idnits 2.17.00 (12 Aug 2021) /tmp/idnits21591/draft-tschofenig-moonshot-ps-01.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (July 26, 2010) is 4310 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) ** Obsolete normative reference: RFC 3588 (Obsoleted by RFC 6733) ** Downref: Normative reference to an Informational RFC: RFC 3579 == Outdated reference: A later version (-13) exists of draft-nir-tls-eap-08 Summary: 2 errors (**), 0 flaws (~~), 2 warnings (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 MOONSHOT H. Tschofenig 3 Internet-Draft Nokia Siemens Networks 4 Intended status: Standards Track July 26, 2010 5 Expires: January 27, 2011 7 Federated Authentication Beyond The Web: Problem Statement and 8 Requirements 9 draft-tschofenig-moonshot-ps-01.txt 11 Abstract 13 It is quite common that application developers and system architects 14 are in need for authentication and authorization support in a 15 distributed environment. At least three parties need to cooperate, 16 namely the end host, the identity provider, and the relying party. 17 At the end of the exchange the identity provider asserts identity 18 information or certain attributes to the relying party without 19 exposing the user's long-term secret to the relying party. 21 Although the problem sounds challenging and interesting, it is not 22 new. In fact, various IETF groups have produced specifications to 23 solve this problem, such as Kerberos, RADIUS, and Diameter. Outside 24 the IETF various Single-Sign-On solution for HTTP-based applications 25 have been developed as well. 27 The reader might therefore wonder about the need for new work given 28 the existence of readily available solutions. This document tries to 29 answer this question in a compact fashion. Note that the description 30 in this document focuses on the scope of the new work as part of the 31 "Federated Authentication Beyond The Web" BOF being proposed rather 32 than what could be theoretically done. 34 Status of this Memo 36 This Internet-Draft is submitted in full conformance with the 37 provisions of BCP 78 and BCP 79. 39 Internet-Drafts are working documents of the Internet Engineering 40 Task Force (IETF). Note that other groups may also distribute 41 working documents as Internet-Drafts. The list of current Internet- 42 Drafts is at http://datatracker.ietf.org/drafts/current/. 44 Internet-Drafts are draft documents valid for a maximum of six months 45 and may be updated, replaced, or obsoleted by other documents at any 46 time. It is inappropriate to use Internet-Drafts as reference 47 material or to cite them other than as "work in progress." 48 This Internet-Draft will expire on January 27, 2011. 50 Copyright Notice 52 Copyright (c) 2010 IETF Trust and the persons identified as the 53 document authors. All rights reserved. 55 This document is subject to BCP 78 and the IETF Trust's Legal 56 Provisions Relating to IETF Documents 57 (http://trustee.ietf.org/license-info) in effect on the date of 58 publication of this document. Please review these documents 59 carefully, as they describe your rights and restrictions with respect 60 to this document. Code Components extracted from this document must 61 include Simplified BSD License text as described in Section 4.e of 62 the Trust Legal Provisions and are provided without warranty as 63 described in the Simplified BSD License. 65 Table of Contents 67 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 4 68 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 7 69 3. Assumptions and Requirements . . . . . . . . . . . . . . . . . 8 70 4. Security Considerations . . . . . . . . . . . . . . . . . . . 10 71 5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 11 72 6. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 12 73 7. References . . . . . . . . . . . . . . . . . . . . . . . . . . 13 74 7.1. Normative References . . . . . . . . . . . . . . . . . . . 13 75 7.2. Informative References . . . . . . . . . . . . . . . . . . 13 76 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . . 14 78 1. Introduction 80 The typical setup for a three party protocol involves the End-host, 81 the identity-provider and relying party as illustrated in Figure 1. 82 It might be of surprise that there are actually four parties shown in 83 Figure 1; we will address the invisible party in the middle a little 84 bit later. 86 With three party protocols there are a number of different protocol 87 variants possible, as the available crypto-literature shows. We will 88 not discuss the different options in this document. What is relevant 89 is that a real world entity is behind the end host and responsible 90 for establishing some form of contract with the identity provider, 91 even if it is only as weak as completing a web form and confirming 92 the verification email. The outcome of this initial registration 93 step is that credentials are made available to the identity provider 94 and to the end host (or the user). It is important to highlight that 95 in some scenarios there might indeed be a human behind the device 96 denoted as end host and in other cases there is no human involved in 97 the actual protocol execution. 99 We assume that the identity provider and the relying party belong to 100 different administrative domains. Very often there is some form of 101 relationship between the identity provider and the relying party. 102 This is particularly important when the relying party wants to use 103 information obtained from the identity provider for authorization 104 decisions and when the identity provider does not want to release 105 information to every relying party (or only under certain 106 conditions). While it is possible to have a bilateral agreement 107 between every identity provider and every relying party; on an 108 Internet scale this setup does require some intermediary, the "stuff- 109 in-the-middle". Please note that the lack of scalability is not 110 caused by technical limitations but rather by business limitations 111 since the agreements between identity providers and the relying 112 parties are often business contracts that are financially motivated. 113 The "stuff-in-the-middle" is a placeholder for technical 114 interoperability as well as business practices and operational 115 arrangements, many aspects are outside the scope of the IETF. 117 Agreed terminology for what is labeled as generically "stuff-in- 118 the-middle" is unfortunately not available. Sometimes the term 119 "identity federation", or "trust framework" are used. To make it 120 worse, different terminology is used when looking at specific 121 protocols. 123 ----- 124 /- -\ 125 // \\ 126 / \ 127 ---- | | ---- 128 ///- -\\\ | | ///- -\\\ 129 / \ | Stuff-in- | / \ 130 | |-+ the-Middle +-| | 131 | Identity | | | | Relying | 132 | Provider | | | | Party | 133 | | | | | | 134 \ / \ / \ / 135 \\\- -/// \\ // \\\- -/// 136 ---- \- -/ ---- 137 < ----- > 138 \ / 139 \ / 140 \ / 141 \ / 142 \ / 143 \ / 144 \ +------------+ / 145 \ | | / 146 v| End Host |v 147 | | 148 | | 149 +------------+ 151 Figure 1: Three Party Authentication Framework 153 Designing new three party authentication and authorization protocols 154 is hard and cryptographic flaws common in designs. Achieving 155 widespead deployment is even more difficult. The HTTP-based Web has 156 enjoyed a lot of attention from the industry with respect to this 157 problem and some amount of success can be noticed even though many of 158 the business aspects with the "stuff-in-the-middle" still has to be 159 sorted out. This document does not focus on an HTTP-based 160 environment and instead focuses on those protocols where HTTP is not 161 used. Despite the increased excitement for layering every protocol 162 on top of HTTP there are still a number of protocols available that 163 do not use HTTP-based transports. Many of these protocols are 164 lacking an authentication and authorization framework of the style 165 shown in Figure 1. 167 Interestingly, for network access authentication the usage of the AAA 168 framework with RADIUS [RFC2865] and Diameter [RFC3588] was quite 169 successful from a deployment point of view. To map the terminology 170 used in Figure 1 to the AAA framework the identity provider 171 corresponds to the AAA server, the relying party corresponds to the 172 AAA client, and the "stuff-in-the-middle" are AAA proxies and relays 173 (particularly if they are operated by third parties, such as AAA 174 brokers and clearing houses). The front-end, i.e. the end host to 175 AAA client communication, is in case of network access authentication 176 offered by link layer protocols that forward authentication protocol 177 exchanges back-and-forth. 179 Is it possible to design a system that builds on top of successful 180 protocols to offer non-Web-based protocols with a solid starting 181 point for authentication and authorization in a distributed system? 183 2. Terminology 185 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 186 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 187 document are to be interpreted as described in [RFC2119]. 189 3. Assumptions and Requirements 191 Some requirements restrict the solution space more than others. In 192 this particular case the main requirement is to re-use an existing 193 infrastructure, namely the AAA framework. Briefly stated: The 194 solution MUST make use of the AAA infrastructure (RADIUS and 195 Diameter). Ideally, modifications at AAA servers SHOULD be kept at a 196 minimum. Modifications to the AAA infrastructure that affect 197 operational aspects MUST NOT be made. 199 The next requirement concerns security: The relying party MUST NOT 200 get in possession of the long-term secret of the entity that is 201 authenticated towards the AAA server. Since there is no single 202 authentication mechanism that will be used everywhere there is 203 another associated requirement: The authentication framework MUST 204 allow for the flexible integration of authentication mechanisms. 206 Those who are familiar with the AAA framework might realize that 207 the choices are limited. The standardized Extensible 208 Authentication Protocol (EAP) framework [RFC3748] fits the above 209 requirements and is widely deployed. 211 Assuming that this design decision is taken for granted the remaining 212 work is with the integration of the AAA infrastructure into non-Web- 213 based application protocols. Figure 2 illustrates it graphically. 215 +--------------+ business 216 |AAA Server | agreements 217 |(Identity | <......+ 218 |Provider) | . 219 | | . 220 +------------+-+ . 221 --^----------|-- . . 222 ///// | | \\\\\ . 223 // | | \\ . *** 224 | | AAA | |. back- 225 | | protocol | |. end 226 | | | |. *** 227 \\ | | // . 228 \\\\\ | | ///// . 229 --|----------|-- . . 230 Authentication | | . 231 and Security | v . 232 +-------------+ Layer +-+----------+--+ . 233 | |<---------------->| |<-.....+ 234 | Application | | Server Side | 235 | @ End Host | Application | Application | 236 | |<================>|(Relying Party)| 237 +-------------+ Application +---------------+ 238 Data 240 *** front-end *** 242 Figure 2: Front-End Integration 244 The front-end (end host to relying party) communication MUST be 245 integrated into the authentication framework available to the back- 246 end. As argued previously the end-to-end authentication framework is 247 EAP. Although EAP support is already integrated in AAA systems (see 248 [RFC3579] and [RFC4072]) the challenge remains to carry EAP payloads 249 from the end host to the relying party using some mechanism. 251 For illustrative purposes, some examples of the front-end 252 protocols suitable for carrying EAP are "TLS using EAP 253 Authentication" [I-D.nir-tls-eap], and GSS-API Mechanism for the 254 EAP [I-D.howlett-eap-gss]. 256 The changes to the end host and the changes to the relying party 257 SHOULD be kept at a minimum. A mechanism that can demonstrate 258 deployment benefits (based on ease of update of existing software, 259 low implementation effort, etc.) MUST be preferred. There MAY be a 260 need to specify multiple mechanisms to support the range of different 261 deployment scenarios. 263 4. Security Considerations 265 This entire document is about security. 267 5. IANA Considerations 269 This document does not require actions by IANA. 271 6. Acknowledgments 273 The author would like to thank Sam Hartman for a discussion about all 274 aspects of the "Federated Authentication Beyond The Web" effort when 275 he was visiting MIT in June 2010. 277 I would like to thank Mayutan Arumaithurai and Klaas Wierenga for 278 their feedback. 280 7. References 282 7.1. Normative References 284 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 285 Requirement Levels", BCP 14, RFC 2119, March 1997. 287 [RFC2865] Rigney, C., Willens, S., Rubens, A., and W. Simpson, 288 "Remote Authentication Dial In User Service (RADIUS)", 289 RFC 2865, June 2000. 291 [RFC3588] Calhoun, P., Loughney, J., Guttman, E., Zorn, G., and J. 292 Arkko, "Diameter Base Protocol", RFC 3588, September 2003. 294 [RFC3748] Aboba, B., Blunk, L., Vollbrecht, J., Carlson, J., and H. 295 Levkowetz, "Extensible Authentication Protocol (EAP)", 296 RFC 3748, June 2004. 298 [RFC3579] Aboba, B. and P. Calhoun, "RADIUS (Remote Authentication 299 Dial In User Service) Support For Extensible 300 Authentication Protocol (EAP)", RFC 3579, September 2003. 302 [RFC4072] Eronen, P., Hiller, T., and G. Zorn, "Diameter Extensible 303 Authentication Protocol (EAP) Application", RFC 4072, 304 August 2005. 306 7.2. Informative References 308 [I-D.nir-tls-eap] 309 Nir, Y., Sheffer, Y., Tschofenig, H., and P. Gutmann, "TLS 310 using EAP Authentication", draft-nir-tls-eap-08 (work in 311 progress), July 2010. 313 [I-D.howlett-eap-gss] 314 Hartman, S. and J. Howlett, "A GSS-API Mechanism for the 315 Extensible Authentication Protocol", 316 draft-howlett-eap-gss-00 (work in progress), March 2010. 318 Author's Address 320 Hannes Tschofenig 321 Nokia Siemens Networks 322 Linnoitustie 6 323 Espoo 02600 324 Finland 326 Phone: +358 (50) 4871445 327 Email: Hannes.Tschofenig@gmx.net 328 URI: http://www.tschofenig.priv.at