idnits 2.17.00 (12 Aug 2021) /tmp/idnits51749/draft-privacy-token-01.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (7 September 2021) is 249 days in the past. Is this intentional? Checking references for intended status: Experimental ---------------------------------------------------------------------------- -- Looks like a reference, but probably isn't: '32' on line 95 == Missing Reference: 'Nk' is mentioned on line 96, but not defined == Outdated reference: A later version (-03) exists of draft-irtf-cfrg-rsa-blind-signatures-02 Summary: 0 errors (**), 0 flaws (~~), 3 warnings (==), 2 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group T. Pauly 3 Internet-Draft F. Jacobs 4 Intended status: Experimental Apple Inc. 5 Expires: 11 March 2022 C.A. Wood 6 Cloudflare 7 7 September 2021 9 The Privacy Token HTTP Authentication Scheme 10 draft-privacy-token-01 12 Abstract 14 This documents defines an authentication scheme for HTTP called 15 Privacy Token. 17 Discussion Venues 19 This note is to be removed before publishing as an RFC. 21 Source for this draft and an issue tracker can be found at 22 https://github.com/tfpauly/privacy-proxy. 24 Status of This Memo 26 This Internet-Draft is submitted in full conformance with the 27 provisions of BCP 78 and BCP 79. 29 Internet-Drafts are working documents of the Internet Engineering 30 Task Force (IETF). Note that other groups may also distribute 31 working documents as Internet-Drafts. The list of current Internet- 32 Drafts is at https://datatracker.ietf.org/drafts/current/. 34 Internet-Drafts are draft documents valid for a maximum of six months 35 and may be updated, replaced, or obsoleted by other documents at any 36 time. It is inappropriate to use Internet-Drafts as reference 37 material or to cite them other than as "work in progress." 39 This Internet-Draft will expire on 11 March 2022. 41 Copyright Notice 43 Copyright (c) 2021 IETF Trust and the persons identified as the 44 document authors. All rights reserved. 46 This document is subject to BCP 78 and the IETF Trust's Legal 47 Provisions Relating to IETF Documents (https://trustee.ietf.org/ 48 license-info) in effect on the date of publication of this document. 49 Please review these documents carefully, as they describe your rights 50 and restrictions with respect to this document. Code Components 51 extracted from this document must include Simplified BSD License text 52 as described in Section 4.e of the Trust Legal Provisions and are 53 provided without warranty as described in the Simplified BSD License. 55 Table of Contents 57 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 58 1.1. Requirements . . . . . . . . . . . . . . . . . . . . . . 2 59 2. Privacy Token Structure . . . . . . . . . . . . . . . . . . . 2 60 3. PrivacyToken Authentication Scheme . . . . . . . . . . . . . 3 61 4. Security Considerations . . . . . . . . . . . . . . . . . . . 3 62 5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 4 63 6. Normative References . . . . . . . . . . . . . . . . . . . . 4 64 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 4 66 1. Introduction 68 This document defines a new HTTP authentication scheme [RFC7235] 69 named "PrivacyToken". 71 This scheme is built to be used to authenticate to proxies, using the 72 Proxy-Authorization header field, with a blind signature that allows 73 a proxy to verify that a client has a token signed by a particular 74 key, but without identifying the client. The initial version of this 75 scheme is intended to be used with RSA Blind Signatures [RSASIG]. 77 1.1. Requirements 79 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 80 "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and 81 "OPTIONAL" in this document are to be interpreted as described in 82 BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all 83 capitals, as shown here. 85 2. Privacy Token Structure 87 A privacy token is a structure that begins with a single byte that 88 indicates a version. This document defines version, 1, which 89 indicates use of private tokens based on RSA Blind Signatures 90 [RSASIG], and determines the rest of the structure contents. 92 struct { 93 uint8_t version; 94 uint8_t key_id[32]; 95 uint8_t message[32]; 96 uint8_t signature[Nk]; 97 } Token; 99 The structure fields are defined as follows: 101 * "version" is a 1-octet integer. This document defines version 1. 103 * "key_id" is a collision-resistant hash that identifies the key 104 used to produce the signature. This is generated as 105 SHA256(public_key), where public_key is a DER-encoded 106 SubjectPublicKeyInfo object carrying the public key. 108 * "message" is a 32-octet random message that is signed by the 109 signature. 111 * "signature" is a Nk-octet RSA Blind Signature that covers the 112 message. For version 1, Nk is indicated by size of the Token 113 structure and may be 256, 384, or 512. These correspond to RSA 114 2048, 3072, and 4096 bit keys. Clients implementing version 1 115 MUST support signature sizes with Nk of 512 and 256. 117 3. PrivacyToken Authentication Scheme 119 The "PrivacyToken" authentication scheme defines one parameter, 120 "token". All unknown or unsupported parameters to "PrivacyToken" 121 authentication credentials MUST be ignored. 123 The value of the "token" parameter is a Privacy Token Structure 124 Section 2, encoded using base64url encoding [RFC4648]. 126 As an example, a Proxy-Authorization field in an HTTP request would 127 look like: 129 Proxy-Authorization: PrivacyToken token=abc... 131 4. Security Considerations 133 Note that the KeyID is only a hint to identify the public 134 verification key. With a sufficiently large number of public keys, 135 KeyID collisions may occur. By approximation, a KeyID collision 136 between two distinct keys will occur with probability sqrt(p * 2^33). 137 In such cases, servers SHOULD attempt verification using both keys. 139 5. IANA Considerations 141 This document registers the "PrivacyToken" authentication scheme in 142 the "Hypertext Transfer Protocol (HTTP) Authentication Scheme 143 Registry" established by [RFC7235]. 145 Authentication Scheme Name: PrivacyToken 147 Pointer to specification text: Section 3 of this document 149 6. Normative References 151 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 152 Requirement Levels", BCP 14, RFC 2119, 153 DOI 10.17487/RFC2119, March 1997, 154 . 156 [RFC4648] Josefsson, S., "The Base16, Base32, and Base64 Data 157 Encodings", RFC 4648, DOI 10.17487/RFC4648, October 2006, 158 . 160 [RFC7235] Fielding, R., Ed. and J. Reschke, Ed., "Hypertext Transfer 161 Protocol (HTTP/1.1): Authentication", RFC 7235, 162 DOI 10.17487/RFC7235, June 2014, 163 . 165 [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 166 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 167 May 2017, . 169 [RSASIG] Denis, F., Jacobs, F., and C. A. Wood, "RSA Blind 170 Signatures", Work in Progress, Internet-Draft, draft-irtf- 171 cfrg-rsa-blind-signatures-02, 2 August 2021, 172 . 175 Authors' Addresses 177 Tommy Pauly 178 Apple Inc. 179 One Apple Park Way 180 Cupertino, California 95014, 181 United States of America 183 Email: tpauly@apple.com 184 Frederic Jacobs 185 Apple Inc. 186 One Apple Park Way 187 Cupertino, California 95014, 188 United States of America 190 Email: frederic.jacobs@apple.com 192 Christopher A. Wood 193 Cloudflare 195 Email: caw@heapingbits.net