Hello list(s),in the process of updating our draft [1] (mainly in reaction to the reviewer's comments) I've come up with a question I'd like to put to the list (crossposting to OAuth as well, they might have considered that already):
Assuming we are using (D)TLS to secure the connection between C and RS, assuming further that we are using proof-of-possession tokens [2], i.e. tokens linked to a key, of which the client needs to prove possession in order for the RS to accept the token.
Do we need to support cases, where the type of key used with DTLS does not match the type of key in the PoP-token?
Example:The client uses its raw public key as proof of possession, but the DTLS connection C - RS is secured with a pre-shared symmetric key.
Is that a realistic use case?It would simplify the DTLS cases a lot, if I could just require the token and the DTLS session to use the same type of key. For starters we could use DTLS handshake to perform the proof-of-possession.
Would there be any security issues with using the PoP key in the DTLS handshake?
I'm thinking of using pre-shared symmetric PoP keys as PSK as in RFC4279 and raw public PoP keys as client-authentication key as in
RFC7250. Regards, Ludwig [1] https://datatracker.ietf.org/doc/draft-ietf-ace-oauth-authz/ [2] https://tools.ietf.org/html/draft-ietf-oauth-pop-key-distribution-02 -- Ludwig Seitz, PhD SICS Swedish ICT AB Ideon Science Park Building Beta 2 Scheelevägen 17 SE-223 70 Lund Phone +46(0)70 349 9251 http://www.sics.se
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
