draft-ietf-kitten-gss-sanon-00.txt   draft-ietf-kitten-gss-sanon-01.txt 
Network Working Group L. Howard Network Working Group L. Howard
Internet-Draft PADL Internet-Draft PADL
Intended status: Standards Track May 5, 2020 Intended status: Standards Track July 5, 2020
Expires: November 6, 2020 Expires: January 6, 2021
A Simple Anonymous GSS-API Mechanism A Simple Anonymous GSS-API Mechanism
draft-ietf-kitten-gss-sanon-00 draft-ietf-kitten-gss-sanon-01
Abstract Abstract
This document defines protocols, procedures and conventions for a This document defines protocols, procedures and conventions for a
Generic Security Service Application Program Interface (GSS-API) Generic Security Service Application Program Interface (GSS-API)
security mechanism that provides key agreement without authentication security mechanism that provides key agreement without authentication
of either party. of either party.
Status of This Memo Status of This Memo
skipping to change at page 1, line 33 skipping to change at page 1, line 33
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/. Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on November 6, 2020. This Internet-Draft will expire on January 6, 2021.
Copyright Notice Copyright Notice
Copyright (c) 2020 IETF Trust and the persons identified as the Copyright (c) 2020 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(https://trustee.ietf.org/license-info) in effect on the date of (https://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 2, line 31 skipping to change at page 2, line 31
6. Key derivation . . . . . . . . . . . . . . . . . . . . . . . 6 6. Key derivation . . . . . . . . . . . . . . . . . . . . . . . 6
7. Pseudo-Random Function . . . . . . . . . . . . . . . . . . . 7 7. Pseudo-Random Function . . . . . . . . . . . . . . . . . . . 7
8. Security Considerations . . . . . . . . . . . . . . . . . . . 7 8. Security Considerations . . . . . . . . . . . . . . . . . . . 7
9. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 7 9. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 7
10. References . . . . . . . . . . . . . . . . . . . . . . . . . 7 10. References . . . . . . . . . . . . . . . . . . . . . . . . . 7
10.1. Normative References . . . . . . . . . . . . . . . . . . . 8 10.1. Normative References . . . . . . . . . . . . . . . . . . . 8
10.2. Informative References . . . . . . . . . . . . . . . . . . 8 10.2. Informative References . . . . . . . . . . . . . . . . . . 8
Appendix A. Test Vectors . . . . . . . . . . . . . . . . . . . . 9 Appendix A. Test Vectors . . . . . . . . . . . . . . . . . . . . 9
Appendix B. Mechanism Attributes . . . . . . . . . . . . . . . . 10 Appendix B. Mechanism Attributes . . . . . . . . . . . . . . . . 10
Appendix C. NegoEx . . . . . . . . . . . . . . . . . . . . . . . 10 Appendix C. NegoEx . . . . . . . . . . . . . . . . . . . . . . . 10
Appendix D. IANA Considerations . . . . . . . . . . . . . . . . 11
Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 11 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 11
1. Introduction 1. Introduction
The Generic Security Service Application Program Interface (GSS-API) The Generic Security Service Application Program Interface (GSS-API)
[RFC2743] provides a framework for authentication and message [RFC2743] provides a framework for authentication and message
protection services through a common programming interface. protection services through a common programming interface.
The Simple Anonymous mechanism (hereafter SAnon) described in this The Simple Anonymous mechanism (hereafter SAnon) described in this
document is a simple protocol based on the X25519 elliptic curve document is a simple protocol based on the X25519 elliptic curve
skipping to change at page 3, line 10 skipping to change at page 3, line 10
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in [RFC2119]. document are to be interpreted as described in [RFC2119].
3. Discovery and Negotiation 3. Discovery and Negotiation
The SAnon mechanism is identified by the following OID: The SAnon mechanism is identified by the following OID:
sanon-x25519 OBJECT IDENTIFIER ::= sanon-x25519 OBJECT IDENTIFIER ::=
{iso(1)identified-organization(3)dod(6)internet(1) {iso(1)org(3)dod(6)internet(1)
private(4)enterprise(1)padl(5322)gss-sanon(26) security(5)mechanisms(5)sanon-x25519(tbd)}
mechanisms(1)sanon-x25519(110)}
The means of discovering GSS-API peers and their supported mechanisms The means of discovering GSS-API peers and their supported mechanisms
is out of this specification's scope. To avoid multiple layers of is out of this specification's scope. To avoid multiple layers of
negotiation, SAnon is not crypto-agile; a future variant using a negotiation, SAnon is not crypto-agile; a future variant using a
different algorithm would be assigned a different OID. different algorithm would be assigned a different OID.
If anonymity is not desired then SAnon MUST NOT be used. Either If anonymity is not desired then SAnon MUST NOT be used. Either
party can test for anon_state (GSS_C_ANON_FLAG) to check if anonymous party can test for anon_state (GSS_C_ANON_FLAG) to check if anonymous
authentication was performed. authentication was performed.
skipping to change at page 4, line 30 skipping to change at page 4, line 30
5.1. Context Establishment Tokens 5.1. Context Establishment Tokens
5.1.1. Initial context token 5.1.1. Initial context token
The initial context token is framed per Section 1 of [RFC2743]: The initial context token is framed per Section 1 of [RFC2743]:
GSS-API DEFINITIONS ::= GSS-API DEFINITIONS ::=
BEGIN BEGIN
MechType ::= OBJECT IDENTIFIER -- 1.3.6.1.4.1.5322.26.1.110 MechType ::= OBJECT IDENTIFIER -- TBD
GSSAPI-Token ::= GSSAPI-Token ::=
[APPLICATION 0] IMPLICIT SEQUENCE { [APPLICATION 0] IMPLICIT SEQUENCE {
thisMech MechType, thisMech MechType,
innerToken ANY DEFINED BY thisMech innerToken ANY DEFINED BY thisMech
-- 32 byte initiator public key -- 32 byte initiator public key
-- 8 byte protocol flags (optional) -- 8 byte protocol flags (optional)
} }
END END
On the first call to GSS_Init_sec_context(), the mechanism checks if On the first call to GSS_Init_sec_context(), the mechanism checks if
skipping to change at page 9, line 28 skipping to change at page 9, line 28
[SP800-108] [SP800-108]
Chen, L., "Recommendation for Key Derivation Using Chen, L., "Recommendation for Key Derivation Using
Pseudorandom Functions (Revised)", October 2009. Pseudorandom Functions (Revised)", October 2009.
Appendix A. Test Vectors Appendix A. Test Vectors
The example exchange below contains no additional flags or channel The example exchange below contains no additional flags or channel
binding information. binding information.
[[CREF1: These test vectors will need to be regenerated once an OID
is assigned by IANA. --LH]]
initiator secret key 83 33 f2 ea 2a 22 eb aa 05 39 c6 06 1d 6a 99 05 initiator secret key 83 33 f2 ea 2a 22 eb aa 05 39 c6 06 1d 6a 99 05
84 24 49 9e 2c 16 c1 b1 34 d9 22 27 f3 f4 5e bd 84 24 49 9e 2c 16 c1 b1 34 d9 22 27 f3 f4 5e bd
initiator public key 5f 40 66 22 5a 3c fd 72 57 23 c1 8f ae 71 3e 8c initiator public key 5f 40 66 22 5a 3c fd 72 57 23 c1 8f ae 71 3e 8c
ab 32 a7 2c 93 b9 76 66 04 4b 8f e4 a0 c9 69 19 ab 32 a7 2c 93 b9 76 66 04 4b 8f e4 a0 c9 69 19
initiator token 60 2c 06 0a 2b 06 01 04 01 a9 4a 1a 01 6e 5f 40 initiator token 60 2c 06 0a 2b 06 01 04 01 a9 4a 1a 01 6e 5f 40
66 22 5a 3c fd 72 57 23 c1 8f ae 71 3e 8c ab 32 66 22 5a 3c fd 72 57 23 c1 8f ae 71 3e 8c ab 32
a7 2c 93 b9 76 66 04 4b 8f e4 a0 c9 69 19 a7 2c 93 b9 76 66 04 4b 8f e4 a0 c9 69 19
skipping to change at page 11, line 5 skipping to change at page 11, line 5
The initiator and acceptor keys for NegoEx checksum generation and The initiator and acceptor keys for NegoEx checksum generation and
verification are derived using the GSS-API PRF (see Section 7), with verification are derived using the GSS-API PRF (see Section 7), with
the input data "sanon-x25519-initiator-negoex-key" and "sanon-x25519- the input data "sanon-x25519-initiator-negoex-key" and "sanon-x25519-
acceptor-negoex-key" respectively (without quotation marks). No acceptor-negoex-key" respectively (without quotation marks). No
metadata is defined and any, if present, SHOULD be ignored. metadata is defined and any, if present, SHOULD be ignored.
It is RECOMMENDED that GSS-API implementations supporting both SPNEGO It is RECOMMENDED that GSS-API implementations supporting both SPNEGO
[RFC4178] and NegoEx advertise SAnon under both to maximise [RFC4178] and NegoEx advertise SAnon under both to maximise
interoperability. interoperability.
Appendix D. IANA Considerations
The IANA is requested to assign a new entry for the sanon-x25519
mechanism in the sub-registry for SMI Security for Mechanism Codes,
and to reference this specification in the registry. Section 3 and
Appendix A should be updated accordingly.
Author's Address Author's Address
Luke Howard Luke Howard
PADL Software Pty Ltd PADL Software Pty Ltd
PO Box 59 PO Box 59
Central Park, VIC 3145 Central Park, VIC 3145
Australia Australia
Email: lukeh@padl.com Email: lukeh@padl.com
 End of changes. 8 change blocks. 
8 lines changed or deleted 18 lines changed or added

This html diff was produced by rfcdiff 1.47. The latest version is available from http://tools.ietf.org/tools/rfcdiff/