Internet Engineering Task Force E. Prodromou Internet-Draft StatusNet, Inc. Intended status: Experimental September 6, 2012 Expires: March 10, 2013 HTTP Authentication: Dialback Access Authentication draft-prodromou-dialback-00 Abstract This specification defines the Dialback Access Authentication Scheme. It provides a way for HTTP clients to identify an Internet host or account responsible for an HTTP request, and for HTTP servers to verify that identity by sending a token to a declared dialback endpoint. The specification defines a new HTTP authentication scheme, "Dialback". It also defines a new link relation, "dialback", to specify the endpoint for the dialback verification. Finally, it defines the interface for the dialback endpoint. Status of this Memo This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at http://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." This Internet-Draft will expire on March 10, 2013. Copyright Notice Copyright (c) 2012 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents Prodromou Expires March 10, 2013 [Page 1] Internet-Draft Dialback Authentication September 2012 carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 1.1. Requirements Language . . . . . . . . . . . . . . . . . . . 3 2. Authentication scheme . . . . . . . . . . . . . . . . . . . . . 3 3. Dialback endpoint discovery . . . . . . . . . . . . . . . . . . 4 4. Dialback verification endpoint . . . . . . . . . . . . . . . . 4 5. Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 5.1. Host authentication . . . . . . . . . . . . . . . . . . . . 5 5.2. Webfinger authentication . . . . . . . . . . . . . . . . . 6 6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . . 6 6.1. Authentication scheme . . . . . . . . . . . . . . . . . . . 7 6.2. Link relation . . . . . . . . . . . . . . . . . . . . . . . 7 7. Security Considerations . . . . . . . . . . . . . . . . . . . . 7 7.1. Replay attacks . . . . . . . . . . . . . . . . . . . . . . 7 7.2. Link discovery . . . . . . . . . . . . . . . . . . . . . . 7 7.3. Endpoint . . . . . . . . . . . . . . . . . . . . . . . . . 8 7.4. Confidentiality . . . . . . . . . . . . . . . . . . . . . . 8 7.5. Data integrity . . . . . . . . . . . . . . . . . . . . . . 8 7.6. Denial of service . . . . . . . . . . . . . . . . . . . . . 8 8. References . . . . . . . . . . . . . . . . . . . . . . . . . . 9 8.1. Normative References . . . . . . . . . . . . . . . . . . . 9 8.2. Informative References . . . . . . . . . . . . . . . . . . 9 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . . 9 Prodromou Expires March 10, 2013 [Page 2] Internet-Draft Dialback Authentication September 2012 1. Introduction HTTP/1.1 [RFC2616] has an extensible authentication mechanism using the "Authorization" header. Basic and Digest Authentication [RFC2617] are two authentication schemes for HTTP/1.1. OAuth 1.0 [RFC5849] is another. All of these authentication schemes assume that the HTTP server is able to validate the authentication credentials. With distributed publishing and social networking applications, however, the security domain may be separate from the resource domain. In addition, the resource and security domains may have no previously-negotiated relationship. With dialback authentication, an HTTP client can authenticate as a host or Webfinger address without creating a previous relationship. The HTTP server verifies the identity using a dialback endpoint specified by the host or Webfinger address. Because dialback authentication requires one or more additional requests from server to client, its intended use is for bootstrapping longer-term relationships, such as dynamic registration of OAuth clients. It can also be useful for single use requests. 1.1. Requirements Language The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119 [RFC2119]. 2. Authentication scheme This spec adds a new Authorization type, "Dialback". The header has the following optional elements: host The host authorizing the request. webfinger The webfinger account authorizing the request. token An opaque value used to confirm the request authorization Exactly one of "host" or "webfinger" is required. "token" is always required. Prodromou Expires March 10, 2013 [Page 3] Internet-Draft Dialback Authentication September 2012 3. Dialback endpoint discovery To validate the token, the server must identify a dialback endpoint for the host or Webfinger address. For a host parameter, the server SHOULD use Web Host Metadata [RFC6415] to find the endpoint. It will have the link relation "dialback". For a webfinger parameter, the server SHOULD use Webfinger [I-D.jones-appsawg-webfinger] to find the endpoint with the link relation "dialback". 4. Dialback verification endpoint To confirm, the server makes an HTTP POST request to the dialback endpoint. The request MUST have the Content-Type application/ x-www-url-encoded. The HTTP request has the following parameters. host The host value provided in the original Authorization header. webfinger The webfinger value provided in the original Authorization header. token The token provided in the original Authorization header. url The URL that the original request was made to. date The Date header on the original request. The request MUST include exactly one of "host" or "webfinger". The request MUST include the "token", "url" and "date" parameters. All parameters MUST be encoded in the body of the request. If the token is valid, the endpoint SHOULD return a 200 OK or 204 No Content result. If the token is invalid, the endpoint SHOULD return a 400 Bad Request result. Prodromou Expires March 10, 2013 [Page 4] Internet-Draft Dialback Authentication September 2012 5. Examples 5.1. Host authentication o The client sends an HTTP request with an Authorization header: POST /some/endpoint HTTP/1.1 Host: photo.example Date: Tue, 28 Aug 2012 09:41:21 -0400 Content-Type: application/x-www-url-form-encoded Authorization: Dialback host="checkin.example", token="4430086d" arg1=186&arg2=50 Figure 1 o The server checks that the Date: header is within an acceptable window (+/- 5 minutes recommended). o The server checks that it hasn't seen this (host, url, token, date) tuple before. o The server discovers a dialback confirmation endpoint at checkin.example. Its rel type is "dialback". o The server posts an HTTP request to confirm the token: POST /dialback HTTP/1.1 Host: checkin.example Date: Tue, 28 Aug 2012 09:41:43 -0400 Content-Type: application/x-www-url-form-encoded host=checkin.example&\ token=4430086d&\ url=http://photo.example/some/endpoint&\ date=Tue%2C%2028%20Aug%202012%2009%3A41%3A21%20-0400 Figure 2 Note: the "\" character is used here to indicate the line wrapping in the request content and is not part of the content itself. o checkin.example returns 200 OK for a confirmation, 4xx for confirmation failure, 5xx for server failure. Prodromou Expires March 10, 2013 [Page 5] Internet-Draft Dialback Authentication September 2012 5.2. Webfinger authentication o The client sends an HTTP request with an Authorization header: GET /some/resource HTTP/1.1 Host: photo.example Date: Tue, 28 Aug 2012 09:41:21 -0400 Authorization: Dialback webfinger="alice@checkin.example", token="b3265cd5" Figure 3 o The server checks that the Date: header is within an acceptable window (+/- 5 minutes recommended). o The server checks that it hasn't seen this (webfinger, url, token, date) tuple before. o The server discovers a dialback confirmation endpoint for alice@checkin.example. Its rel type is "dialback". o The server posts an HTTP request to confirm the token: POST /dialback HTTP/1.1 Host: checkin.example Date: Tue, 28 Aug 2012 09:41:43 -0400 Content-Type: application/x-www-url-form-encoded webfinger=alice@checkin.example&\ token=b3265cd5&\ url=http://photo.example/some/resource&\ date=Tue%2C%2028%20Aug%202012%2009%3A41%3A21%20-0400 Figure 4 Note: the "\" character is used here to indicate the line wrapping in the request content and is not part of the content itself. o checkin.example returns 200 OK for a confirmation, 4xx for confirmation failure, 5xx for server failure. 6. IANA Considerations Prodromou Expires March 10, 2013 [Page 6] Internet-Draft Dialback Authentication September 2012 6.1. Authentication scheme This specification defines a new HTTP authentication scheme, "Dialback", per HTTP/1.1, part 7: Authentication [I-D.ietf-httpbis-p7-auth] to be registered at http://www.iana.org/assignments/http-authschemes. o Authentication Scheme Name: Dialback o Reference: (this document) 6.2. Link relation This specification defines a new link relation type to be registered at http://www.iana.org/assignments/link-relations according to RFC 5988 [RFC5988]. o Relation Name: dialback o Description: a dialback token verification endpoint o Reference: (this document) 7. Security Considerations 7.1. Replay attacks An attacker could capture the Authorization header of a request and replay the header for another payload. To prevent replay attacks, the server MUST NOT accept a request if it has already seen a request with the same host or webfinger, url, token, and date. Servers MAY mitigate storage requirements by rejecting requests with a Date: outside a fixed window. +/- 5 minutes from server time is reasonable. 7.2. Link discovery An attacker could use DNS poisoning techniques to provide links to a false dialback endpoint. Clients supporting dialback SHOULD support TLS for host-meta and Webfinger discovery. HTTP servers SHOULD use the TLS endpoint for host-meta and Webfinger. Prodromou Expires March 10, 2013 [Page 7] Internet-Draft Dialback Authentication September 2012 HTTP servers MAY fall back to the unencrypted equivalent. 7.3. Endpoint An attacker could use DNS poisoning techniques to provide false responses to requests to the dialback verification endpoint. HTTP clients support dialback SHOULD use TLS for dialback endpoints. HTTP servers SHOULD require valid certificates for dialback endpoints. 7.4. Confidentiality The dialback endpoint confirms that the host or Webfinger account is responsible for the HTTP request. An attacker could use brute-force methods to determine if the host or Webfinger account has made an HTTP request to a given URL. The dialback endpoint SHOULD NOT verify requests for dates outside a small window around the current time (+/- five minutes). The dialback endpoint SHOULD use large enough tokens to make brute- force attacks impractical. 7.5. Data integrity Dialback authentication does not confirm the contents of the HTTP request. For example, man-in-the-middle attack could replace the contents of a POST request with another payload, which would be verified. Servers SHOULD use TLS to prevent man-in-the-middle attacks. 7.6. Denial of service Dialback authentication lets the HTTP client induce the HTTP server to make additional verification requests. By making requests with a host or webfinger parameter referring to a third party, a malicious client can cause extra HTTP requests to that third party. To avoid denial-of-service attacks, HTTP servers SHOULD cache the results of host-meta and Webfinger requests. Prodromou Expires March 10, 2013 [Page 8] Internet-Draft Dialback Authentication September 2012 8. References 8.1. Normative References [I-D.ietf-httpbis-p7-auth] Fielding, R., Lafon, Y., and J. Reschke, "HTTP/1.1, part 7: Authentication", draft-ietf-httpbis-p7-auth-20 (work in progress), July 2012. [I-D.jones-appsawg-webfinger] Jones, P., Salgueiro, G., and J. Smarr, "WebFinger", draft-jones-appsawg-webfinger-06 (work in progress), June 2012. [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997. [RFC2616] Fielding, R., Gettys, J., Mogul, J., Frystyk, H., Masinter, L., Leach, P., and T. Berners-Lee, "Hypertext Transfer Protocol -- HTTP/1.1", RFC 2616, June 1999. [RFC2617] Franks, J., Hallam-Baker, P., Hostetler, J., Lawrence, S., Leach, P., Luotonen, A., and L. Stewart, "HTTP Authentication: Basic and Digest Access Authentication", RFC 2617, June 1999. [RFC5988] Nottingham, M., "Web Linking", RFC 5988, October 2010. [RFC6415] Hammer-Lahav, E. and B. Cook, "Web Host Metadata", RFC 6415, October 2011. 8.2. Informative References [RFC5849] Hammer-Lahav, E., "The OAuth 1.0 Protocol", RFC 5849, April 2010. Author's Address Evan Prodromou StatusNet, Inc. Email: evan@status.net URI: http://evan.status.net/ Prodromou Expires March 10, 2013 [Page 9]