Internet-Draft PrivateToken Authentication Extensions July 2023
Hendrickson & Wood Expires 11 January 2024 [Page]
Workgroup:
Privacy Pass
Internet-Draft:
draft-wood-privacypass-auth-scheme-extensions-00
Published:
Intended Status:
Standards Track
Expires:
Authors:
S. Hendrickson
Google
C. A. Wood
Cloudflare, Inc.

The PrivateToken HTTP Authentication Scheme Extensions Parameter

Abstract

This document specifies a new parameter for the "PrivateToken" HTTP authentication scheme. This purpose of this parameter is to carry extensions for Privacy Pass protocols that support public metadata.

About This Document

This note is to be removed before publishing as an RFC.

The latest revision of this draft can be found at https://chris-wood.github.io/draft-wood-privacypass-extensible-token/draft-wood-privacypass-extensible-token.html. Status information for this document may be found at https://datatracker.ietf.org/doc/draft-wood-privacypass-auth-scheme-extensions/.

Discussion of this document takes place on the Privacy Pass Working Group mailing list (mailto:privacy-pass@ietf.org), which is archived at https://mailarchive.ietf.org/arch/browse/privacy-pass/. Subscribe at https://www.ietf.org/mailman/listinfo/privacy-pass/.

Source for this draft and an issue tracker can be found at https://github.com/chris-wood/draft-wood-privacypass-extensible-token.

Status of This Memo

This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.

Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at https://datatracker.ietf.org/drafts/current/.

Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."

This Internet-Draft will expire on 11 January 2024.

Table of Contents

1. Introduction

The primary Token structure in the "PrivateToken" HTTP authentication scheme [AUTHSCHEME] is composed as follows:

struct {
    uint16_t token_type;
    uint8_t nonce[32];
    uint8_t challenge_digest[32];
    uint8_t token_key_id[Nid];
    uint8_t authenticator[Nk];
} Token;

Functionally, this structure conveys a single bit of information from the issuance protocol: whether or not the token is valid (as indicated by a valid authenticator value). This structure does not admit any additional information to flow from the issuance protocol, including, for example, public metadata that is incorporated into the issuance protocol.

This document specifies a new parameter for the "PrivateToken" HTTP authentication scheme for carrying extensions. This extensions parameter, otherwise referred to as public metadata, is cryptographically bound to the Token structure via the Privacy Pass issuance protocol.

2. Conventions and Definitions

The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all capitals, as shown here.

3. PrivateToken Extensions Parameter

As defined in Section 2.2 of [AUTHSCHEME], the "PrivateToken" authentication scheme defines one parameter, "token", which contains the base64url-encoded Token struct. This document defines a new parameter, "extensions," which contains the base64url-encoded representation of the following Extensions structure.

struct {
    ExtensionType extension_type;
    opaque extension_data<0..2^16-1>;
} Extension;

enum {
    reserved(0),
    (65535)
} ExtensionType;

struct {
    Extension extensions<0..2^16-1>;
} Extensions;

The contents of Extensions are a list of Extension values, each of which is a type-length-value structure whose semantics are determined by the type. The type and length of each extension are 2-octet integers, in network byte order. The length of the extensions list is also a is a 2-octet integer, in network byte order.

Clients, Issuers, and Origins all agree on the content and encoding of this Extensions structure, i.e., they agree on the same type-length-value list. The list MUST be ordered by ExtensionType value, from 1 to 65535. The value of the Extensions structure is used as-is when verifying the value of the corresponding "token" parameter in the "PrivateToken" authentication header.

Future documents may specify extensions to be included in this structure. Registration details for these extensions are in Section 5.

Each Privacy Pass issuance protocol, identified by a token type, specifices the structure of the PrivateToken value to be used. Issuance protocols that support public metadata would define a way to convey this metadata as a set of extensions in an Extensions structure.

4. Security Considerations

Privacy considerations for tokens that include additional information are discussed in Section 6.1 of [ARCHITECTURE].

5. IANA Considerations

IANA is requested to create a new "Privacy Pass PrivateToken Extensions" registry in the "Privacy Pass Parameters" page to list possible extension values and their meaning. Each extension has a two-byte type, so the maximum possible value is 0xFFFF = 65535.

Template:

New entries in this registry are subject to the Specification Required registration policy ([RFC8126], Section 4.6). Designated experts need to ensure that the extension is sufficiently clearly defined and, importantly, has a clear description about the privacy implications of using the extension framed in the context of partitioning the client anonymity set as described in Section 6.1 of [ARCHITECTURE].

Values 0xF000-0xFFFF are reserved for private use, to enable proprietary uses and limited experimentation.

6. References

6.1. Normative References

[AUTHSCHEME]
Pauly, T., Valdez, S., and C. A. Wood, "The Privacy Pass HTTP Authentication Scheme", Work in Progress, Internet-Draft, draft-ietf-privacypass-auth-scheme-11, , <https://datatracker.ietf.org/doc/html/draft-ietf-privacypass-auth-scheme-11>.
[RFC2119]
Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, DOI 10.17487/RFC2119, , <https://www.rfc-editor.org/rfc/rfc2119>.
[RFC8126]
Cotton, M., Leiba, B., and T. Narten, "Guidelines for Writing an IANA Considerations Section in RFCs", BCP 26, RFC 8126, DOI 10.17487/RFC8126, , <https://www.rfc-editor.org/rfc/rfc8126>.
[RFC8174]
Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, , <https://www.rfc-editor.org/rfc/rfc8174>.

6.2. Informative References

[ARCHITECTURE]
Davidson, A., Iyengar, J., and C. A. Wood, "The Privacy Pass Architecture", Work in Progress, Internet-Draft, draft-ietf-privacypass-architecture-13, , <https://datatracker.ietf.org/doc/html/draft-ietf-privacypass-architecture-13>.

Authors' Addresses

Scott Hendrickson
Google
Christopher A. Wood
Cloudflare, Inc.