[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [CHANNEL-BINDING] Re: draft-ietf-sasl-gs2 AD review comments

To: Jeffrey Hutzelman <jhutz@xxxxxxx>
Subject: Re: [CHANNEL-BINDING] Re: draft-ietf-sasl-gs2 AD review comments
From: Nicolas Williams <Nicolas.Williams@xxxxxxx>
Date: Tue, 9 Oct 2007 15:37:31 -0500
Cc: Sam Hartman <hartmans-ietf@xxxxxxx>, Simon Josefsson <simon@xxxxxxxxxxxxx>, channel-binding@xxxxxxxx, ietf-sasl@xxxxxxx
In-reply-to: <60E8559BF5690B813666CABD@xxxxxxxxxxxxxxxxxxxxx>
List-archive: <http://www.imc.org/ietf-sasl/mail-archive/>
List-id: <ietf-sasl.imc.org>
List-unsubscribe: <mailto:ietf-sasl-request@imc.org?body=unsubscribe>
Mail-followup-to: Jeffrey Hutzelman <jhutz@xxxxxxx>, Sam Hartman <hartmans-ietf@xxxxxxx>, Simon Josefsson <simon@xxxxxxxxxxxxx>, channel-binding@xxxxxxxx, ietf-sasl@xxxxxxx
References: <tslbqcf8eou.fsf@xxxxxxx> <871wc46umk.fsf@xxxxxxxxxxxxxxxxxxx> <tsl4ph0vz30.fsf@xxxxxxx> <60E8559BF5690B813666CABD@xxxxxxxxxxxxxxxxxxxxx>
Sender: owner-ietf-sasl@xxxxxxxxxxxx
User-agent: Mutt/1.5.7i

On Tue, Oct 09, 2007 at 04:26:59PM -0400, Jeffrey Hutzelman wrote:
> I think the base draft is almost perfectly unclear on this issue.  The 

:(

> requirement Simon quotes makes it clear that the channel type must be 
> communicated and that the application must use it to determine which 
> channel's bindings are acutally in use, but says nothing about whether the 
> communication is up to the application or by virtue of the channel binding 
> data being self-identifying.
> 
> Another listed requirements is this:
> 
>   o  The channel bindings for a given type of secure channel MUST be
>      constructed in such a way that an MITM could not easily force the
>      channel bindings of a given channel to match those of another.
> 
> On the one hand, this suggests that channel bindings are _not_ inherently 
> self-identifying, but at the same time, it imposes a requirement that is 
> most easily met by making them so.  In addition, there are many places 
> where the base document refers to the channel type name as a "prefix", 
> implying that all channel bindings would start with a channel type name.

The intention was for the applications to add the prefix (channel
bindings being an octet string there's no need for an additional
"slot").

> So, I think we need to update the base document to be clear on what should 
> happen here.  I believe that correct behavior requires that channel types 
> be identified in a consistent way for all channels, so this cannot be up to 
> the individual channel type specifications.  It could be done on a 
> per-application basis, but I see no benefit to doing so rather than using 
> the same method for all applications.

Hmmm, OK, I could go either way.  But in some cases the application may
be in charge of constructing the channel binding from things like
end-point identities, so the application will be responsible, at least
in some cases, for knowing the prefix and adding it in.

> -- Jeff
> 
> PS: IIRC, draft-williams-on-channel-bindings has already been approved and 
> is awaiting publication as an RFC.  If it needs to change in order to 
> address this issue, maybe someone should give the RFC Editor a heads up?

We're not in AUTH48 yet, so we can still make a clarification here.

Nico
--

References:
- draft-ietf-sasl-gs2 AD review comments
  - From: Sam Hartman
- Re: draft-ietf-sasl-gs2 AD review comments
  - From: Simon Josefsson
- Re: draft-ietf-sasl-gs2 AD review comments
  - From: Sam Hartman
- Re: [CHANNEL-BINDING] Re: draft-ietf-sasl-gs2 AD review comments
  - From: Jeffrey Hutzelman

Prev by Date: Re: draft-ietf-sasl-gs2 AD review comments
Previous by thread: Re: [CHANNEL-BINDING] Re: draft-ietf-sasl-gs2 AD review comments
Next by thread: Re: draft-ietf-sasl-gs2 AD review comments
Index(es):
- Date
- Thread