[Openid-specs-risc] SSF security
Andrii Deinega
andrii.deinega at gmail.com
Thu Apr 13 17:00:59 UTC 2023
I don't remember FastFed doing anything special on this matter. Apparently,
a URL in jwks_uri should use the https scheme (1) and this is an
unprotected / publicly available endpoint (2). So, in other words, you
completely rely on DNS and TLS.
The OpenID Connect 1.0 / OAuth 2.0 allows signing its metadata (see RFC
8414). However, I doubt they are signing the kyes in jwks_uri, or
anything like that.
Then, what's and was very interesting to me is the way that OpenID
Connect Federation spec and WG handle this. First of all, they have two
properties, namely jwks_uri, and signed_jwks_uri (the names speak for
themselves). Secondly, they define a special endpoint called "historical
kyes" that contains the list of previously used keys. See
https://openid.net/specs/openid-connect-federation-1_0.html#name-op-metadata
for more details. This endpoint also includes revoked keys but probably,
those keys make sense only in their context.. they have quite specific
requirements/goals.
The SSF WG may want to reuse ideas behind signed_jwks_uri and the
historical keys endpoint in one or another way.
There is a number of other specs that use jwks_uri as well, but again I
also do not remember anything specific, as an example, take a look at
"OAuth 2.0 Dynamic Client Registration Protocol".
Lastly, I think if a malicious actor somehow manages to get hold of a
session between the transmitter and the receiver then he can simply "strip"
SET events he wants, as an example, a TLS session isn't always created
between two parties (there a bunch of network intermediaries that perform
SSL offloading, various DPIs, etc.). In this particular case, the keys in
any JWKS endpoints aren't going to help, and you might want to look at
additional security mechanisms/controls such as HTTP Message Signatures.
Regards,
Andrii
On Thu, Apr 13, 2023 at 8:43 AM Atul Tulshibagwale via Openid-specs-risc <
openid-specs-risc at lists.openid.net> wrote:
> How do other specs such as FastFed handle the jwks_uri?
>
> On Thu, Apr 13, 2023 at 7:23 AM Shayne Miel (smiel) via Openid-specs-risc <
> openid-specs-risc at lists.openid.net> wrote:
>
>> What are the expectations around the jwks_uri? The
>> TransmitterConfiguration must list the URI where you can get the JWKS, but
>> nothing is said in the spec about how or whether we should secure that URI.
>> Since all of the security of the SETs being sent from the Transmitter is
>> held in that JWKS value, should we be specific about how to secure that
>> endpoint? Or do we leave that up to the Transmitter to decide?
>>
>> - Shayne
>>
>>
>> *Shayne Miel*
>> / Principal Engineer (he, him, his)
>>
>> smiel at cisco.com
>>
>> (919) 923-6230
>>
>> cisco.com <https://www.cisco.com/site/us/en/products/security/index.html>
>>
>>
>> _______________________________________________
>> Openid-specs-risc mailing list
>> Openid-specs-risc at lists.openid.net
>> https://lists.openid.net/mailman/listinfo/openid-specs-risc
>>
> _______________________________________________
> Openid-specs-risc mailing list
> Openid-specs-risc at lists.openid.net
> https://lists.openid.net/mailman/listinfo/openid-specs-risc
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-risc/attachments/20230413/a96cf202/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Outlook-xa12egry.png
Type: image/png
Size: 13713 bytes
Desc: not available
URL: <http://lists.openid.net/pipermail/openid-specs-risc/attachments/20230413/a96cf202/attachment-0001.png>
More information about the Openid-specs-risc
mailing list