[OpenID-specs-EAP] EAP call notes 20-Jul-17

Mike Jones Michael.Jones at microsoft.com
Thu Jul 20 15:23:26 UTC 2017 

EAP call notes 20-Jul-17

Mike Jones
Brian Campbell
Nat Sakimura
John Bradley

Agenda
              Detecting Downplay Attacks
              Crypto Agility for the "tbh" Hash Function
              Clustered OAuth Web Server Clients
              OAuth Token Binding Security Considerations
              Next Call

Detecting Downplay Attacks
              Brian:  The Security Considerations language currently seems possibly overly specific
                           Paragraph 3 in Section 4 describes indeterminate cases as likely attacks
              John:  If you're man-in-the-middled, the attacker will change the browser string to one that doesn't support Token Binding
              Brian:  The on/off metadata that we currently have may be useful but is not sufficient
              John:  An indeterminate state can occur if the client negotiates token binding and sends a referred token binding
                           but receives an unbound ID token
                           This could happen due to algorithm mismatches - although servers are required to support all the algorithms
                           We should say in the spec that this should be rejected
              Mike:  There may be deployments in which specific knowledge of capabilities of the participants is used
              John:  If the OP doesn't receive a Token Binding, it may need to inform the user to choose an appropriate browser or that something bad is happening

Crypto Agility for the "tbh" Hash Function
              We should add similar language as that used for "x5t" and "x5t#S256"
              Brian will take a crack at this (he's already doing this for the OAuth MTLS draft)

Clustered OAuth Web Server Clients
              Brian talked about Token Binding for clustered Web Server clients
              He's worried that Refresh Token Token Binding may be problematic for clustered deployments
              The client would have to share Token Binding keys across instances in clustered deployments
              Brian thinks there may be need to be a way to allow Web Server Clients to bind access tokens but not refresh tokens
              The best way to indicate this is probably client metadata
                           A dynamic parameter to turn it off seems like it would be a bad idea

OAuth Token Binding Security Considerations
              There are likely similar wording issues in the OAuth Token Binding Security Considerations language
              Brian will have a look at this

Next Call
              Our next call is Thursday, August 3rd, 2017 at 8am Pacific
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-eap/attachments/20170720/60a96f71/attachment.html>

More information about the Openid-specs-eap mailing list