On Mon, Jan 14, 2013 at 17:05, Yoav Nir <[email protected]> wrote: > I've shown this draft to a co-worker of mine (not on this list), and asked > for a review. Here's some comments: > > - Overall, this is an interesting problem.
There's been quite a few proposals now to solve it all before we identified this as worth treating as a problem separate from others: - draft-hammer-oauth-v2-mac-token - draft-hallambaker-httpintegrity - draft-williams-http-rest-auth - and several others There's also been a number of recent mentions of this in the context of CRIME in the HTTPbis WG list. > - The document is missing a list of deficiencies with using Cookies Well, for me CRIME is enough :) But sure, I'll flesh that out a bit. FWIW, I was under a hard deadline when i submitted the -00. > - Section 2.1 says that TLS protects against replay. Really? How? It doesn't > have a protected counter like IPsec. If you try to replay a handshake it won't work: the server will almost certainly pick different nonces and, if relevant, DH keys, so the Finished message exchange will fail. If you try to replay a TLS record layer message... TLS will detect that too because of its use of sequence numbers. See RFC5246, search for "sequence"; see section 6.2.3 in particular. Search also for "replay". This is also true of DTLS. If you can neither replay handshakes, entire connections, nor individual records then it's got replay protection :) > - Will the resulting protocol support a transition from authenticated session > to authenticated session for purposes such as re-authenticating after a > specified time, or moving from weak authentication to strong authentication > for high-value transactions. If we can make that work securely, then yes. > Nit: HTTP is HyperText **Transfer** Protocol, not **Transport*. This one is > already fixed in Nico's repository. There were some instances of one and some of the other. It was just me being sloppy as I hurried to meet a hard deadline. Thanks! Nico -- _______________________________________________ websec mailing list [email protected] https://www.ietf.org/mailman/listinfo/websec
