]> Google LLC

1600 Amphitheatre Parkway Mountain View CA 94043 United States of America dschinazi.ietf@gmail.com

Guardian Project

david@guardianproject.info https://guardianproject.info

Cloudflare Inc.

jonathan.hoyland@gmail.com

Applications and Real-Time HTTPBIS secure tunnels masque http-ng Existing HTTP authentication schemes are probeable in the sense that it is possible for an unauthenticated client to probe whether an origin serves resources that require authentication. It is possible for an origin to hide the fact that it requires authentication by not generating Unauthorized status codes, however that only works with non-cryptographic authentication schemes: cryptographic signatures require a fresh nonce to be signed, and there is no existing way for the origin to share such a nonce without exposing the fact that it serves resources that require authentication. This document proposes a new non-probeable cryptographic authentication scheme. About This Document The latest revision of this draft can be found at . Status information for this document may be found at . Discussion of this document takes place on the HTTP Working Group mailing list (), which is archived at . Working Group information can be found at . Source for this draft and an issue tracker can be found at .

Introduction HTTP authentication schemes (see ) allow origins to restrict access for some resources to only authenticated requests. While these schemes commonly involve a challenge where the origin asks the client to provide authentication information, it is possible for clients to send such information unprompted. This is particularly useful in cases where an origin wants to offer a service or capability only to "those who know" while all others are given no indication the service or capability exists. Such designs rely on an externally-defined mechanism by which keys are distributed. For example, a company might offer remote employee access to company services directly via its website using their employee credentials, or offer access to limited special capabilities for specific employees, while making discovering (probing for) such capabilities difficult. Members of less well-defined communities might use more ephemeral keys to acquire access to geography- or capability-specific resources, as issued by an entity whose user base is larger than the available resources can support (by having that entity metering the availability of keys temporally or geographically). While digital-signature-based HTTP authentication schemes already exist (), they rely on the origin explicitly sending a fresh challenge to the client, to ensure that the signature input is fresh. That makes the origin probeable as it send the challenge to unauthenticated clients. This document defines a new signature-based authentication scheme that is not probeable.

Conventions and Definitions The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 when, and only when, they appear in all capitals, as shown here. This document uses the notation from .

The Signature Authentication Scheme This document defines the "Signature" HTTP authentication scheme. It uses asymmetric cryptography. User agents possess a key ID and a public/private key pair, and origin servers maintain a mapping of authorized key IDs to their associated public keys. The client uses a TLS keying material exporter to generate data to be signed (see ) then sends the signature using the Authorization or Proxy-Authorization header field. The signature and additional information are exchanged using authentication parameters (see ).

TLS Usage This authentication scheme is only defined for uses of HTTP with TLS . This includes any use of HTTP over TLS as typically used for HTTP/2 , or HTTP/3 where the transport protocol uses TLS as its authentication and key exchange mechanism . Because the TLS keying material exporter is only secure for authentication when it is uniquely bound to the TLS session , the Signature authentication scheme requires either one of the following properties:

• The TLS version in use is greater or equal to 1.3 .
• The TLS version in use is 1.2 and the Extended Master Secret extension has been negotiated.

Clients MUST NOT use the Signature authentication scheme on connections that do not meet one of the two properties above. If a server receives a request that uses this authentication scheme on a connection that meets neither of the above properties, the server MUST treat the request as malformed.

Computing the Authentication Proof The user agent computes the authentication proof using a TLS keying material exporter with the following parameters:

• the label is set to "EXPORTER-HTTP-Signature-Authentication"
• the context is set to the structure described in
• the exporter output length is set to 48 bytes (see )

Key Exporter Context The TLS key exporter context is described in :

Key Exporter Context Format

The key exporter context contains the following fields:

Signature Algorithm:

The signature scheme sent in the s Parameter (see ).

Key ID:

The key ID sent in the k Parameter (see ).

Public Key:

The public key used by the server to validate the signature provided by the client (the encoding is described below).

Scheme:

The scheme for this request, encoded using the format of the scheme portion of a URI as defined in .

Host:

The host for this request, encoded using the format of the host portion of a URI as defined in .

Port:

The port for this request, encoded in network byte order. Note that the port is either included in the URI, or is the default port for the scheme in use; see .

Realm:

The real of authentication that is sent in the realm authentication parameter (). If the realm authentication parameter is not present, this SHALL be empty. This document does not define a means for the origin to communicate a realm to the client. If a client is not configured to use a specific realm, it SHALL use an empty realm and SHALL NOT send the realm authentication parameter.

The Signature Algorithm and Port fields are encoded as unsigned 16-bit integers in network byte order. The Key ID, Public Key, Scheme, Host, and Real fields are length prefixed strings; they are preceded by a Length field that represents their length in bytes. These length fields are encoded using the variable-length integer encoding from and MUST be encoded in the minimum number of bytes necessary. The encoding of the public key is determined by the Signature Algorithm in use as follows:

RSASSA-PSS algorithms:

The public key is an RSAPublicKey structure encoded in DER . BER encodings which are not DER MUST be rejected.

ECDSA algorithms:

The public key is a UncompressedPointRepresentation structure defined in , using the curve specified by the SignatureScheme.

EdDSA algorithms:

The public key is the byte string encoding defined in .

This document does not define the public key encodings for other algorithms. In order for a SignatureScheme to be usable with the Signature HTTP authentication scheme, its public key encoding needs to be defined in a corresponding document.

Key Exporter Output The key exporter output is 48 bytes long. Of those, the first 32 bytes are part of the input to the signature and the next 16 bytes are sent alongside the signature. This allows the recipient to confirm that the exporter produces the right values. This is described in :

Key Exporter Output Format

The key exporter context contains the following fields:

Signature Input:

This is part of the data signed using the client's chosen asymmetric private key (see ).

Verification:

The verification is transmitted to the server using the v Parameter (see ).

Signature Computation Once the Signature Input has been extracted from the key exporter output (see ), it is prefixed with static data before being signed to mitigate issues caused by key reuse. The signature is computed over the concatenation of:

• A string that consists of octet 32 (0x20) repeated 64 times
• The context string "HTTP Signature Authentication"
• A single 0 byte which serves as a separator
• The Signature Input extracted from the key exporter output (see )

For example, if the Signature Input has all its 32 bytes set to 01, the content covered by the signature (in hexadecimal format) would be:

Example Content Covered by Signature

This constructions mirrors that of the TLS 1.3 CertificateVerify message defined in . The resulting signature is then transmitted to the server using the p Parameter (see ).

Authentication Parameters This specification defines the following authentication parameters. All of the byte sequences below are encoded using base64url (see ) without quotes and without padding. In other words, these byte sequence authentication parameters values MUST NOT include any characters other then ASCII letters, digits, dash and underscore. The integer below is encoded without a minus and without leading zeroes. In other words, the integer authentication parameters value MUST NOT include any characters other than digits, and MUST NOT start with a zero unless the full value is "0". Using the syntax from :

Authentication Parameter Value ABNF

The k Parameter The REQUIRED "k" (key ID) parameter is a byte sequence that identifies which key the user agent wishes to use to authenticate. This can for example be used to point to an entry into a server-side database of known keys.

The a Parameter The REQUIRED "a" (public key) parameter is a byte sequence that contains the public key used by the server to validate the signature provided by the client. This avoids key confusion issues (see ). The encoding of the public key is described in .

The p Parameter The REQUIRED "p" (proof) parameter is a byte sequence that specifies the proof that the user agent provides to attest to possessing the credential that matches its key ID.

The s Parameter The REQUIRED "s" (signature) parameter is an integer that specifies the signature scheme used to compute the proof transmitted in the "p" directive. Its value is an integer between 0 and 65535 inclusive from the IANA "TLS SignatureScheme" registry maintained at <>.

The v Parameter The REQUIRED "v" (verification) parameter is a byte sequence that specifies the verification that the user agent provides to attest to possessing the key exporter output (see for details). This avoids issues with signature schemes where certain keys can generate signatures that are valid for multiple inputs (see ).

Example For example, the key ID "basement" authenticating using Ed25519 could produce the following header field:

Example Header Field

Non-Probeable Server Handling Servers that wish to introduce resources whose existence cannot be probed need to ensure that they do not reveal any information about those resources to unauthenticated clients. In particular, such servers MUST respond to authentication failures with the exact same response that they would have used for non-existent resources. For example, this can mean using HTTP status code 404 (Not Found) instead of 401 (Unauthorized). Such authentication failures can be caused for example by:

• absence of the Authorization (or Proxy-Authorization) field
• failure to parse that field
• use of the Signature authentication scheme with an unknown key ID
• mismatch between key ID and provided public key
• failure to validate the verification parameter
• failure to validate the signature.

In order to validate the signature, the server needs to first parse the field containing the signature, then look up the key ID in its database of public keys, and finally perform the cryptographic validation. These steps can take time, and an attacker could detect use of this mechanism if that time is observable by comparing the timing of a request for a known non-existent resource to the timing of a request for a potentially authenticated resource. Servers can mitigate this observability by slightly delaying responses to some non-existent resources such that the timing of the authentication verification is not observable. This delay needs to be carefully considered to avoid having the delay itself leak the fact that this origin uses this mechanism at all. Non-probeable resources also need to be non-discoverable for unauthenticated users. For example, if a server operator wishes to hide an authenticated resource by pretending it does not exist to unauthenticated users, then the server operator needs to ensure there are no unauthenticated pages with links to that resource, and no other out-of-band ways for unauthenticated users to discover this resource.

Intermediary Considerations Since the Signature HTTP authentication scheme leverages TLS keying material exporters, its output cannot be transparently forwarded by HTTP intermediaries. HTTP intermediaries that support this specification have two options:

• The intermediary can validate the authentication received from the client, then inform the upstream HTTP server of the presence of valid authentication.
• The intermediary can export the Signature Input and Verification (see }), and forward it to the upstream HTTP server, then the upstream server performs the validation.

The mechanism for the intermediary to communicate this information to the upstream HTTP server is out of scope for this document. Note that both of these mechanisms require the upstream HTTP server to trust the intermediary. This is usually the case because the intermediary already needs access to the TLS certificate private key in order to respond to requests.

Security Considerations The Signature HTTP authentication scheme allows a user agent to authenticate to an origin server while guaranteeing freshness and without the need for the server to transmit a nonce to the user agent. This allows the server to accept authenticated clients without revealing that it supports or expects authentication for some resources. It also allows authentication without the user agent leaking the presence of authentication to observers due to clear-text TLS Client Hello extensions. The authentication proofs described in this document are not bound to individual HTTP requests; if the key is used for authentication proofs on multiple requests on the same connection, they will all be identical. This allows for better compression when sending over the wire, but implies that client implementations that multiplex different security contexts over a single HTTP connection need to ensure that those contexts cannot read each other's header fields. Otherwise, one context would be able to replay the Authorization header field of another. This constraint is met by modern Web browsers. If an attacker were to compromise the browser such that it could access another context's memory, the attacker might also be able to access the corresponding key, so binding authentication to requests would not provide much benefit in practice. Key material used for the Signature HTTP authentication scheme MUST NOT be reused in other protocols. Doing so can undermine the security guarantees of the authentication. Origins offering this scheme can link requests that use the same key. However, requests are not linkable across origins if the keys used are specific to the individual origins using this scheme.

IANA Considerations

HTTP Authentication Schemes Registry This document, if approved, requests IANA to register the following entry in the "HTTP Authentication Schemes" Registry maintained at <>:

Authentication Scheme Name:

Signature

Reference:

This document

Notes:

None

TLS Keying Material Exporter Labels This document, if approved, requests IANA to register the following entry in the "TLS Exporter Labels" registry maintained at <>:

Value:

EXPORTER-HTTP-Signature-Authentication

DTLS-OK:

N

Recommended:

Y

Reference:

This document

References Normative References This document defines two strategies for handling long lines in width-bounded text content. One strategy, called the "single backslash" strategy, is based on the historical use of a single backslash ('\') character to indicate where line-folding has occurred, with the continuation occurring with the first character that is not a space character (' ') on the next line. The second strategy, called the "double backslash" strategy, extends the first strategy by adding a second backslash character to identify where the continuation begins and is thereby able to handle cases not supported by the first strategy. Both strategies use a self-describing header enabling automated reconstitution of the original content. ITU-T The Hypertext Transfer Protocol (HTTP) is a stateless application-level protocol for distributed, collaborative, hypertext information systems. This document describes the overall architecture of HTTP, establishes common terminology, and defines aspects of the protocol that are shared by all versions. In this definition are core protocol elements, extensibility mechanisms, and the "http" and "https" Uniform Resource Identifier (URI) schemes. This document updates RFC 3864 and obsoletes RFCs 2818, 7231, 7232, 7233, 7235, 7538, 7615, 7694, and portions of 7230. In many standards track documents several words are used to signify the requirements in the specification. These words are often capitalized. This document defines these words as they should be interpreted in IETF documents. This document specifies an Internet Best Current Practices for the Internet Community, and requests discussion and suggestions for improvements. RFC 2119 specifies common key words that may be used in protocol specifications. This document aims to reduce the ambiguity by clarifying that only UPPERCASE usage of the key words have the defined special meanings. This document defines the core of the QUIC transport protocol. QUIC provides applications with flow-controlled streams for structured communication, low-latency connection establishment, and network path migration. QUIC includes security measures that ensure confidentiality, integrity, and availability in a range of deployment circumstances. Accompanying documents describe the integration of TLS for key negotiation, loss detection, and an exemplary congestion control algorithm. This document specifies version 1.3 of the Transport Layer Security (TLS) protocol. TLS allows client/server applications to communicate over the Internet in a way that is designed to prevent eavesdropping, tampering, and message forgery. This document updates RFCs 5705 and 6066, and obsoletes RFCs 5077, 5246, and 6961. This document also specifies new requirements for TLS 1.2 implementations. The Transport Layer Security (TLS) master secret is not cryptographically bound to important session parameters such as the server certificate. Consequently, it is possible for an active attacker to set up two sessions, one with a client and another with a server, such that the master secrets on the two sessions are the same. Thereafter, any mechanism that relies on the master secret for authentication, including session resumption, becomes vulnerable to a man-in-the-middle attack, where the attacker can simply forward messages back and forth between the client and server. This specification defines a TLS extension that contextually binds the master secret to a log of the full handshake that computes it, thus preventing such attacks. A number of protocols wish to leverage Transport Layer Security (TLS) to perform key establishment but then use some of the keying material for their own purposes. This document describes a general mechanism for allowing that. [STANDARDS-TRACK] A Uniform Resource Identifier (URI) is a compact sequence of characters that identifies an abstract or physical resource. This specification defines the generic URI syntax and a process for resolving URI references that might be in relative form, along with guidelines and security considerations for the use of URIs on the Internet. The URI syntax defines a grammar that is a superset of all valid URIs, allowing an implementation to parse the common components of a URI reference without knowing the scheme-specific requirements of every possible identifier. This specification does not define a generative grammar for URIs; that task is performed by the individual specifications of each URI scheme. [STANDARDS-TRACK] This document provides recommendations for the implementation of public-key cryptography based on the RSA algorithm, covering cryptographic primitives, encryption schemes, signature schemes with appendix, and ASN.1 syntax for representing keys and for identifying the schemes. This document represents a republication of PKCS #1 v2.2 from RSA Laboratories' Public-Key Cryptography Standards (PKCS) series. By publishing this RFC, change control is transferred to the IETF. This document also obsoletes RFC 3447. This document describes elliptic curve signature scheme Edwards-curve Digital Signature Algorithm (EdDSA). The algorithm is instantiated with recommended parameters for the edwards25519 and edwards448 curves. An example implementation and test vectors are provided. This document describes the commonly used base 64, base 32, and base 16 encoding schemes. It also discusses the use of line-feeds in encoded data, use of padding in encoded data, use of non-alphabet characters in encoded data, use of different encoding alphabets, and canonical encodings. [STANDARDS-TRACK] Internet technical specifications often need to define a formal syntax. Over the years, a modified version of Backus-Naur Form (BNF), called Augmented BNF (ABNF), has been popular among many Internet specifications. The current specification documents ABNF. It balances compactness and simplicity with reasonable representational power. The differences between standard BNF and ABNF involve naming rules, repetition, alternatives, order-independence, and value ranges. This specification also supplies additional rule definitions and encoding for a core lexical analyzer of the type common to several Internet specifications. [STANDARDS-TRACK] Informative References This specification describes an optimized expression of the semantics of the Hypertext Transfer Protocol (HTTP), referred to as HTTP version 2 (HTTP/2). HTTP/2 enables a more efficient use of network resources and a reduced latency by introducing field compression and allowing multiple concurrent exchanges on the same connection. This document obsoletes RFCs 7540 and 8740. The QUIC transport protocol has several features that are desirable in a transport for HTTP, such as stream multiplexing, per-stream flow control, and low-latency connection establishment. This document describes a mapping of HTTP semantics over QUIC. This document also identifies HTTP/2 features that are subsumed by QUIC and describes how HTTP/2 extensions can be ported to HTTP/3. CCS '19: Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security pp. 2165–2180 HTTP Origin-Bound Authentication (HOBA) is a digital-signature-based design for an HTTP authentication method. The design can also be used in JavaScript-based authentication embedded in HTML. HOBA is an alternative to HTTP authentication schemes that require passwords and therefore avoids all problems related to passwords, such as leakage of server-side password databases. This document describes how Transport Layer Security (TLS) is used to secure QUIC. This document specifies algorithm identifiers and ASN.1 encoding formats for elliptic curve constructs using the curve25519 and curve448 curves. The signature algorithms covered are Ed25519 and Ed448. The key agreement algorithms covered are X25519 and X448. The encoding for public key, private key, and Edwards-curve Digital Signature Algorithm (EdDSA) structures is provided. Google LLC This document describes MASQUE (Multiplexed Application Substrate over QUIC Encryption). MASQUE is a mechanism that allows co-locating and obfuscating networking applications behind an HTTPS web server. The currently prevalent use-case is to allow running a VPN server that is indistinguishable from an HTTPS server to any unauthenticated observer. We do not expect major providers and CDNs to deploy this behind their main TLS certificate, as they are not willing to take the risk of getting blocked, as shown when domain fronting was blocked. An expected use would be for individuals to enable this behind their personal websites via easy to configure open-source software. This document is a straw-man proposal. It does not contain enough details to implement the protocol, and is currently intended to spark discussions on the approach it is taking. As we have not yet found a home for this work, discussion is encouraged to happen on the GitHub repository which contains the draft: https://github.com/DavidSchinazi/masque-drafts [1].

Acknowledgments The authors would like to thank many members of the IETF community, as this document is the fruit of many hallway conversations. In particular, the authors would like to thank , , , , , , , , , and for their reviews and contributions. The mechanism described in this document was originally part of the first iteration of MASQUE .