Ben, I was wondering whether the situation is any different in Kerberos. If the KDC creates tickets with a session key included then it needs to make sure that it does not create the same symmetric key for different usages. The key in the Kerberos ticket is similar to the PoP key in our discussion.
Are we aware of key collision in Kerberos? Ciao Hannes -----Original Message----- From: Benjamin Kaduk [mailto:[email protected]] Sent: 23 June 2018 23:30 To: Mike Jones Cc: Hannes Tschofenig; Jim Schaad; [email protected]; [email protected] Subject: Re: [Ace] Key IDs ... RE: WGLC on draft-ietf-ace-cwt-proof-of-possession-02 On Fri, Jun 22, 2018 at 08:48:35PM +0000, Mike Jones wrote: > See my note just now proposing this text to Jim: > > "Likewise, if PoP keys are used for multiple different kinds of CWTs in an > application and the PoP keys are identified by Key IDs, care must be taken to > keep the keys for the different kinds of CWTs segregated so that an attacker > cannot cause the wrong PoP key to be used by using a valid Key ID for the > wrong kind of CWT." > > As long as the PoP keys for different contexts are kept segregated, Key ID > collisions or reuse cause no problems. If we trust everyone to implement things properly. We should probably only take that risk if we get some other benefit from it, though. Jim mentioned (off-list?) a scenario involving giving the same client additional privileges, and of course we can gain some simplicity savings if we don't need to enforce global key-id uniqueness (for appropriate values of "global"). So this may well be the right thing to do; I just don't think it's without tradeoffs as your text seems to imply. -Ben IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you. _______________________________________________ Ace mailing list [email protected] https://www.ietf.org/mailman/listinfo/ace
