedsubset.com (Postfix) with ESMTP id 0015C603E; Fri, 14 Jan 2011 17:26:50 +0000 (UTC) X-Mail-Handler: MailHop Outbound by DynDNS X-Originating-IP: 69.164.193.58 X-Report-Abuse-To: abuse@dyndns.com (see http://www.dyndns.com/services/mailhop/outbound_abuse.html for abuse reporting information) X-MHO-User: U2FsdGVkX19CXS3o05S/+ZXWLvW9ImCQ+6e1DVdiVUQ= Message-ID: <4D30875B.5050109@extendedsubset.com> Date: Fri, 14 Jan 2011 11:26:51 -0600 From: Marsh Ray User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.13) Gecko/20101208 Thunderbird/3.1.7 MIME-Version: 1.0 To: Peter Gutmann References: In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Mailman-Approved-At: Fri, 14 Jan 2011 09:31:52 -0800 Cc: apps-discuss@ietf.org, dwm@xpasc.com, websec@ietf.org, kitten@ietf.org, zedshaw@zedshaw.com, http-auth@ietf.org, ietf-http-wg@w3.org, saag@ietf.org Subject: Re: [websec] [saag] [apps-discuss] [kitten] HTTP authentication: the next generation X-BeenThere: websec@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Web Application Security Minus Authentication and Transport List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 14 Jan 2011 17:24:36 -0000 On 01/14/2011 04:12 AM, Peter Gutmann wrote: > > Who says there's a password involved? It's equally appropriate for public- > key/certificate-based auth, "sign this challenge" for example. I think "when > the user can be relied upon to not authenticate to the wrong site" covers most > of the bases and is technology- and mechanism-neutral. What is being authenticated? How much of the surrounding context is being assumed or implied, and how much is actually being authenticated? Who is doing the authentication? What capabilities will the result be used to authorize? These are real questions that go to the heart of the problem. I don't believe that they have been reconsidered in the context of today's computing environment. Give a description of the semantics of the "sign this challenge" act, without presupposing agreement on definitions we take for granted like "authentication", "login", "session", etc. I suspect the result would sound absurd enough that we would want to throw out the whole thing and start over. I suspect we avoid this exercise because we realize this subconsciously, or at least avoid saying it out loud. I suspect that this is a big part of why we find the problem intractable. - Marsh From stpeter@stpeter.im Fri Jan 14 18:54:57 2011 Return-Path: X-Original-To: websec@core3.amsl.com Delivered-To: websec@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 163683A6C2F for ; Fri, 14 Jan 2011 18:54:57 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -102.663 X-Spam-Level: X-Spam-Status: No, score=-102.663 tagged_above=-999 required=5 tests=[AWL=-0.064, BAYES_00=-2.599, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SlaYii90SZES for ; Fri, 14 Jan 2011 18:54:03 -0800 (PST) Received: from stpeter.im (stpeter.im [207.210.219.233]) by core3.amsl.com (Postfix) with ESMTP id 1B6723A6C2E for ; Fri, 14 Jan 2011 18:54:03 -0800 (PST) Received: from squire.local (unknown [12.50.78.194]) (Authenticated sender: stpeter) by stpeter.im (Postfix) with ESMTPSA id 2C6D340393 for ; Fri, 14 Jan 2011 20:11:41 -0700 (MST) Message-ID: <4D310CDC.1000402@stpeter.im> Date: Fri, 14 Jan 2011 19:56:28 -0700 From: Peter Saint-Andre User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.5; en-US; rv:1.9.2.13) Gecko/20101207 Thunderbird/3.1.7 MIME-Version: 1.0 To: websec@ietf.org X-Enigmail-Version: 1.1.1 OpenPGP: url=http://www.saint-andre.com/me/stpeter.asc Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg=sha1; boundary="------------ms060602050700020409020103" Subject: [websec] where to discuss HTTP authentication X-BeenThere: websec@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Web Application Security Minus Authentication and Transport List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 15 Jan 2011 02:54:57 -0000 This is a cryptographically signed message in MIME format. --------------ms060602050700020409020103 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Folks, please stop copying websec@ietf.org about the HTTP authentication thread. We have a special list on that topic, http-auth@ietf.org... Peter --=20 Peter Saint-Andre https://stpeter.im/ --------------ms060602050700020409020103 Content-Type: application/pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" Content-Description: S/MIME Cryptographic Signature MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIITzjCC BjQwggQcoAMCAQICASMwDQYJKoZIhvcNAQELBQAwfTELMAkGA1UEBhMCSUwxFjAUBgNVBAoT DVN0YXJ0Q29tIEx0ZC4xKzApBgNVBAsTIlNlY3VyZSBEaWdpdGFsIENlcnRpZmljYXRlIFNp Z25pbmcxKTAnBgNVBAMTIFN0YXJ0Q29tIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA3 MTAyNDIxMDMzM1oXDTE3MTAyNDIxMDMzM1owgYwxCzAJBgNVBAYTAklMMRYwFAYDVQQKEw1T dGFydENvbSBMdGQuMSswKQYDVQQLEyJTZWN1cmUgRGlnaXRhbCBDZXJ0aWZpY2F0ZSBTaWdu aW5nMTgwNgYDVQQDEy9TdGFydENvbSBDbGFzcyAzIFByaW1hcnkgSW50ZXJtZWRpYXRlIENs aWVudCBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALmjSW4SPiDKlAinvVeL ZOVfItiuP1aRHL530E7QUc9icCwL33+PH+Js1HAh8CgWFl34sOxx1FJyS/C4VLPRsqDfP72j tzCVUAL0DAxZ7wgzQvFz7x61jGxfhYhqYb1+PPOLkYBbkRIrPMg3dLEdKmXIYJYXDH+mB/V/ jLo73/Kb7h/rNoNg/oHHSv5Jolyvp5IY2btfcTBfW/telEFj5rDTX2juTvZ3Qhf3XQX5ca3Q 7A10zrUV/cWJOJ7F5RltbEIaboZmX5JBUb3FhUiAdBotehAX6DbDOuYoJtVxmGof6GuVGcPo 98K4TJf8FHo+UA9EOVDp/W7fCqKT4sXk/XkCAwEAAaOCAa0wggGpMA8GA1UdEwEB/wQFMAMB Af8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBR7iZySlyShhEcCy3T8LvSs3DLl8zAfBgNV HSMEGDAWgBROC+8apEBbpRdphzDKNGhD0EGu8jBmBggrBgEFBQcBAQRaMFgwJwYIKwYBBQUH MAGGG2h0dHA6Ly9vY3NwLnN0YXJ0c3NsLmNvbS9jYTAtBggrBgEFBQcwAoYhaHR0cDovL3d3 dy5zdGFydHNzbC5jb20vc2ZzY2EuY3J0MFsGA1UdHwRUMFIwJ6AloCOGIWh0dHA6Ly93d3cu c3RhcnRzc2wuY29tL3Nmc2NhLmNybDAnoCWgI4YhaHR0cDovL2NybC5zdGFydHNzbC5jb20v c2ZzY2EuY3JsMIGABgNVHSAEeTB3MHUGCysGAQQBgbU3AQIBMGYwLgYIKwYBBQUHAgEWImh0 dHA6Ly93d3cuc3RhcnRzc2wuY29tL3BvbGljeS5wZGYwNAYIKwYBBQUHAgEWKGh0dHA6Ly93 d3cuc3RhcnRzc2wuY29tL2ludGVybWVkaWF0ZS5wZGYwDQYJKoZIhvcNAQELBQADggIBAGpd SbdLFMhirxK37V4gE00+uW74UdAXtDgQI3AsRZWtaRtKHgAxFBSteqz4kDkeAjH/1b+K8tQR 6cxSI2nho7qOaPW/UpzOfSS/MeKK/9vfM2lfs+uItXH7LWtvS9wD1erfH1a+BXHCrCp4LA1l fADDhRIiGTSS3i0Zu5xV3INNRHrCCCl6patltQ8RZTqzDMri7ombgIxjN51Zo7xV77EZcThV 0GA8iIN+7T53uHhUJpjfLIztHs/69OclRvHux9hCflfOm7GY5Sc4nqjfES+5XPArGGWiQSEk ez37QfXqsxO3oCHK4b3DFZysG4uyOuC/WL80ab3muQ3tgwjBhq0D3JZN5kvu5gSuNZPa1WrV hEgXkd6C7s5stqB6/htVpshG08jRz9DEutGM9oKQ1ncTivbfPNx7pILoHWvvT7N5i/puVoNu bPUmLXh/2wA6wzAzuuoONiIL14Xpw6jLSnqpaLWElo2yTIFZ/CU/nCvvpW1Dj1457P3Ci9bD 0RPkWSR+CuucpgxrEmaw4UOLxflzuYYaq1RJwygOO5K0s2bAWOcXpgteyUOnQ3d/EjJAWRri 2v0ubiq+4H3KUOMlbznlPAY/1T8YyyJPM88+Ueahe/AW1zoUwZayNcTnuM7cq6yBV8Wr3GOI LFXhtT0UVuJLChPMJKVKVsa7qNorlLkMMIIGxzCCBa+gAwIBAgICAIswDQYJKoZIhvcNAQEF BQAwgYwxCzAJBgNVBAYTAklMMRYwFAYDVQQKEw1TdGFydENvbSBMdGQuMSswKQYDVQQLEyJT ZWN1cmUgRGlnaXRhbCBDZXJ0aWZpY2F0ZSBTaWduaW5nMTgwNgYDVQQDEy9TdGFydENvbSBD bGFzcyAzIFByaW1hcnkgSW50ZXJtZWRpYXRlIENsaWVudCBDQTAeFw0xMDEwMTQwMTM2MzRa Fw0xMjEwMTQxMjAxMDdaMIHAMSAwHgYDVQQNExcyNzQ1ODEtOU5YMDRxeExEYjBvNDY5VDEL MAkGA1UEBhMCVVMxETAPBgNVBAgTCENvbG9yYWRvMQ8wDQYDVQQHEwZEZW52ZXIxLDAqBgNV BAsTI1N0YXJ0Q29tIFRydXN0ZWQgQ2VydGlmaWNhdGUgTWVtYmVyMRowGAYDVQQDExFQZXRl ciBTYWludC1BbmRyZTEhMB8GCSqGSIb3DQEJARYSc3RwZXRlckBzdHBldGVyLmltMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuERvnrkpQTx9wbJfgxbNKEYvt0IilecZRUM6 wrbCzIUPCocuYhaAJcQoqIyHaKybPQ7f+DIGIAolAa3dHnNdlsXP2smTft/ZNpj10PIG5bil NAqLUYwmLJaEaqY7BMW8423U3blW43/luLJk/Pq4OsWcw7AK3LeVh1U/HOgqhin26N3h72X1 nbLEpZFrgcp8egmWtXLCbLBDMqUK3j6wjLldni79muzYEVqU0A5GqSeb8Wc4kIx8VI5yL24J KzinG2iVRP5ZDEbOZETzBXJabUsV56XSxqPG9DK6ke+ybCiL/wKV1HFqdtFB1y25lfvHgOP2 gyEApBKEDNjgLmKyyQIDAQABo4IC+zCCAvcwCQYDVR0TBAIwADALBgNVHQ8EBAMCBLAwHQYD VR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMEMB0GA1UdDgQWBBS2EW2iNB+g0EibKJLBdv8I eLovVDAfBgNVHSMEGDAWgBR7iZySlyShhEcCy3T8LvSs3DLl8zAdBgNVHREEFjAUgRJzdHBl dGVyQHN0cGV0ZXIuaW0wggFCBgNVHSAEggE5MIIBNTCCATEGCysGAQQBgbU3AQICMIIBIDAu BggrBgEFBQcCARYiaHR0cDovL3d3dy5zdGFydHNzbC5jb20vcG9saWN5LnBkZjA0BggrBgEF BQcCARYoaHR0cDovL3d3dy5zdGFydHNzbC5jb20vaW50ZXJtZWRpYXRlLnBkZjCBtwYIKwYB BQUHAgIwgaowFBYNU3RhcnRDb20gTHRkLjADAgEBGoGRTGltaXRlZCBMaWFiaWxpdHksIHNl ZSBzZWN0aW9uICpMZWdhbCBMaW1pdGF0aW9ucyogb2YgdGhlIFN0YXJ0Q29tIENlcnRpZmlj YXRpb24gQXV0aG9yaXR5IFBvbGljeSBhdmFpbGFibGUgYXQgaHR0cDovL3d3dy5zdGFydHNz bC5jb20vcG9saWN5LnBkZjBjBgNVHR8EXDBaMCugKaAnhiVodHRwOi8vd3d3LnN0YXJ0c3Ns LmNvbS9jcnR1My1jcmwuY3JsMCugKaAnhiVodHRwOi8vY3JsLnN0YXJ0c3NsLmNvbS9jcnR1 My1jcmwuY3JsMIGOBggrBgEFBQcBAQSBgTB/MDkGCCsGAQUFBzABhi1odHRwOi8vb2NzcC5z dGFydHNzbC5jb20vc3ViL2NsYXNzMy9jbGllbnQvY2EwQgYIKwYBBQUHMAKGNmh0dHA6Ly93 d3cuc3RhcnRzc2wuY29tL2NlcnRzL3N1Yi5jbGFzczMuY2xpZW50LmNhLmNydDAjBgNVHRIE HDAahhhodHRwOi8vd3d3LnN0YXJ0c3NsLmNvbS8wDQYJKoZIhvcNAQEFBQADggEBADVtbXJG tKAr55xc/OUM546gXUybI72Bank0w739Mv+9BBNtq9rMEvCnLmSKhBi76c1mdXh6zXs8RQDo 6nR/aPabE3llF2T4z80smi9jfnl3y9dpu9TcgDoqDLZ7a2lBlW656XAAQzHjvLp2MC7/mxlg PYH2axa+q40mAYM20GbNsAEGbWQT1IqIh0BcLLsgbaMJHbyG/57zd9JLyMX3Vry1L1fJRQr3 GeLxMV5RtxN+mBgxrwFz/cOc09COiFExlsHgekpB5O43gqsAU16MXypyoSt4MrSfKTMHIGx6 2RF/M6vqUlvhi28gk2ZUvQ/+OX5+gjcZyooEzAAn4RuOKNswggbHMIIFr6ADAgECAgIAizAN BgkqhkiG9w0BAQUFADCBjDELMAkGA1UEBhMCSUwxFjAUBgNVBAoTDVN0YXJ0Q29tIEx0ZC4x KzApBgNVBAsTIlNlY3VyZSBEaWdpdGFsIENlcnRpZmljYXRlIFNpZ25pbmcxODA2BgNVBAMT L1N0YXJ0Q29tIENsYXNzIDMgUHJpbWFyeSBJbnRlcm1lZGlhdGUgQ2xpZW50IENBMB4XDTEw MTAxNDAxMzYzNFoXDTEyMTAxNDEyMDEwN1owgcAxIDAeBgNVBA0TFzI3NDU4MS05TlgwNHF4 TERiMG80NjlUMQswCQYDVQQGEwJVUzERMA8GA1UECBMIQ29sb3JhZG8xDzANBgNVBAcTBkRl bnZlcjEsMCoGA1UECxMjU3RhcnRDb20gVHJ1c3RlZCBDZXJ0aWZpY2F0ZSBNZW1iZXIxGjAY BgNVBAMTEVBldGVyIFNhaW50LUFuZHJlMSEwHwYJKoZIhvcNAQkBFhJzdHBldGVyQHN0cGV0 ZXIuaW0wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4RG+euSlBPH3Bsl+DFs0o Ri+3QiKV5xlFQzrCtsLMhQ8Khy5iFoAlxCiojIdorJs9Dt/4MgYgCiUBrd0ec12Wxc/ayZN+ 39k2mPXQ8gbluKU0CotRjCYsloRqpjsExbzjbdTduVbjf+W4smT8+rg6xZzDsArct5WHVT8c 6CqGKfbo3eHvZfWdssSlkWuBynx6CZa1csJssEMypQrePrCMuV2eLv2a7NgRWpTQDkapJ5vx ZziQjHxUjnIvbgkrOKcbaJVE/lkMRs5kRPMFclptSxXnpdLGo8b0MrqR77JsKIv/ApXUcWp2 0UHXLbmV+8eA4/aDIQCkEoQM2OAuYrLJAgMBAAGjggL7MIIC9zAJBgNVHRMEAjAAMAsGA1Ud DwQEAwIEsDAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQwHQYDVR0OBBYEFLYRbaI0 H6DQSJsoksF2/wh4ui9UMB8GA1UdIwQYMBaAFHuJnJKXJKGERwLLdPwu9KzcMuXzMB0GA1Ud EQQWMBSBEnN0cGV0ZXJAc3RwZXRlci5pbTCCAUIGA1UdIASCATkwggE1MIIBMQYLKwYBBAGB tTcBAgIwggEgMC4GCCsGAQUFBwIBFiJodHRwOi8vd3d3LnN0YXJ0c3NsLmNvbS9wb2xpY3ku cGRmMDQGCCsGAQUFBwIBFihodHRwOi8vd3d3LnN0YXJ0c3NsLmNvbS9pbnRlcm1lZGlhdGUu cGRmMIG3BggrBgEFBQcCAjCBqjAUFg1TdGFydENvbSBMdGQuMAMCAQEagZFMaW1pdGVkIExp YWJpbGl0eSwgc2VlIHNlY3Rpb24gKkxlZ2FsIExpbWl0YXRpb25zKiBvZiB0aGUgU3RhcnRD b20gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgUG9saWN5IGF2YWlsYWJsZSBhdCBodHRwOi8v d3d3LnN0YXJ0c3NsLmNvbS9wb2xpY3kucGRmMGMGA1UdHwRcMFowK6ApoCeGJWh0dHA6Ly93 d3cuc3RhcnRzc2wuY29tL2NydHUzLWNybC5jcmwwK6ApoCeGJWh0dHA6Ly9jcmwuc3RhcnRz c2wuY29tL2NydHUzLWNybC5jcmwwgY4GCCsGAQUFBwEBBIGBMH8wOQYIKwYBBQUHMAGGLWh0 dHA6Ly9vY3NwLnN0YXJ0c3NsLmNvbS9zdWIvY2xhc3MzL2NsaWVudC9jYTBCBggrBgEFBQcw AoY2aHR0cDovL3d3dy5zdGFydHNzbC5jb20vY2VydHMvc3ViLmNsYXNzMy5jbGllbnQuY2Eu Y3J0MCMGA1UdEgQcMBqGGGh0dHA6Ly93d3cuc3RhcnRzc2wuY29tLzANBgkqhkiG9w0BAQUF AAOCAQEANW1tcka0oCvnnFz85QznjqBdTJsjvYFqeTTDvf0y/70EE22r2swS8KcuZIqEGLvp zWZ1eHrNezxFAOjqdH9o9psTeWUXZPjPzSyaL2N+eXfL12m71NyAOioMtntraUGVbrnpcABD MeO8unYwLv+bGWA9gfZrFr6rjSYBgzbQZs2wAQZtZBPUioiHQFwsuyBtowkdvIb/nvN30kvI xfdWvLUvV8lFCvcZ4vExXlG3E36YGDGvAXP9w5zT0I6IUTGWweB6SkHk7jeCqwBTXoxfKnKh K3gytJ8pMwcgbHrZEX8zq+pSW+GLbyCTZlS9D/45fn6CNxnKigTMACfhG44o2zGCA80wggPJ AgEBMIGTMIGMMQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkGA1UE CxMiU2VjdXJlIERpZ2l0YWwgQ2VydGlmaWNhdGUgU2lnbmluZzE4MDYGA1UEAxMvU3RhcnRD b20gQ2xhc3MgMyBQcmltYXJ5IEludGVybWVkaWF0ZSBDbGllbnQgQ0ECAgCLMAkGBSsOAwIa BQCgggIOMBgGCSqGSIb3DQEJAzELBgkqhkiG9w0BBwEwHAYJKoZIhvcNAQkFMQ8XDTExMDEx NTAyNTYyOFowIwYJKoZIhvcNAQkEMRYEFPinLpMZ/GZyB6noXpS3lUvyq3k4MF8GCSqGSIb3 DQEJDzFSMFAwCwYJYIZIAWUDBAECMAoGCCqGSIb3DQMHMA4GCCqGSIb3DQMCAgIAgDANBggq hkiG9w0DAgIBQDAHBgUrDgMCBzANBggqhkiG9w0DAgIBKDCBpAYJKwYBBAGCNxAEMYGWMIGT MIGMMQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkGA1UECxMiU2Vj dXJlIERpZ2l0YWwgQ2VydGlmaWNhdGUgU2lnbmluZzE4MDYGA1UEAxMvU3RhcnRDb20gQ2xh c3MgMyBQcmltYXJ5IEludGVybWVkaWF0ZSBDbGllbnQgQ0ECAgCLMIGmBgsqhkiG9w0BCRAC CzGBlqCBkzCBjDELMAkGA1UEBhMCSUwxFjAUBgNVBAoTDVN0YXJ0Q29tIEx0ZC4xKzApBgNV BAsTIlNlY3VyZSBEaWdpdGFsIENlcnRpZmljYXRlIFNpZ25pbmcxODA2BgNVBAMTL1N0YXJ0 Q29tIENsYXNzIDMgUHJpbWFyeSBJbnRlcm1lZGlhdGUgQ2xpZW50IENBAgIAizANBgkqhkiG 9w0BAQEFAASCAQBidus9fRgTBaSY+k3UK4ngDOoBXpwTKkhoIBj9HZTj2cKZh/Og8E/NA6Hh AtHXnk2qlXgOl8vGs6Nw9cGb8bt7bwSvlrMNtkT91tQWL9TxtHTVCLXpkaxzClWkAdLUNTlH 2xDMl9WjMwR9oMVPmbRtguv/gKm9qI0kF68lWNF2XdIjNnD2fBheqgSqD1Y0ii5mtOmzNBZo FmjqTTPJ8GZA3v5E77PMwqsA6ptP/CpFBQIniHQ+mwxSnxpr6sfQ/NsP/bdjQdYgnzJ93fyB 2msl/fL1+j79c2v3CGdz29DhyZWPmminwIkkHqtBJrQxWq8vREA2cjwBlNgniXg5FBwnAAAA AAAA --------------ms060602050700020409020103-- From Internet-Drafts@ietf.org Mon Jan 24 14:30:03 2011 Return-Path: X-Original-To: websec@core3.amsl.com Delivered-To: websec@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 609B63A6994; Mon, 24 Jan 2011 14:30:03 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -102.569 X-Spam-Level: X-Spam-Status: No, score=-102.569 tagged_above=-999 required=5 tests=[AWL=0.030, BAYES_00=-2.599, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id AjKQXi1bPhud; Mon, 24 Jan 2011 14:30:02 -0800 (PST) Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 1E46C3A69A5; Mon, 24 Jan 2011 14:30:02 -0800 (PST) MIME-Version: 1.0 Content-Type: Multipart/Mixed; Boundary="NextPart" From: Internet-Drafts@ietf.org To: i-d-announce@ietf.org X-Test-IDTracker: no X-IETF-IDTracker: 3.10 Message-ID: <20110124223002.19665.91506.idtracker@localhost> Date: Mon, 24 Jan 2011 14:30:02 -0800 Cc: websec@ietf.org Subject: [websec] I-D Action:draft-ietf-websec-mime-sniff-01.txt X-BeenThere: websec@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Web Application Security Minus Authentication and Transport List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 24 Jan 2011 22:30:03 -0000 --NextPart A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Web Security Working Group of the IETF. Title : Media Type Sniffing Author(s) : A. Barth, I. Hickson Filename : draft-ietf-websec-mime-sniff-01.txt Pages : 21 Date : 2011-01-24 Many web servers supply incorrect Content-Type header fields with their HTTP responses. In order to be compatible with these servers, user agents consider the content of HTTP responses as well as the Content-Type header fields when determining the effective media type of the response. This document describes an algorithm for determining the effective media type of HTTP responses that balances security and compatibility considerations. Please send feedback on this draft to apps-discuss@ietf.org. A URL for this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-ietf-websec-mime-sniff-01.txt Internet-Drafts are also available by anonymous FTP at: ftp://ftp.ietf.org/internet-drafts/ Below is the data which will enable a MIME compliant mail reader implementation to automatically retrieve the ASCII version of the Internet-Draft. --NextPart Content-Type: Message/External-body; name="draft-ietf-websec-mime-sniff-01.txt"; site="ftp.ietf.org"; access-type="anon-ftp"; directory="internet-drafts" Content-Type: text/plain Content-ID: <2011-01-24142401.I-D@ietf.org> --NextPart-- From ietf@adambarth.com Mon Jan 24 14:33:09 2011 Return-Path: X-Original-To: websec@core3.amsl.com Delivered-To: websec@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 192F428B797 for ; Mon, 24 Jan 2011 14:33:09 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -3.753 X-Spam-Level: X-Spam-Status: No, score=-3.753 tagged_above=-999 required=5 tests=[AWL=-0.776, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, RCVD_IN_DNSWL_LOW=-1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id AE483ITaZrqQ for ; Mon, 24 Jan 2011 14:33:08 -0800 (PST) Received: from mail-ww0-f44.google.com (mail-ww0-f44.google.com [74.125.82.44]) by core3.amsl.com (Postfix) with ESMTP id E868D28B23E for ; Mon, 24 Jan 2011 14:33:07 -0800 (PST) Received: by wwa36 with SMTP id 36so5546515wwa.13 for ; Mon, 24 Jan 2011 14:36:03 -0800 (PST) Received: by 10.227.143.66 with SMTP id t2mr1291878wbu.83.1295908562676; Mon, 24 Jan 2011 14:36:02 -0800 (PST) Received: from mail-iy0-f172.google.com (mail-iy0-f172.google.com [209.85.210.172]) by mx.google.com with ESMTPS id n18sm6848104wee.40.2011.01.24.14.36.01 (version=SSLv3 cipher=RC4-MD5); Mon, 24 Jan 2011 14:36:01 -0800 (PST) Received: by iyi42 with SMTP id 42so4930896iyi.31 for ; Mon, 24 Jan 2011 14:36:00 -0800 (PST) Received: by 10.231.35.136 with SMTP id p8mr5551358ibd.139.1295908560551; Mon, 24 Jan 2011 14:36:00 -0800 (PST) MIME-Version: 1.0 Received: by 10.231.35.13 with HTTP; Mon, 24 Jan 2011 14:35:30 -0800 (PST) From: Adam Barth Date: Mon, 24 Jan 2011 14:35:30 -0800 Message-ID: To: websec Content-Type: text/plain; charset=ISO-8859-1 Subject: [websec] Video and audio types added to draft-ietf-websec-mime-sniff X-BeenThere: websec@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Web Application Security Minus Authentication and Transport List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 24 Jan 2011 22:33:09 -0000 Websecians, I've uploaded a new draft of draft-ietf-websec-mime-sniff that contains a handful of signatures for video and audio types supported by web browsers: http://www.ietf.org/id/draft-ietf-websec-mime-sniff-01.txt I've been trying to avoid getting embroiled in the video/audio format mess, but several folks have asked me to add this information to the document so that browsers can improve their interoperability. As you can see, I've added WebP, Ogg, WAVE, and WebM: http://tools.ietf.org//rfcdiff?url1=http%3A//www.ietf.org/id/draft-ietf-websec-mime-sniff-00.txt&url2=http%3A//www.ietf.org/id/draft-ietf-websec-mime-sniff-01.txt I would like to add MP3 and H.264 as well, but I'm unsure which signatures to use. If you know which signatures we should use for these formats, please let me know. Also, note that http://www.w3.org/html/wg/wiki/ChangeProposals/NoVideoContentType will likely have an effect on how we'll want to treat sniffing video, depending on whether that change proposal prevails. Thanks, Adam From ietf@adambarth.com Mon Jan 24 14:50:24 2011 Return-Path: X-Original-To: websec@core3.amsl.com Delivered-To: websec@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 2463C3A6995 for ; Mon, 24 Jan 2011 14:50:24 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -3.748 X-Spam-Level: X-Spam-Status: No, score=-3.748 tagged_above=-999 required=5 tests=[AWL=-0.771, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, RCVD_IN_DNSWL_LOW=-1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WkNNZ2hhvZX1 for ; Mon, 24 Jan 2011 14:50:23 -0800 (PST) Received: from mail-fx0-f44.google.com (mail-fx0-f44.google.com [209.85.161.44]) by core3.amsl.com (Postfix) with ESMTP id 1848D3A697B for ; Mon, 24 Jan 2011 14:50:22 -0800 (PST) Received: by fxm9 with SMTP id 9so5009158fxm.31 for ; Mon, 24 Jan 2011 14:53:18 -0800 (PST) Received: by 10.223.54.132 with SMTP id q4mr5012564fag.117.1295909598229; Mon, 24 Jan 2011 14:53:18 -0800 (PST) Received: from mail-iy0-f172.google.com (mail-iy0-f172.google.com [209.85.210.172]) by mx.google.com with ESMTPS id n15sm4804500fam.12.2011.01.24.14.53.17 (version=SSLv3 cipher=RC4-MD5); Mon, 24 Jan 2011 14:53:17 -0800 (PST) Received: by iyi42 with SMTP id 42so4946899iyi.31 for ; Mon, 24 Jan 2011 14:53:16 -0800 (PST) Received: by 10.231.13.133 with SMTP id c5mr5600690iba.39.1295909596211; Mon, 24 Jan 2011 14:53:16 -0800 (PST) MIME-Version: 1.0 Received: by 10.231.35.13 with HTTP; Mon, 24 Jan 2011 14:52:46 -0800 (PST) From: Adam Barth Date: Mon, 24 Jan 2011 14:52:46 -0800 Message-ID: To: websec Content-Type: text/plain; charset=ISO-8859-1 Subject: [websec] Please ignore draft-abarth-mime-sniff-06 X-BeenThere: websec@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Web Application Security Minus Authentication and Transport List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 24 Jan 2011 22:50:24 -0000 In preparing draft-ietf-websec-mime-sniff-01, I accidentally uploaded it as draft-abarth-mime-sniff-06 the first time. The two are identical, but you'll probably lead a happier life if you pretend draft-abarth-mime-sniff-06 doesn't exist. Kind regards, Adam From stpeter@stpeter.im Mon Jan 24 14:51:11 2011 Return-Path: X-Original-To: websec@core3.amsl.com Delivered-To: websec@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 270493A6995 for ; Mon, 24 Jan 2011 14:51:11 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -102.499 X-Spam-Level: X-Spam-Status: No, score=-102.499 tagged_above=-999 required=5 tests=[AWL=0.100, BAYES_00=-2.599, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fWNeohJDMaUr for ; Mon, 24 Jan 2011 14:51:10 -0800 (PST) Received: from stpeter.im (stpeter.im [207.210.219.233]) by core3.amsl.com (Postfix) with ESMTP id 55B203A697B for ; Mon, 24 Jan 2011 14:51:10 -0800 (PST) Received: from dhcp-64-101-72-234.cisco.com (dhcp-64-101-72-234.cisco.com [64.101.72.234]) (Authenticated sender: stpeter) by stpeter.im (Postfix) with ESMTPSA id 580DD400F6 for ; Mon, 24 Jan 2011 16:10:11 -0700 (MST) Message-ID: <4D3E030C.4070402@stpeter.im> Date: Mon, 24 Jan 2011 15:54:04 -0700 From: Peter Saint-Andre User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.5; en-US; rv:1.9.2.13) Gecko/20101207 Thunderbird/3.1.7 MIME-Version: 1.0 To: websec@ietf.org References: In-Reply-To: X-Enigmail-Version: 1.1.1 OpenPGP: url=http://www.saint-andre.com/me/stpeter.asc Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg=sha1; boundary="------------ms070203030302020405050706" Subject: Re: [websec] Please ignore draft-abarth-mime-sniff-06 X-BeenThere: websec@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Web Application Security Minus Authentication and Transport List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 24 Jan 2011 22:51:11 -0000 This is a cryptographically signed message in MIME format. --------------ms070203030302020405050706 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable On 1/24/11 3:52 PM, Adam Barth wrote: > In preparing draft-ietf-websec-mime-sniff-01, I accidentally uploaded > it as draft-abarth-mime-sniff-06 the first time. The two are > identical, but you'll probably lead a happier life if you pretend > draft-abarth-mime-sniff-06 doesn't exist. Thanks, Adam. I was quite happy to see draft-ietf-websec-mime-sniff-01 but now I'm even happier! ;-) --------------ms070203030302020405050706 Content-Type: application/pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" Content-Description: S/MIME Cryptographic Signature MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIITzjCC BjQwggQcoAMCAQICASMwDQYJKoZIhvcNAQELBQAwfTELMAkGA1UEBhMCSUwxFjAUBgNVBAoT DVN0YXJ0Q29tIEx0ZC4xKzApBgNVBAsTIlNlY3VyZSBEaWdpdGFsIENlcnRpZmljYXRlIFNp Z25pbmcxKTAnBgNVBAMTIFN0YXJ0Q29tIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA3 MTAyNDIxMDMzM1oXDTE3MTAyNDIxMDMzM1owgYwxCzAJBgNVBAYTAklMMRYwFAYDVQQKEw1T dGFydENvbSBMdGQuMSswKQYDVQQLEyJTZWN1cmUgRGlnaXRhbCBDZXJ0aWZpY2F0ZSBTaWdu aW5nMTgwNgYDVQQDEy9TdGFydENvbSBDbGFzcyAzIFByaW1hcnkgSW50ZXJtZWRpYXRlIENs aWVudCBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALmjSW4SPiDKlAinvVeL ZOVfItiuP1aRHL530E7QUc9icCwL33+PH+Js1HAh8CgWFl34sOxx1FJyS/C4VLPRsqDfP72j tzCVUAL0DAxZ7wgzQvFz7x61jGxfhYhqYb1+PPOLkYBbkRIrPMg3dLEdKmXIYJYXDH+mB/V/ jLo73/Kb7h/rNoNg/oHHSv5Jolyvp5IY2btfcTBfW/telEFj5rDTX2juTvZ3Qhf3XQX5ca3Q 7A10zrUV/cWJOJ7F5RltbEIaboZmX5JBUb3FhUiAdBotehAX6DbDOuYoJtVxmGof6GuVGcPo 98K4TJf8FHo+UA9EOVDp/W7fCqKT4sXk/XkCAwEAAaOCAa0wggGpMA8GA1UdEwEB/wQFMAMB Af8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBR7iZySlyShhEcCy3T8LvSs3DLl8zAfBgNV HSMEGDAWgBROC+8apEBbpRdphzDKNGhD0EGu8jBmBggrBgEFBQcBAQRaMFgwJwYIKwYBBQUH MAGGG2h0dHA6Ly9vY3NwLnN0YXJ0c3NsLmNvbS9jYTAtBggrBgEFBQcwAoYhaHR0cDovL3d3 dy5zdGFydHNzbC5jb20vc2ZzY2EuY3J0MFsGA1UdHwRUMFIwJ6AloCOGIWh0dHA6Ly93d3cu c3RhcnRzc2wuY29tL3Nmc2NhLmNybDAnoCWgI4YhaHR0cDovL2NybC5zdGFydHNzbC5jb20v c2ZzY2EuY3JsMIGABgNVHSAEeTB3MHUGCysGAQQBgbU3AQIBMGYwLgYIKwYBBQUHAgEWImh0 dHA6Ly93d3cuc3RhcnRzc2wuY29tL3BvbGljeS5wZGYwNAYIKwYBBQUHAgEWKGh0dHA6Ly93 d3cuc3RhcnRzc2wuY29tL2ludGVybWVkaWF0ZS5wZGYwDQYJKoZIhvcNAQELBQADggIBAGpd SbdLFMhirxK37V4gE00+uW74UdAXtDgQI3AsRZWtaRtKHgAxFBSteqz4kDkeAjH/1b+K8tQR 6cxSI2nho7qOaPW/UpzOfSS/MeKK/9vfM2lfs+uItXH7LWtvS9wD1erfH1a+BXHCrCp4LA1l fADDhRIiGTSS3i0Zu5xV3INNRHrCCCl6patltQ8RZTqzDMri7ombgIxjN51Zo7xV77EZcThV 0GA8iIN+7T53uHhUJpjfLIztHs/69OclRvHux9hCflfOm7GY5Sc4nqjfES+5XPArGGWiQSEk ez37QfXqsxO3oCHK4b3DFZysG4uyOuC/WL80ab3muQ3tgwjBhq0D3JZN5kvu5gSuNZPa1WrV hEgXkd6C7s5stqB6/htVpshG08jRz9DEutGM9oKQ1ncTivbfPNx7pILoHWvvT7N5i/puVoNu bPUmLXh/2wA6wzAzuuoONiIL14Xpw6jLSnqpaLWElo2yTIFZ/CU/nCvvpW1Dj1457P3Ci9bD 0RPkWSR+CuucpgxrEmaw4UOLxflzuYYaq1RJwygOO5K0s2bAWOcXpgteyUOnQ3d/EjJAWRri 2v0ubiq+4H3KUOMlbznlPAY/1T8YyyJPM88+Ueahe/AW1zoUwZayNcTnuM7cq6yBV8Wr3GOI LFXhtT0UVuJLChPMJKVKVsa7qNorlLkMMIIGxzCCBa+gAwIBAgICAIswDQYJKoZIhvcNAQEF BQAwgYwxCzAJBgNVBAYTAklMMRYwFAYDVQQKEw1TdGFydENvbSBMdGQuMSswKQYDVQQLEyJT ZWN1cmUgRGlnaXRhbCBDZXJ0aWZpY2F0ZSBTaWduaW5nMTgwNgYDVQQDEy9TdGFydENvbSBD bGFzcyAzIFByaW1hcnkgSW50ZXJtZWRpYXRlIENsaWVudCBDQTAeFw0xMDEwMTQwMTM2MzRa Fw0xMjEwMTQxMjAxMDdaMIHAMSAwHgYDVQQNExcyNzQ1ODEtOU5YMDRxeExEYjBvNDY5VDEL MAkGA1UEBhMCVVMxETAPBgNVBAgTCENvbG9yYWRvMQ8wDQYDVQQHEwZEZW52ZXIxLDAqBgNV BAsTI1N0YXJ0Q29tIFRydXN0ZWQgQ2VydGlmaWNhdGUgTWVtYmVyMRowGAYDVQQDExFQZXRl ciBTYWludC1BbmRyZTEhMB8GCSqGSIb3DQEJARYSc3RwZXRlckBzdHBldGVyLmltMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuERvnrkpQTx9wbJfgxbNKEYvt0IilecZRUM6 wrbCzIUPCocuYhaAJcQoqIyHaKybPQ7f+DIGIAolAa3dHnNdlsXP2smTft/ZNpj10PIG5bil NAqLUYwmLJaEaqY7BMW8423U3blW43/luLJk/Pq4OsWcw7AK3LeVh1U/HOgqhin26N3h72X1 nbLEpZFrgcp8egmWtXLCbLBDMqUK3j6wjLldni79muzYEVqU0A5GqSeb8Wc4kIx8VI5yL24J KzinG2iVRP5ZDEbOZETzBXJabUsV56XSxqPG9DK6ke+ybCiL/wKV1HFqdtFB1y25lfvHgOP2 gyEApBKEDNjgLmKyyQIDAQABo4IC+zCCAvcwCQYDVR0TBAIwADALBgNVHQ8EBAMCBLAwHQYD VR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMEMB0GA1UdDgQWBBS2EW2iNB+g0EibKJLBdv8I eLovVDAfBgNVHSMEGDAWgBR7iZySlyShhEcCy3T8LvSs3DLl8zAdBgNVHREEFjAUgRJzdHBl dGVyQHN0cGV0ZXIuaW0wggFCBgNVHSAEggE5MIIBNTCCATEGCysGAQQBgbU3AQICMIIBIDAu BggrBgEFBQcCARYiaHR0cDovL3d3dy5zdGFydHNzbC5jb20vcG9saWN5LnBkZjA0BggrBgEF BQcCARYoaHR0cDovL3d3dy5zdGFydHNzbC5jb20vaW50ZXJtZWRpYXRlLnBkZjCBtwYIKwYB BQUHAgIwgaowFBYNU3RhcnRDb20gTHRkLjADAgEBGoGRTGltaXRlZCBMaWFiaWxpdHksIHNl ZSBzZWN0aW9uICpMZWdhbCBMaW1pdGF0aW9ucyogb2YgdGhlIFN0YXJ0Q29tIENlcnRpZmlj YXRpb24gQXV0aG9yaXR5IFBvbGljeSBhdmFpbGFibGUgYXQgaHR0cDovL3d3dy5zdGFydHNz bC5jb20vcG9saWN5LnBkZjBjBgNVHR8EXDBaMCugKaAnhiVodHRwOi8vd3d3LnN0YXJ0c3Ns LmNvbS9jcnR1My1jcmwuY3JsMCugKaAnhiVodHRwOi8vY3JsLnN0YXJ0c3NsLmNvbS9jcnR1 My1jcmwuY3JsMIGOBggrBgEFBQcBAQSBgTB/MDkGCCsGAQUFBzABhi1odHRwOi8vb2NzcC5z dGFydHNzbC5jb20vc3ViL2NsYXNzMy9jbGllbnQvY2EwQgYIKwYBBQUHMAKGNmh0dHA6Ly93 d3cuc3RhcnRzc2wuY29tL2NlcnRzL3N1Yi5jbGFzczMuY2xpZW50LmNhLmNydDAjBgNVHRIE HDAahhhodHRwOi8vd3d3LnN0YXJ0c3NsLmNvbS8wDQYJKoZIhvcNAQEFBQADggEBADVtbXJG tKAr55xc/OUM546gXUybI72Bank0w739Mv+9BBNtq9rMEvCnLmSKhBi76c1mdXh6zXs8RQDo 6nR/aPabE3llF2T4z80smi9jfnl3y9dpu9TcgDoqDLZ7a2lBlW656XAAQzHjvLp2MC7/mxlg PYH2axa+q40mAYM20GbNsAEGbWQT1IqIh0BcLLsgbaMJHbyG/57zd9JLyMX3Vry1L1fJRQr3 GeLxMV5RtxN+mBgxrwFz/cOc09COiFExlsHgekpB5O43gqsAU16MXypyoSt4MrSfKTMHIGx6 2RF/M6vqUlvhi28gk2ZUvQ/+OX5+gjcZyooEzAAn4RuOKNswggbHMIIFr6ADAgECAgIAizAN BgkqhkiG9w0BAQUFADCBjDELMAkGA1UEBhMCSUwxFjAUBgNVBAoTDVN0YXJ0Q29tIEx0ZC4x KzApBgNVBAsTIlNlY3VyZSBEaWdpdGFsIENlcnRpZmljYXRlIFNpZ25pbmcxODA2BgNVBAMT L1N0YXJ0Q29tIENsYXNzIDMgUHJpbWFyeSBJbnRlcm1lZGlhdGUgQ2xpZW50IENBMB4XDTEw MTAxNDAxMzYzNFoXDTEyMTAxNDEyMDEwN1owgcAxIDAeBgNVBA0TFzI3NDU4MS05TlgwNHF4 TERiMG80NjlUMQswCQYDVQQGEwJVUzERMA8GA1UECBMIQ29sb3JhZG8xDzANBgNVBAcTBkRl bnZlcjEsMCoGA1UECxMjU3RhcnRDb20gVHJ1c3RlZCBDZXJ0aWZpY2F0ZSBNZW1iZXIxGjAY BgNVBAMTEVBldGVyIFNhaW50LUFuZHJlMSEwHwYJKoZIhvcNAQkBFhJzdHBldGVyQHN0cGV0 ZXIuaW0wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4RG+euSlBPH3Bsl+DFs0o Ri+3QiKV5xlFQzrCtsLMhQ8Khy5iFoAlxCiojIdorJs9Dt/4MgYgCiUBrd0ec12Wxc/ayZN+ 39k2mPXQ8gbluKU0CotRjCYsloRqpjsExbzjbdTduVbjf+W4smT8+rg6xZzDsArct5WHVT8c 6CqGKfbo3eHvZfWdssSlkWuBynx6CZa1csJssEMypQrePrCMuV2eLv2a7NgRWpTQDkapJ5vx ZziQjHxUjnIvbgkrOKcbaJVE/lkMRs5kRPMFclptSxXnpdLGo8b0MrqR77JsKIv/ApXUcWp2 0UHXLbmV+8eA4/aDIQCkEoQM2OAuYrLJAgMBAAGjggL7MIIC9zAJBgNVHRMEAjAAMAsGA1Ud DwQEAwIEsDAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQwHQYDVR0OBBYEFLYRbaI0 H6DQSJsoksF2/wh4ui9UMB8GA1UdIwQYMBaAFHuJnJKXJKGERwLLdPwu9KzcMuXzMB0GA1Ud EQQWMBSBEnN0cGV0ZXJAc3RwZXRlci5pbTCCAUIGA1UdIASCATkwggE1MIIBMQYLKwYBBAGB tTcBAgIwggEgMC4GCCsGAQUFBwIBFiJodHRwOi8vd3d3LnN0YXJ0c3NsLmNvbS9wb2xpY3ku cGRmMDQGCCsGAQUFBwIBFihodHRwOi8vd3d3LnN0YXJ0c3NsLmNvbS9pbnRlcm1lZGlhdGUu cGRmMIG3BggrBgEFBQcCAjCBqjAUFg1TdGFydENvbSBMdGQuMAMCAQEagZFMaW1pdGVkIExp YWJpbGl0eSwgc2VlIHNlY3Rpb24gKkxlZ2FsIExpbWl0YXRpb25zKiBvZiB0aGUgU3RhcnRD b20gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgUG9saWN5IGF2YWlsYWJsZSBhdCBodHRwOi8v d3d3LnN0YXJ0c3NsLmNvbS9wb2xpY3kucGRmMGMGA1UdHwRcMFowK6ApoCeGJWh0dHA6Ly93 d3cuc3RhcnRzc2wuY29tL2NydHUzLWNybC5jcmwwK6ApoCeGJWh0dHA6Ly9jcmwuc3RhcnRz c2wuY29tL2NydHUzLWNybC5jcmwwgY4GCCsGAQUFBwEBBIGBMH8wOQYIKwYBBQUHMAGGLWh0 dHA6Ly9vY3NwLnN0YXJ0c3NsLmNvbS9zdWIvY2xhc3MzL2NsaWVudC9jYTBCBggrBgEFBQcw AoY2aHR0cDovL3d3dy5zdGFydHNzbC5jb20vY2VydHMvc3ViLmNsYXNzMy5jbGllbnQuY2Eu Y3J0MCMGA1UdEgQcMBqGGGh0dHA6Ly93d3cuc3RhcnRzc2wuY29tLzANBgkqhkiG9w0BAQUF AAOCAQEANW1tcka0oCvnnFz85QznjqBdTJsjvYFqeTTDvf0y/70EE22r2swS8KcuZIqEGLvp zWZ1eHrNezxFAOjqdH9o9psTeWUXZPjPzSyaL2N+eXfL12m71NyAOioMtntraUGVbrnpcABD MeO8unYwLv+bGWA9gfZrFr6rjSYBgzbQZs2wAQZtZBPUioiHQFwsuyBtowkdvIb/nvN30kvI xfdWvLUvV8lFCvcZ4vExXlG3E36YGDGvAXP9w5zT0I6IUTGWweB6SkHk7jeCqwBTXoxfKnKh K3gytJ8pMwcgbHrZEX8zq+pSW+GLbyCTZlS9D/45fn6CNxnKigTMACfhG44o2zGCA80wggPJ AgEBMIGTMIGMMQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkGA1UE CxMiU2VjdXJlIERpZ2l0YWwgQ2VydGlmaWNhdGUgU2lnbmluZzE4MDYGA1UEAxMvU3RhcnRD b20gQ2xhc3MgMyBQcmltYXJ5IEludGVybWVkaWF0ZSBDbGllbnQgQ0ECAgCLMAkGBSsOAwIa BQCgggIOMBgGCSqGSIb3DQEJAzELBgkqhkiG9w0BBwEwHAYJKoZIhvcNAQkFMQ8XDTExMDEy NDIyNTQwNFowIwYJKoZIhvcNAQkEMRYEFH/wmBeW+BWVC/kjW2kLXgyiNeeJMF8GCSqGSIb3 DQEJDzFSMFAwCwYJYIZIAWUDBAECMAoGCCqGSIb3DQMHMA4GCCqGSIb3DQMCAgIAgDANBggq hkiG9w0DAgIBQDAHBgUrDgMCBzANBggqhkiG9w0DAgIBKDCBpAYJKwYBBAGCNxAEMYGWMIGT MIGMMQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkGA1UECxMiU2Vj dXJlIERpZ2l0YWwgQ2VydGlmaWNhdGUgU2lnbmluZzE4MDYGA1UEAxMvU3RhcnRDb20gQ2xh c3MgMyBQcmltYXJ5IEludGVybWVkaWF0ZSBDbGllbnQgQ0ECAgCLMIGmBgsqhkiG9w0BCRAC CzGBlqCBkzCBjDELMAkGA1UEBhMCSUwxFjAUBgNVBAoTDVN0YXJ0Q29tIEx0ZC4xKzApBgNV BAsTIlNlY3VyZSBEaWdpdGFsIENlcnRpZmljYXRlIFNpZ25pbmcxODA2BgNVBAMTL1N0YXJ0 Q29tIENsYXNzIDMgUHJpbWFyeSBJbnRlcm1lZGlhdGUgQ2xpZW50IENBAgIAizANBgkqhkiG 9w0BAQEFAASCAQANzNiHWHH/pEDZrYQSDCOezbMvLohKlE7FLt6xsxZbsrZ83UKtv39yrXGW 2PW7sdgSoSPdX4unnw1cub6la8XOKzvbtWC+mFQeLaZ8TBC7iU6FqdVsCYlFAB8UW4/lopXJ 3vqiidxQQWEqzQWOF4Su9Zq9hoHqezsf8ACgISZ64uqopu7ECqhcHQaSF6NGgei1+7ZhiVOU jSN743KYMB/m7QBSDwoNujZunqzqugj4y/gzqWe7mBbc5Qh3jtK4KwxLa1Z87R5WIaKdgxra gMg/4wh0GZ70fzkD5AB3pD7om8u64odf2M6CKexBzNzrBpi4nyAxdob1nCb3Po9LN3BLAAAA AAAA --------------ms070203030302020405050706-- From annevk@opera.com Tue Jan 25 04:13:26 2011 Return-Path: X-Original-To: websec@core3.amsl.com Delivered-To: websec@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 0597C3A6B9A for ; Tue, 25 Jan 2011 04:13:26 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -6.132 X-Spam-Level: X-Spam-Status: No, score=-6.132 tagged_above=-999 required=5 tests=[AWL=-1.392, BAYES_20=-0.74, RCVD_IN_DNSWL_MED=-4] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZdBGtd9HZ4mD for ; Tue, 25 Jan 2011 04:13:25 -0800 (PST) Received: from smtp.opera.com (smtp.opera.com [213.236.208.81]) by core3.amsl.com (Postfix) with ESMTP id BB57A3A685D for ; Tue, 25 Jan 2011 04:13:24 -0800 (PST) Received: from anne-van-kesterens-macbook-pro.local (pat-tdc.opera.com [213.236.208.22]) (authenticated bits=0) by smtp.opera.com (8.14.3/8.14.3/Debian-5+lenny1) with ESMTP id p0PCGKOK012104 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT) for ; Tue, 25 Jan 2011 12:16:21 GMT Content-Type: text/plain; charset=utf-8; format=flowed; delsp=yes To: websec Date: Tue, 25 Jan 2011 13:16:20 +0100 MIME-Version: 1.0 Content-Transfer-Encoding: 7bit From: "Anne van Kesteren" Organization: Opera Software Message-ID: User-Agent: Opera Mail/11.00 (MacIntel) X-Scanned-By: MIMEDefang 2.64 on 213.236.208.81 Subject: [websec] Font sniffing X-BeenThere: websec@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Web Application Security Minus Authentication and Transport List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 25 Jan 2011 12:13:26 -0000 Due to nobody taking specifying media types, Content-Type for fonts is a lost cause. They probably need a loading context similar to images which the @font-face specification should use at some point. Here are the signatures that Opera handles: 0x74746366 'ttcf' (TTC; TrueType Collection) 0x4F54544F 'OTTO' (OTF; OpenType) 0x00010000 (TTF; TrueType) 0x774F4646 'wOFF' (WOFF; Web Open Font Format) For WOFF application/font-woff is being registered it seems, but nobody enforces that to my knowledge. I.e. user agents sniff. In case it was unclear this is feedback on http://tools.ietf.org/html/draft-ietf-websec-mime-sniff :-) -- Anne van Kesteren http://annevankesteren.nl/ From tobias.gondrom@gondrom.org Tue Jan 25 11:13:21 2011 Return-Path: X-Original-To: websec@core3.amsl.com Delivered-To: websec@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 190193A6876 for ; Tue, 25 Jan 2011 11:13:21 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -93.912 X-Spam-Level: X-Spam-Status: No, score=-93.912 tagged_above=-999 required=5 tests=[AWL=0.850, BAYES_00=-2.599, FH_HELO_EQ_D_D_D_D=1.597, FH_HOST_EQ_D_D_D_D=0.765, FM_DDDD_TIMES_2=1.999, HELO_DYNAMIC_IPADDR=2.426, HELO_EQ_DE=0.35, J_CHICKENPOX_33=0.6, RDNS_DYNAMIC=0.1, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FYvDCc-707cu for ; Tue, 25 Jan 2011 11:13:19 -0800 (PST) Received: from lvps83-169-7-107.dedicated.hosteurope.de (lvps83-169-7-107.dedicated.hosteurope.de [83.169.7.107]) by core3.amsl.com (Postfix) with ESMTP id 532FA3A680A for ; Tue, 25 Jan 2011 11:13:19 -0800 (PST) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=default; d=gondrom.org; b=teUgSdfz/Nr3WZYHkG654+7I9wUhXcD5sljQHsNQruU+5MUj/WtBStM2Sv6Lz0Eh+B/UoHGnehpLz5jy7BI1uEq3Smu32VNfnbgYWWteSkAjUJT0nQ3wG0T/wQPWNng1; h=Received:Received:Message-ID:Date:From:User-Agent:MIME-Version:To:Subject:References:In-Reply-To:X-Enigmail-Version:Content-Type:Content-Transfer-Encoding; Received: (qmail 30134 invoked from network); 25 Jan 2011 20:15:02 +0100 Received: from host-52-160.london.edu (HELO seraphim.heaven) (163.119.52.160) by lvps83-169-7-107.dedicated.hosteurope.de with (DHE-RSA-AES256-SHA encrypted) SMTP; 25 Jan 2011 20:15:02 +0100 Message-ID: <4D3F2164.2050401@gondrom.org> Date: Tue, 25 Jan 2011 19:15:48 +0000 From: Tobias Gondrom User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.13) Gecko/20101206 SUSE/3.1.7 Lightning/1.0b2 Thunderbird/3.1.7 MIME-Version: 1.0 To: ietf@adambarth.com, websec@ietf.org References: In-Reply-To: X-Enigmail-Version: 1.1.1 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Subject: [websec] draft-ietf-websec-mime-sniff - questions X-BeenThere: websec@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Web Application Security Minus Authentication and Transport List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 25 Jan 2011 19:13:21 -0000 Hello Adam, hello fellow websec members, thanks a lot for the new version. Just been reading through your draft again and have a few questions and comments (as an individual, not in my WG chair role): 0. unfortunately don't know too much about video format sniffing, so hope someone else can help with MP3 and H.264? 1. in section 2, page 5: a note states: "If an HTTP response contains multiple Content-Type header fields, the user agent MUST use the textually last Content-Type header field to the official-type.For example, if the last Content-Type header field contains the value "foo", then there is no official media type because "foo" cannot be interpreted as a media type (even if the HTTP response contains another Content-Type header field that could be interpreted as a media type)." Question: Does this derive from a requirement in RFC2616 or is this your recommendation and if the latter why can't a user agent use a content-type he supports? 2. And regarding Mime-sniffing when a content-type is set: Although rfc2616 states that mime-types may only be guessed by a recipient, do you know whether common browser implementations guess the mime-type even when the content-type is given (I believe to remember to have run into this in some windows scenarios when the browser read the content-type and handed the data over to the OS for display and the OS then determined a different media-type (using magic numbers, filename-extensions, etc.) and again opened a totally different application. Are you aware whether this is still true? (RFC2616, section 7.2.1 "Any HTTP/1.1 message containing an entity-body SHOULD include a Content-Type header field defining the media type of that body. If and only if the media type is not given by a Content-Type field, the recipient MAY attempt to guess the media type via inspection of its content and/or the name extension(s) of the URI used to identify the resource. If the media type remains unknown, the recipient SHOULD treat it as type "application/octet-stream".") 3. In section 5 I noticed that you classified postscript as "safe". Am not sure whether this problem still exists, but I recall an instance a few years back when I actually saw an attack using a postscript file, that contained a script that would be executed on the server when the file was rendered by a postscript library to another format (e.g. the script then kicked in and started printing s.th.) This flaw may not have been due to postscript, but only due to the library, but am not sure that postscript specification doesn't contain any scriptable content (file operations, printing) anymore? and some more strategic questions: 4. What do you think, should we consider that a server be able to declare in the http header that the client "MUST not" use mime-sniffing and by this enforce a stricter mime-identification policy at the client? 5. And on another note, how do you think about different levels of strictness (either to be set in the client and/or in the server (http header): for example to illustrate this more, three levels: a) disable mime-sniffing, b) conservative mime-identification, c) flexible mime identification. 6. and maybe stupid question: In section 6: Why does svg+xml get a special treatment? ("If the official-type is "image/svg+xml", then let the sniffed-type be the official-type (an XML type) and abort these steps.") Many greetings Tobias On 01/24/2011 10:35 PM, Adam Barth wrote: > Websecians, > > I've uploaded a new draft of draft-ietf-websec-mime-sniff that > contains a handful of signatures for video and audio types supported > by web browsers: > > http://www.ietf.org/id/draft-ietf-websec-mime-sniff-01.txt > > I've been trying to avoid getting embroiled in the video/audio format > mess, but several folks have asked me to add this information to the > document so that browsers can improve their interoperability. > > As you can see, I've added WebP, Ogg, WAVE, and WebM: > > http://tools.ietf.org//rfcdiff?url1=http%3A//www.ietf.org/id/draft-ietf-websec-mime-sniff-00.txt&url2=http%3A//www.ietf.org/id/draft-ietf-websec-mime-sniff-01.txt > > I would like to add MP3 and H.264 as well, but I'm unsure which > signatures to use. If you know which signatures we should use for > these formats, please let me know. Also, note that > http://www.w3.org/html/wg/wiki/ChangeProposals/NoVideoContentType will > likely have an effect on how we'll want to treat sniffing video, > depending on whether that change proposal prevails. > > Thanks, > Adam > _______________________________________________ > websec mailing list > websec@ietf.org > https://www.ietf.org/mailman/listinfo/websec From julian.reschke@gmx.de Tue Jan 25 11:30:06 2011 Return-Path: X-Original-To: websec@core3.amsl.com Delivered-To: websec@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 7783A3A6881 for ; Tue, 25 Jan 2011 11:30:06 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -104.158 X-Spam-Level: X-Spam-Status: No, score=-104.158 tagged_above=-999 required=5 tests=[AWL=-1.559, BAYES_00=-2.599, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dKMS-e94h0iA for ; Tue, 25 Jan 2011 11:30:04 -0800 (PST) Received: from mailout-de.gmx.net (mailout-de.gmx.net [213.165.64.22]) by core3.amsl.com (Postfix) with SMTP id C70883A6852 for ; Tue, 25 Jan 2011 11:30:03 -0800 (PST) Received: (qmail invoked by alias); 25 Jan 2011 19:33:00 -0000 Received: from mail.greenbytes.de (EHLO [192.168.1.133]) [217.91.35.233] by mail.gmx.net (mp022) with SMTP; 25 Jan 2011 20:33:00 +0100 X-Authenticated: #1915285 X-Provags-ID: V01U2FsdGVkX1/gdSZtO+3g6RfNS/IfGyXhZlQg/twybtW+qBYqan RfOdtV5lApmg70 Message-ID: <4D3F2564.8000505@gmx.de> Date: Tue, 25 Jan 2011 20:32:52 +0100 From: Julian Reschke User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101207 Lightning/1.0b2 Thunderbird/3.1.7 MIME-Version: 1.0 To: Tobias Gondrom References: <4D3F2164.2050401@gondrom.org> In-Reply-To: <4D3F2164.2050401@gondrom.org> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Y-GMX-Trusted: 0 Cc: websec@ietf.org Subject: Re: [websec] draft-ietf-websec-mime-sniff - questions X-BeenThere: websec@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Web Application Security Minus Authentication and Transport List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 25 Jan 2011 19:30:06 -0000 On 25.01.2011 20:15, Tobias Gondrom wrote: > ... > 1. in section 2, page 5: a note states: "If an HTTP response contains > multiple Content-Type header fields, the user agent MUST use the > textually last Content-Type header field to the official-type.For > example, if the last Content-Type header field contains the value "foo", > then there is no official media type because "foo" cannot be interpreted > as a media type (even if the HTTP response contains another Content-Type > header field that could be interpreted as a media type)." > Question: Does this derive from a requirement in RFC2616 or is this your > recommendation and if the latter why can't a user agent use a > content-type he supports? > ... Speaking for me, not Adam: this is not an RFC2616 requirement; a message that has multiple Content-Type headers is invalid per RFC 2616. > ... > 2. And regarding Mime-sniffing when a content-type is set: > Although rfc2616 states that mime-types may only be guessed by a > recipient, do you know whether common browser implementations guess the > mime-type even when the content-type is given (I believe to remember to > have run into this in some windows scenarios when the browser read the > content-type and handed the data over to the OS for display and the OS > then determined a different media-type (using magic numbers, > filename-extensions, etc.) and again opened a totally different > application. Are you aware whether this is still true? This is still true, but AFAIK IE has improved. > (RFC2616, section 7.2.1 "Any HTTP/1.1 message containing an entity-body > SHOULD include a Content-Type header field defining the media type of > that body. If and only if the media type is not given by a Content-Type > field, the recipient MAY attempt to guess the media type via inspection > of its content and/or the name extension(s) of the URI used to identify > the resource. If the media type remains unknown, the recipient SHOULD > treat it as type "application/octet-stream".") > ... See also: and : > 4.2 Representation Data > > The representation body associated with an HTTP message is either provided as the payload body of the message or referred to by the message semantics and the effective request URI. The representation data is in a format and encoding defined by the representation metadata header fields. > > The data type of the representation data is determined via the header fields Content-Type and Content-Encoding. These define a two-layer, ordered encoding model: > > representation-data := Content-Encoding( Content-Type( bits ) ) > > Content-Type specifies the media type of the underlying data, which defines both the data format and how that data SHOULD be processed by the recipient (within the scope of the request method semantics). Any HTTP/1.1 message containing a payload body SHOULD include a Content-Type header field defining the media type of the associated representation unless that metadata is unknown to the sender. If the Content-Type header field is not present, it indicates that the sender does not know the media type of the representation; recipients MAY either assume that the media type is "application/octet-stream" ([RFC2046], Section 4.5.1) or examine the content to determine its type. > > In practice, resource owners do not always properly configure their origin server to provide the correct Content-Type for a given representation, with the result that some clients will examine a response body's content and override the specified type. Clients that do so risk drawing incorrect conclusions, which might expose additional security risks (e.g., "privilege escalation"). Furthermore, it is impossible to determine the sender's intent by examining the data format: many data formats match multiple media types that differ only in processing semantics. Implementers are encouraged to provide a means of disabling such "content sniffing" when it is used. > > Content-Encoding is used to indicate any additional content codings applied to the data, usually for the purpose of data compression, that are a property of the representation. If Content-Encoding is not present, then there is no additional encoding beyond that defined by the Content-Type. > ... > and some more strategic questions: > 4. What do you think, should we consider that a server be able to > declare in the http header that the client "MUST not" use mime-sniffing > and by this enforce a stricter mime-identification policy at the client? > ... The so-called "I mean it" header.. Google sends X-Content-Type-Options: nosniff and I think IE respects that (just saying...). > ... Best regards, Julian From tobias.gondrom@gondrom.org Tue Jan 25 11:31:25 2011 Return-Path: X-Original-To: websec@core3.amsl.com Delivered-To: websec@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id A68BD3A683B for ; Tue, 25 Jan 2011 11:31:25 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -94.337 X-Spam-Level: X-Spam-Status: No, score=-94.337 tagged_above=-999 required=5 tests=[AWL=0.425, BAYES_00=-2.599, FH_HELO_EQ_D_D_D_D=1.597, FH_HOST_EQ_D_D_D_D=0.765, FM_DDDD_TIMES_2=1.999, HELO_DYNAMIC_IPADDR=2.426, HELO_EQ_DE=0.35, J_CHICKENPOX_12=0.6, RDNS_DYNAMIC=0.1, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id W4OUCAkz9fOE for ; Tue, 25 Jan 2011 11:31:24 -0800 (PST) Received: from lvps83-169-7-107.dedicated.hosteurope.de (lvps83-169-7-107.dedicated.hosteurope.de [83.169.7.107]) by core3.amsl.com (Postfix) with ESMTP id 451033A687F for ; Tue, 25 Jan 2011 11:31:24 -0800 (PST) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=default; d=gondrom.org; b=jBGMKhJYlPyAGn96+90x0FqdDXeEvBPrwFIsXCikW0okkpelnwuK3kvR4BiCTk1YNOUiw6O1ad2A7qJBF5ZmmwR54Lnn4LJ86ZQlsiFiA9rQxJol1UkZxZD5xxwa7QwC; h=Received:Received:Message-ID:Date:From:User-Agent:MIME-Version:To:Subject:References:In-Reply-To:X-Enigmail-Version:Content-Type:Content-Transfer-Encoding; Received: (qmail 19945 invoked from network); 25 Jan 2011 20:26:44 +0100 Received: from host-52-160.london.edu (HELO seraphim.heaven) (163.119.52.160) by lvps83-169-7-107.dedicated.hosteurope.de with (DHE-RSA-AES256-SHA encrypted) SMTP; 25 Jan 2011 20:26:44 +0100 Message-ID: <4D3F2419.4080302@gondrom.org> Date: Tue, 25 Jan 2011 19:27:21 +0000 From: Tobias Gondrom User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.13) Gecko/20101206 SUSE/3.1.7 Lightning/1.0b2 Thunderbird/3.1.7 MIME-Version: 1.0 To: websec@ietf.org, annevk@opera.com References: In-Reply-To: X-Enigmail-Version: 1.1.1 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Subject: Re: [websec] Font sniffing X-BeenThere: websec@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Web Application Security Minus Authentication and Transport List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 25 Jan 2011 19:31:25 -0000 Anne, Sorry, I don't understand what you mean with your comment. AFAIK font sniffing was not the intent for the draft-ietf-websec-mime-sniff draft. Do you suggest to do s.th. in websec in this regard (font types) and why/what? - Tobias On 01/25/2011 12:16 PM, Anne van Kesteren wrote: > Due to nobody taking specifying media types, Content-Type for fonts is > a lost cause. They probably need a loading context similar to images > which the @font-face specification should use at some point. > > Here are the signatures that Opera handles: > > 0x74746366 'ttcf' (TTC; TrueType Collection) > 0x4F54544F 'OTTO' (OTF; OpenType) > 0x00010000 (TTF; TrueType) > 0x774F4646 'wOFF' (WOFF; Web Open Font Format) > > For WOFF application/font-woff is being registered it seems, but > nobody enforces that to my knowledge. I.e. user agents sniff. > > > In case it was unclear this is feedback on > http://tools.ietf.org/html/draft-ietf-websec-mime-sniff :-) > > From annevk@opera.com Tue Jan 25 12:03:00 2011 Return-Path: X-Original-To: websec@core3.amsl.com Delivered-To: websec@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 3E9443A6892 for ; Tue, 25 Jan 2011 12:03:00 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -5.999 X-Spam-Level: X-Spam-Status: No, score=-5.999 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, J_CHICKENPOX_12=0.6, RCVD_IN_DNSWL_MED=-4] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id swQjRR7ZklXp for ; Tue, 25 Jan 2011 12:02:59 -0800 (PST) Received: from smtp.opera.com (smtp.opera.com [213.236.208.81]) by core3.amsl.com (Postfix) with ESMTP id E760F3A688F for ; Tue, 25 Jan 2011 12:02:58 -0800 (PST) Received: from anne-van-kesterens-macbook-pro.local ([178.226.41.244]) (authenticated bits=0) by smtp.opera.com (8.14.3/8.14.3/Debian-5+lenny1) with ESMTP id p0PK5qio013896 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Tue, 25 Jan 2011 20:05:55 GMT Content-Type: text/plain; charset=utf-8; format=flowed; delsp=yes To: websec@ietf.org, "Tobias Gondrom" References: <4D3F2419.4080302@gondrom.org> Date: Tue, 25 Jan 2011 21:05:53 +0100 MIME-Version: 1.0 Content-Transfer-Encoding: 7bit From: "Anne van Kesteren" Organization: Opera Software Message-ID: In-Reply-To: <4D3F2419.4080302@gondrom.org> User-Agent: Opera Mail/11.00 (MacIntel) X-Scanned-By: MIMEDefang 2.64 on 213.236.208.81 Subject: Re: [websec] Font sniffing X-BeenThere: websec@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Web Application Security Minus Authentication and Transport List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 25 Jan 2011 20:03:00 -0000 On Tue, 25 Jan 2011 20:27:21 +0100, Tobias Gondrom wrote: > Anne, > Sorry, I don't understand what you mean with your comment. > AFAIK font sniffing was not the intent for the > draft-ietf-websec-mime-sniff draft. > Do you suggest to do s.th. in websec in this regard (font types) and > why/what? I am not sure what "s.th." means, but similar to sniffing rules for e.g. images (currently in the document) user agents have sniffing rules for fonts (currently not in the document). I think they should both be in the document. And similar to how HTML's definition of references these rules, CSS definition of @font-face probably ought to reference them too. -- Anne van Kesteren http://annevankesteren.nl/ From ietf@adambarth.com Tue Jan 25 13:25:02 2011 Return-Path: X-Original-To: websec@core3.amsl.com Delivered-To: websec@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id C656B3A68BA for ; Tue, 25 Jan 2011 13:25:02 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -3.436 X-Spam-Level: X-Spam-Status: No, score=-3.436 tagged_above=-999 required=5 tests=[AWL=-1.059, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, J_CHICKENPOX_33=0.6, RCVD_IN_DNSWL_LOW=-1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id E9WykgF4Cqwk for ; Tue, 25 Jan 2011 13:24:59 -0800 (PST) Received: from mail-fx0-f44.google.com (mail-fx0-f44.google.com [209.85.161.44]) by core3.amsl.com (Postfix) with ESMTP id 152F33A6852 for ; Tue, 25 Jan 2011 13:24:56 -0800 (PST) Received: by fxm9 with SMTP id 9so263662fxm.31 for ; Tue, 25 Jan 2011 13:27:54 -0800 (PST) Received: by 10.223.93.144 with SMTP id v16mr6290305fam.35.1295990851392; Tue, 25 Jan 2011 13:27:31 -0800 (PST) Received: from mail-iw0-f172.google.com (mail-iw0-f172.google.com [209.85.214.172]) by mx.google.com with ESMTPS id 17sm5264356far.43.2011.01.25.13.27.29 (version=SSLv3 cipher=RC4-MD5); Tue, 25 Jan 2011 13:27:30 -0800 (PST) Received: by iwn40 with SMTP id 40so250033iwn.31 for ; Tue, 25 Jan 2011 13:27:28 -0800 (PST) Received: by 10.231.11.139 with SMTP id t11mr7263232ibt.189.1295990848428; Tue, 25 Jan 2011 13:27:28 -0800 (PST) MIME-Version: 1.0 Received: by 10.231.35.13 with HTTP; Tue, 25 Jan 2011 13:26:58 -0800 (PST) In-Reply-To: <4D3F2164.2050401@gondrom.org> References: <4D3F2164.2050401@gondrom.org> From: Adam Barth Date: Tue, 25 Jan 2011 13:26:58 -0800 Message-ID: To: Tobias Gondrom Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Cc: websec@ietf.org Subject: Re: [websec] draft-ietf-websec-mime-sniff - questions X-BeenThere: websec@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Web Application Security Minus Authentication and Transport List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 25 Jan 2011 21:25:03 -0000 On Tue, Jan 25, 2011 at 11:15 AM, Tobias Gondrom wrote: > 1. in section 2, page 5: a note states: "If an HTTP response contains > multiple Content-Type header fields, the user agent MUST use the > textually last Content-Type header field to the official-type.For > example, if the last Content-Type header field contains the value "foo", > then there is no official media type because "foo" cannot be interpreted > as a media type (even if the HTTP response contains another Content-Type > header field that could be interpreted as a media type)." > > Question: Does this derive from a requirement in RFC2616 or is this your > recommendation and if the latter why can't a user agent use a > content-type he supports? On Tue, Jan 25, 2011 at 11:32 AM, Julian Reschke wr= ote: > Speaking for me, not Adam: this is not an RFC2616 requirement; a message > that has multiple Content-Type headers is invalid per RFC 2616. That's correct. The intent of this document is to define a mapping between HTTP responses and media types that user agents have the option of using. In addition to the entity-body, the mapping also takes as input the HTTP headers that accompany the response. It just so happens that the textually last Content-Type header field gives better compatibility than using the textually first Content-Type header field (I didn't try other possible rules). More specifically, we used to use the first one, got a bunch of complaints, switch to using the last one, and no longer receive complaints. On Tue, Jan 25, 2011 at 11:15 AM, Tobias Gondrom wrote: > 2. And regarding Mime-sniffing when a content-type is set: > Although rfc2616 states that mime-types may only be guessed by a > recipient, do you know whether common browser implementations guess the > mime-type even when the content-type is given (I believe to remember to > have run into this in some windows scenarios when the browser read the > content-type and handed the data over to the OS for display and the OS > then determined a different media-type (using magic numbers, > filename-extensions, etc.) and again opened a totally different > application. Are you aware whether this is still true? Different browsers do different things in this regard. IE is the most permissive and willing to ignore many Content-Type header fields. Safari next most permissive. IMHO, both IE and Safari are too permissive in this regard. Chrome matches the spec exactly. Firefox is a stone's throw away from matching the spec. > (RFC2616, section 7.2.1 "Any HTTP/1.1 message containing an entity-body > SHOULD include a Content-Type header field defining the media type of > that body. If and only if the media type is not given by a Content-Type > field, the recipient MAY attempt to guess the media type via inspection > of its content and/or the name extension(s) of the URI used to identify > the resource. If the media type remains unknown, the recipient SHOULD > treat it as type "application/octet-stream".") Right. That's the problematic text that has relegated this topic to the doldrums for so long. > 3. In section 5 I noticed that you classified postscript as "safe". > Am not sure whether this problem still exists, but I recall an instance > a few years back when I actually saw an attack using a postscript file, > that contained a script that would be executed on the server when the > file was rendered by a postscript library to another format (e.g. the > script then kicked in and started printing s.th.) > This flaw may not have been due to postscript, but only due to the > library, but am not sure that postscript specification doesn't contain > any scriptable content (file operations, printing) anymore? Safe doesn't mean "vulnerability-free". Safe means "does not run with the origin's authority" care of draft-ietf-websec-origin. Maybe we should make that clearer? > and some more strategic questions: > 4. What do you think, should we consider that a server be able to > declare in the http header that the client "MUST not" use mime-sniffing > and by this enforce a stricter mime-identification policy at the client? On Tue, Jan 25, 2011 at 11:32 AM, Julian Reschke wr= ote: > The so-called "I mean it" header.. Google sends > > =A0X-Content-Type-Options: nosniff > > and I think IE respects that (just saying...). Chrome also implements the X-Content-Type-Options header. I think it would be reasonably to describe its semantics in this document. There are some interesting cases that are worth writing down. For example, what does the user agent do when X-Content-Type-Options says "nosniff" but there isn't a Content-Type header field? This case wasn't described in the original X-Content-Type-Options blog post. > 5. And on another note, how do you think about different levels of > strictness (either to be set in the client and/or in the server (http > header): for example to illustrate this more, three levels: > a) disable mime-sniffing, > b) conservative mime-identification, > c) flexible mime identification. The less complexity the better. IMHO, we should have (a) disable mime-sniffing and (b) follow the algorithm in this document. > 6. and maybe stupid question: > In section 6: Why does svg+xml get a special treatment? > ("If the official-type is "image/svg+xml", then let the sniffed-type be > the official-type (an XML type) and abort these steps.") Because that's what browsers do. :) The real reason has to do with how the tag is implemented in browsers. SVG images are rendered by the same rendering engine used by SVG documents, whereas other kinds of images (GIF, JPEG) are rendered by the image decoding subsystem. Most of the sniffing rules described in Section 6 are contained in the image decoding subsystem, which means SVG images bypass those rules. Adam > On 01/24/2011 10:35 PM, Adam Barth wrote: >> Websecians, >> >> I've uploaded a new draft of draft-ietf-websec-mime-sniff that >> contains a handful of signatures for video and audio types supported >> by web browsers: >> >> http://www.ietf.org/id/draft-ietf-websec-mime-sniff-01.txt >> >> I've been trying to avoid getting embroiled in the video/audio format >> mess, but several folks have asked me to add this information to the >> document so that browsers can improve their interoperability. >> >> As you can see, I've added WebP, Ogg, WAVE, and WebM: >> >> http://tools.ietf.org//rfcdiff?url1=3Dhttp%3A//www.ietf.org/id/draft-iet= f-websec-mime-sniff-00.txt&url2=3Dhttp%3A//www.ietf.org/id/draft-ietf-webse= c-mime-sniff-01.txt >> >> I would like to add MP3 and H.264 as well, but I'm unsure which >> signatures to use. =A0If you know which signatures we should use for >> these formats, please let me know. =A0Also, note that >> http://www.w3.org/html/wg/wiki/ChangeProposals/NoVideoContentType will >> likely have an effect on how we'll want to treat sniffing video, >> depending on whether that change proposal prevails. >> >> Thanks, >> Adam >> _______________________________________________ >> websec mailing list >> websec@ietf.org >> https://www.ietf.org/mailman/listinfo/websec > > From stpeter@stpeter.im Thu Jan 27 06:50:54 2011 Return-Path: X-Original-To: websec@core3.amsl.com Delivered-To: websec@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 1FDCC3A6824 for ; Thu, 27 Jan 2011 06:50:54 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -102.578 X-Spam-Level: X-Spam-Status: No, score=-102.578 tagged_above=-999 required=5 tests=[AWL=0.021, BAYES_00=-2.599, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rSrIM9v2hti1 for ; Thu, 27 Jan 2011 06:50:53 -0800 (PST) Received: from stpeter.im (stpeter.im [207.210.219.233]) by core3.amsl.com (Postfix) with ESMTP id E87983A672F for ; Thu, 27 Jan 2011 06:50:52 -0800 (PST) Received: from squire.local (dsl-251-175.dynamic-dsl.frii.net [216.17.251.175]) (Authenticated sender: stpeter) by stpeter.im (Postfix) with ESMTPSA id 9FFEB400F6 for ; Thu, 27 Jan 2011 08:10:15 -0700 (MST) Message-ID: <4D4186F2.5090902@stpeter.im> Date: Thu, 27 Jan 2011 07:53:38 -0700 From: Peter Saint-Andre User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.5; en-US; rv:1.9.2.13) Gecko/20101207 Thunderbird/3.1.7 MIME-Version: 1.0 To: websec@ietf.org X-Enigmail-Version: 1.1.1 OpenPGP: url=http://www.saint-andre.com/me/stpeter.asc Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg=sha1; boundary="------------ms020505000306050800040906" Subject: [websec] Fwd: Re: [Geopriv] "Do not track" header field X-BeenThere: websec@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Web Application Security Minus Authentication and Transport List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 27 Jan 2011 14:50:54 -0000 This is a cryptographically signed message in MIME format. --------------ms020505000306050800040906 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable FYI. -------- Original Message -------- Subject: Re: [Geopriv] "Do not track" header field Date: Tue, 25 Jan 2011 09:47:17 +0000 From: Alissa Cooper To: Richard L. Barnes CC: geopriv@ietf.org , Thomson, Martin And I've been talking to Sid at Mozilla about getting a draft ready before IETF 80. On Jan 24, 2011, at 9:49 PM, Richard L. Barnes wrote: > If you look at the Bugzilla link, Julian has already suggested that =20 > this go to WEBSEC for IETF approval and de-X-ification. > --Richard > > > On Jan 24, 2011, at 4:45 PM, Thomson, Martin wrote: > >> They should really drop the X-... >> >> On 2011-01-25 at 08:41:41, Richard L. Barnes wrote: >>> This will likely come up on the WEBSEC list as well, but I thought =20 >>> this >>> might be interesting to GEOPRIV folks: >>> >>> Mozilla and Google Chrome are proposing to extend browsers to send a >>> "do not track" HTTP header of the following form: >>> X-Tracking-Choice: do-not-track >>> >>> This seems like another example of users sending along privacy >>> preferences with their data, just like PIDF-LO privacy rules, =20 >>> Creative >>> Commons licenses, etc. >>> >>> References: >>> >> control-over-online-tracking/> >>> >>> >>> >>> --Richard >> > > _______________________________________________ > Geopriv mailing list > Geopriv@ietf.org > https://www.ietf.org/mailman/listinfo/geopriv > _______________________________________________ Geopriv mailing list Geopriv@ietf.org https://www.ietf.org/mailman/listinfo/geopriv --------------ms020505000306050800040906 Content-Type: application/pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" Content-Description: S/MIME Cryptographic Signature MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIITzjCC BjQwggQcoAMCAQICASMwDQYJKoZIhvcNAQELBQAwfTELMAkGA1UEBhMCSUwxFjAUBgNVBAoT DVN0YXJ0Q29tIEx0ZC4xKzApBgNVBAsTIlNlY3VyZSBEaWdpdGFsIENlcnRpZmljYXRlIFNp Z25pbmcxKTAnBgNVBAMTIFN0YXJ0Q29tIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA3 MTAyNDIxMDMzM1oXDTE3MTAyNDIxMDMzM1owgYwxCzAJBgNVBAYTAklMMRYwFAYDVQQKEw1T dGFydENvbSBMdGQuMSswKQYDVQQLEyJTZWN1cmUgRGlnaXRhbCBDZXJ0aWZpY2F0ZSBTaWdu aW5nMTgwNgYDVQQDEy9TdGFydENvbSBDbGFzcyAzIFByaW1hcnkgSW50ZXJtZWRpYXRlIENs aWVudCBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALmjSW4SPiDKlAinvVeL ZOVfItiuP1aRHL530E7QUc9icCwL33+PH+Js1HAh8CgWFl34sOxx1FJyS/C4VLPRsqDfP72j tzCVUAL0DAxZ7wgzQvFz7x61jGxfhYhqYb1+PPOLkYBbkRIrPMg3dLEdKmXIYJYXDH+mB/V/ jLo73/Kb7h/rNoNg/oHHSv5Jolyvp5IY2btfcTBfW/telEFj5rDTX2juTvZ3Qhf3XQX5ca3Q 7A10zrUV/cWJOJ7F5RltbEIaboZmX5JBUb3FhUiAdBotehAX6DbDOuYoJtVxmGof6GuVGcPo 98K4TJf8FHo+UA9EOVDp/W7fCqKT4sXk/XkCAwEAAaOCAa0wggGpMA8GA1UdEwEB/wQFMAMB Af8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBR7iZySlyShhEcCy3T8LvSs3DLl8zAfBgNV HSMEGDAWgBROC+8apEBbpRdphzDKNGhD0EGu8jBmBggrBgEFBQcBAQRaMFgwJwYIKwYBBQUH MAGGG2h0dHA6Ly9vY3NwLnN0YXJ0c3NsLmNvbS9jYTAtBggrBgEFBQcwAoYhaHR0cDovL3d3 dy5zdGFydHNzbC5jb20vc2ZzY2EuY3J0MFsGA1UdHwRUMFIwJ6AloCOGIWh0dHA6Ly93d3cu c3RhcnRzc2wuY29tL3Nmc2NhLmNybDAnoCWgI4YhaHR0cDovL2NybC5zdGFydHNzbC5jb20v c2ZzY2EuY3JsMIGABgNVHSAEeTB3MHUGCysGAQQBgbU3AQIBMGYwLgYIKwYBBQUHAgEWImh0 dHA6Ly93d3cuc3RhcnRzc2wuY29tL3BvbGljeS5wZGYwNAYIKwYBBQUHAgEWKGh0dHA6Ly93 d3cuc3RhcnRzc2wuY29tL2ludGVybWVkaWF0ZS5wZGYwDQYJKoZIhvcNAQELBQADggIBAGpd SbdLFMhirxK37V4gE00+uW74UdAXtDgQI3AsRZWtaRtKHgAxFBSteqz4kDkeAjH/1b+K8tQR 6cxSI2nho7qOaPW/UpzOfSS/MeKK/9vfM2lfs+uItXH7LWtvS9wD1erfH1a+BXHCrCp4LA1l fADDhRIiGTSS3i0Zu5xV3INNRHrCCCl6patltQ8RZTqzDMri7ombgIxjN51Zo7xV77EZcThV 0GA8iIN+7T53uHhUJpjfLIztHs/69OclRvHux9hCflfOm7GY5Sc4nqjfES+5XPArGGWiQSEk ez37QfXqsxO3oCHK4b3DFZysG4uyOuC/WL80ab3muQ3tgwjBhq0D3JZN5kvu5gSuNZPa1WrV hEgXkd6C7s5stqB6/htVpshG08jRz9DEutGM9oKQ1ncTivbfPNx7pILoHWvvT7N5i/puVoNu bPUmLXh/2wA6wzAzuuoONiIL14Xpw6jLSnqpaLWElo2yTIFZ/CU/nCvvpW1Dj1457P3Ci9bD 0RPkWSR+CuucpgxrEmaw4UOLxflzuYYaq1RJwygOO5K0s2bAWOcXpgteyUOnQ3d/EjJAWRri 2v0ubiq+4H3KUOMlbznlPAY/1T8YyyJPM88+Ueahe/AW1zoUwZayNcTnuM7cq6yBV8Wr3GOI LFXhtT0UVuJLChPMJKVKVsa7qNorlLkMMIIGxzCCBa+gAwIBAgICAIswDQYJKoZIhvcNAQEF BQAwgYwxCzAJBgNVBAYTAklMMRYwFAYDVQQKEw1TdGFydENvbSBMdGQuMSswKQYDVQQLEyJT ZWN1cmUgRGlnaXRhbCBDZXJ0aWZpY2F0ZSBTaWduaW5nMTgwNgYDVQQDEy9TdGFydENvbSBD bGFzcyAzIFByaW1hcnkgSW50ZXJtZWRpYXRlIENsaWVudCBDQTAeFw0xMDEwMTQwMTM2MzRa Fw0xMjEwMTQxMjAxMDdaMIHAMSAwHgYDVQQNExcyNzQ1ODEtOU5YMDRxeExEYjBvNDY5VDEL MAkGA1UEBhMCVVMxETAPBgNVBAgTCENvbG9yYWRvMQ8wDQYDVQQHEwZEZW52ZXIxLDAqBgNV BAsTI1N0YXJ0Q29tIFRydXN0ZWQgQ2VydGlmaWNhdGUgTWVtYmVyMRowGAYDVQQDExFQZXRl ciBTYWludC1BbmRyZTEhMB8GCSqGSIb3DQEJARYSc3RwZXRlckBzdHBldGVyLmltMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuERvnrkpQTx9wbJfgxbNKEYvt0IilecZRUM6 wrbCzIUPCocuYhaAJcQoqIyHaKybPQ7f+DIGIAolAa3dHnNdlsXP2smTft/ZNpj10PIG5bil NAqLUYwmLJaEaqY7BMW8423U3blW43/luLJk/Pq4OsWcw7AK3LeVh1U/HOgqhin26N3h72X1 nbLEpZFrgcp8egmWtXLCbLBDMqUK3j6wjLldni79muzYEVqU0A5GqSeb8Wc4kIx8VI5yL24J KzinG2iVRP5ZDEbOZETzBXJabUsV56XSxqPG9DK6ke+ybCiL/wKV1HFqdtFB1y25lfvHgOP2 gyEApBKEDNjgLmKyyQIDAQABo4IC+zCCAvcwCQYDVR0TBAIwADALBgNVHQ8EBAMCBLAwHQYD VR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMEMB0GA1UdDgQWBBS2EW2iNB+g0EibKJLBdv8I eLovVDAfBgNVHSMEGDAWgBR7iZySlyShhEcCy3T8LvSs3DLl8zAdBgNVHREEFjAUgRJzdHBl dGVyQHN0cGV0ZXIuaW0wggFCBgNVHSAEggE5MIIBNTCCATEGCysGAQQBgbU3AQICMIIBIDAu BggrBgEFBQcCARYiaHR0cDovL3d3dy5zdGFydHNzbC5jb20vcG9saWN5LnBkZjA0BggrBgEF BQcCARYoaHR0cDovL3d3dy5zdGFydHNzbC5jb20vaW50ZXJtZWRpYXRlLnBkZjCBtwYIKwYB BQUHAgIwgaowFBYNU3RhcnRDb20gTHRkLjADAgEBGoGRTGltaXRlZCBMaWFiaWxpdHksIHNl ZSBzZWN0aW9uICpMZWdhbCBMaW1pdGF0aW9ucyogb2YgdGhlIFN0YXJ0Q29tIENlcnRpZmlj YXRpb24gQXV0aG9yaXR5IFBvbGljeSBhdmFpbGFibGUgYXQgaHR0cDovL3d3dy5zdGFydHNz bC5jb20vcG9saWN5LnBkZjBjBgNVHR8EXDBaMCugKaAnhiVodHRwOi8vd3d3LnN0YXJ0c3Ns LmNvbS9jcnR1My1jcmwuY3JsMCugKaAnhiVodHRwOi8vY3JsLnN0YXJ0c3NsLmNvbS9jcnR1 My1jcmwuY3JsMIGOBggrBgEFBQcBAQSBgTB/MDkGCCsGAQUFBzABhi1odHRwOi8vb2NzcC5z dGFydHNzbC5jb20vc3ViL2NsYXNzMy9jbGllbnQvY2EwQgYIKwYBBQUHMAKGNmh0dHA6Ly93 d3cuc3RhcnRzc2wuY29tL2NlcnRzL3N1Yi5jbGFzczMuY2xpZW50LmNhLmNydDAjBgNVHRIE HDAahhhodHRwOi8vd3d3LnN0YXJ0c3NsLmNvbS8wDQYJKoZIhvcNAQEFBQADggEBADVtbXJG tKAr55xc/OUM546gXUybI72Bank0w739Mv+9BBNtq9rMEvCnLmSKhBi76c1mdXh6zXs8RQDo 6nR/aPabE3llF2T4z80smi9jfnl3y9dpu9TcgDoqDLZ7a2lBlW656XAAQzHjvLp2MC7/mxlg PYH2axa+q40mAYM20GbNsAEGbWQT1IqIh0BcLLsgbaMJHbyG/57zd9JLyMX3Vry1L1fJRQr3 GeLxMV5RtxN+mBgxrwFz/cOc09COiFExlsHgekpB5O43gqsAU16MXypyoSt4MrSfKTMHIGx6 2RF/M6vqUlvhi28gk2ZUvQ/+OX5+gjcZyooEzAAn4RuOKNswggbHMIIFr6ADAgECAgIAizAN BgkqhkiG9w0BAQUFADCBjDELMAkGA1UEBhMCSUwxFjAUBgNVBAoTDVN0YXJ0Q29tIEx0ZC4x KzApBgNVBAsTIlNlY3VyZSBEaWdpdGFsIENlcnRpZmljYXRlIFNpZ25pbmcxODA2BgNVBAMT L1N0YXJ0Q29tIENsYXNzIDMgUHJpbWFyeSBJbnRlcm1lZGlhdGUgQ2xpZW50IENBMB4XDTEw MTAxNDAxMzYzNFoXDTEyMTAxNDEyMDEwN1owgcAxIDAeBgNVBA0TFzI3NDU4MS05TlgwNHF4 TERiMG80NjlUMQswCQYDVQQGEwJVUzERMA8GA1UECBMIQ29sb3JhZG8xDzANBgNVBAcTBkRl bnZlcjEsMCoGA1UECxMjU3RhcnRDb20gVHJ1c3RlZCBDZXJ0aWZpY2F0ZSBNZW1iZXIxGjAY BgNVBAMTEVBldGVyIFNhaW50LUFuZHJlMSEwHwYJKoZIhvcNAQkBFhJzdHBldGVyQHN0cGV0 ZXIuaW0wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4RG+euSlBPH3Bsl+DFs0o Ri+3QiKV5xlFQzrCtsLMhQ8Khy5iFoAlxCiojIdorJs9Dt/4MgYgCiUBrd0ec12Wxc/ayZN+ 39k2mPXQ8gbluKU0CotRjCYsloRqpjsExbzjbdTduVbjf+W4smT8+rg6xZzDsArct5WHVT8c 6CqGKfbo3eHvZfWdssSlkWuBynx6CZa1csJssEMypQrePrCMuV2eLv2a7NgRWpTQDkapJ5vx ZziQjHxUjnIvbgkrOKcbaJVE/lkMRs5kRPMFclptSxXnpdLGo8b0MrqR77JsKIv/ApXUcWp2 0UHXLbmV+8eA4/aDIQCkEoQM2OAuYrLJAgMBAAGjggL7MIIC9zAJBgNVHRMEAjAAMAsGA1Ud DwQEAwIEsDAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQwHQYDVR0OBBYEFLYRbaI0 H6DQSJsoksF2/wh4ui9UMB8GA1UdIwQYMBaAFHuJnJKXJKGERwLLdPwu9KzcMuXzMB0GA1Ud EQQWMBSBEnN0cGV0ZXJAc3RwZXRlci5pbTCCAUIGA1UdIASCATkwggE1MIIBMQYLKwYBBAGB tTcBAgIwggEgMC4GCCsGAQUFBwIBFiJodHRwOi8vd3d3LnN0YXJ0c3NsLmNvbS9wb2xpY3ku cGRmMDQGCCsGAQUFBwIBFihodHRwOi8vd3d3LnN0YXJ0c3NsLmNvbS9pbnRlcm1lZGlhdGUu cGRmMIG3BggrBgEFBQcCAjCBqjAUFg1TdGFydENvbSBMdGQuMAMCAQEagZFMaW1pdGVkIExp YWJpbGl0eSwgc2VlIHNlY3Rpb24gKkxlZ2FsIExpbWl0YXRpb25zKiBvZiB0aGUgU3RhcnRD b20gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgUG9saWN5IGF2YWlsYWJsZSBhdCBodHRwOi8v d3d3LnN0YXJ0c3NsLmNvbS9wb2xpY3kucGRmMGMGA1UdHwRcMFowK6ApoCeGJWh0dHA6Ly93 d3cuc3RhcnRzc2wuY29tL2NydHUzLWNybC5jcmwwK6ApoCeGJWh0dHA6Ly9jcmwuc3RhcnRz c2wuY29tL2NydHUzLWNybC5jcmwwgY4GCCsGAQUFBwEBBIGBMH8wOQYIKwYBBQUHMAGGLWh0 dHA6Ly9vY3NwLnN0YXJ0c3NsLmNvbS9zdWIvY2xhc3MzL2NsaWVudC9jYTBCBggrBgEFBQcw AoY2aHR0cDovL3d3dy5zdGFydHNzbC5jb20vY2VydHMvc3ViLmNsYXNzMy5jbGllbnQuY2Eu Y3J0MCMGA1UdEgQcMBqGGGh0dHA6Ly93d3cuc3RhcnRzc2wuY29tLzANBgkqhkiG9w0BAQUF AAOCAQEANW1tcka0oCvnnFz85QznjqBdTJsjvYFqeTTDvf0y/70EE22r2swS8KcuZIqEGLvp zWZ1eHrNezxFAOjqdH9o9psTeWUXZPjPzSyaL2N+eXfL12m71NyAOioMtntraUGVbrnpcABD MeO8unYwLv+bGWA9gfZrFr6rjSYBgzbQZs2wAQZtZBPUioiHQFwsuyBtowkdvIb/nvN30kvI xfdWvLUvV8lFCvcZ4vExXlG3E36YGDGvAXP9w5zT0I6IUTGWweB6SkHk7jeCqwBTXoxfKnKh K3gytJ8pMwcgbHrZEX8zq+pSW+GLbyCTZlS9D/45fn6CNxnKigTMACfhG44o2zGCA80wggPJ AgEBMIGTMIGMMQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkGA1UE CxMiU2VjdXJlIERpZ2l0YWwgQ2VydGlmaWNhdGUgU2lnbmluZzE4MDYGA1UEAxMvU3RhcnRD b20gQ2xhc3MgMyBQcmltYXJ5IEludGVybWVkaWF0ZSBDbGllbnQgQ0ECAgCLMAkGBSsOAwIa BQCgggIOMBgGCSqGSIb3DQEJAzELBgkqhkiG9w0BBwEwHAYJKoZIhvcNAQkFMQ8XDTExMDEy NzE0NTMzOFowIwYJKoZIhvcNAQkEMRYEFMJvESOg9SRiGuDOjTMRG7TFdsFFMF8GCSqGSIb3 DQEJDzFSMFAwCwYJYIZIAWUDBAECMAoGCCqGSIb3DQMHMA4GCCqGSIb3DQMCAgIAgDANBggq hkiG9w0DAgIBQDAHBgUrDgMCBzANBggqhkiG9w0DAgIBKDCBpAYJKwYBBAGCNxAEMYGWMIGT MIGMMQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkGA1UECxMiU2Vj dXJlIERpZ2l0YWwgQ2VydGlmaWNhdGUgU2lnbmluZzE4MDYGA1UEAxMvU3RhcnRDb20gQ2xh c3MgMyBQcmltYXJ5IEludGVybWVkaWF0ZSBDbGllbnQgQ0ECAgCLMIGmBgsqhkiG9w0BCRAC CzGBlqCBkzCBjDELMAkGA1UEBhMCSUwxFjAUBgNVBAoTDVN0YXJ0Q29tIEx0ZC4xKzApBgNV BAsTIlNlY3VyZSBEaWdpdGFsIENlcnRpZmljYXRlIFNpZ25pbmcxODA2BgNVBAMTL1N0YXJ0 Q29tIENsYXNzIDMgUHJpbWFyeSBJbnRlcm1lZGlhdGUgQ2xpZW50IENBAgIAizANBgkqhkiG 9w0BAQEFAASCAQCau9W3wqtVQ3qWKCG2n4sfAEUnhJdApsQAYnBfJp1A+rTRau29ehDecD/N YZzSwc0a8Kx7LdkE9414JqCdf1JcfQuThyKJJ0NWMwFl7mlK0ErqvtAPIRASn8QnejpZrFR1 6rn9WhmUkyQj4yE5nO5J1DmwB7Y7t90RPdsfI5n5YmcYkYBaKGFmugzCuzGPLNm9YL+1/yBR /W3BNTH/DqEZwmG6mf3UnAK7TOj7Uuy+Oe+JK4WqgJzAxXeVtpnf/wpxLCJPNlFyjlyyzPwl YFc3eEygqbFPi2jfXg4Z1iwkDky088e36jdQRBPf1IMiD4xDZh8AaPwnXBuZadPmMmAnAAAA AAAA --------------ms020505000306050800040906--