-
Notifications
You must be signed in to change notification settings - Fork 167
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Allow callers to explicitly specify RP ID #198
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
overall this looks fine, tho there are some details to fix up in terms of how it interfaces with the HTML spec.
@@ -130,8 +130,8 @@ or a combination of both. | |||
|
|||
This specification relies on several other underlying specifications. | |||
|
|||
: HTML5 | |||
:: The concept of <dfn for='web'>origin</dfn> and the <dfn>Navigator</dfn> interface are defined in [[!HTML5]]. | |||
: HTML 5.1 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I would s/HTML 5.1/HTML/ here since the citation in the next line is clearly to HTML51.
@@ -222,7 +218,8 @@ NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and | |||
|
|||
: <dfn>Relying Party Identifier</dfn> | |||
: <dfn>RP ID</dfn> | |||
:: A Relying Party Identifier is derived from a <a>[RP]</a>'s web origin's hostname by computing the hostname's <a>eTLD+1</a>. | |||
:: A Relying Party Identifier defines the scope of a given credential, i.e. the set of web origins that the client will permit |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
s/web origins/origins/
"public suffix + 1" or "PS+1" (which is also referred to as the "Effective Top-Level Domain plus One" or "<a>eTLD+1</a>") | ||
part of |callerOrigin| [[PSL]]. Let |rpId| be the lowercase form of this RP ID. Set |rpIdHash| to the SHA-256 hash of the | ||
UTF-8 encoding of |rpId|. | ||
3. Set |callerOrigin| to the <a link-for='web'>origin</a> of the caller. If {{CredentialOptions/rpId}} is not specified, then |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
part of |callerOrigin| [[PSL]]. Let |rpId| be the lowercase form of this RP ID. Set |rpIdHash| to the SHA-256 hash of the | ||
UTF-8 encoding of |rpId|. | ||
3. Set |callerOrigin| to the <a link-for='web'>origin</a> of the caller. If {{CredentialOptions/rpId}} is not specified, then | ||
set |rpId| to the Unicode serialization of |callerOrigin| as specified in [[!HTML51-20160621]] section 6.4. If |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I do not think we want/need to invoke the unicode serialization here. The |rpId| will already be in asciiDomain format and we shouldn't alter. Anne confirmed in the comments on #178 that origin.host and origin.domain are asciiDomains, by default, if non-null.
`domain` by running the algorithm in [[!HTML51-20160621]] section 6.4.1 (but do not change the current document's `domain`). | ||
If it is not permissible, reject |promise| with a <a>DOMException</a> whose name is "SecurityError", and terminate this | ||
algorithm. If it is permissible, then set |rpId| to the Unicode serialization of {{CredentialOptions/rpId}}. Set |rpIdHash| | ||
to the SHA-256 hash of the UTF-8 encoding of |rpId|. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think we want to write the above set of lines more like so:
If {{CredentialOptions/rpId}} is specified, then invoke the relaxing the same-origin restriction "setting" algorithm using {{CredentialOptions/rpId}} as the
given value
without setting origin's |domain|. If no errors are thrown, then set |rpId| to the value of |host| as yielded by the algorithm. Set |rpIdHash| to the SHA-256 hash of |rpId|.
given that the internal default representation of origin.host
and origin.domain
is asciiDomain
( U-labels have been converted to A-labels (see https://tools.ietf.org/html/rfc5890#section-2.3.2 and foregoing figure 1 on pg 10 ) ) format, we should not be stipulating UTF-8 encoding of them, AFAICT.
The jeffh-origin-et-al branch will soon have the <pre class="anchors">
anchors set up to properly ref these things in HTML51 and so once both branches are eventually merged we should be good.
@@ -564,6 +568,9 @@ authorizing an authenticator with which to complete the operation. | |||
|
|||
- The <dfn>timeoutSeconds</dfn> parameter specifies a time, in seconds, that the caller is willing to wait for the call to | |||
complete. This is treated as a hint, and may be overridden by the platform. | |||
|
|||
- The <dfn>rpId</dfn> parameter explicitly specifies the RP ID that the credential should be associated with. If it is | |||
omitted, the RP ID will be set to the caller's origin. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
i suspect that the term "caller's origin" will not pass muster here -- will try to figure out more precise term for where we say "caller" or "caller's".
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Fixed.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
fyi/fwiw, i did nose around in the HTML spec(s) and they also use the term "caller" (in terms of the caller of an algorithm/operation), so I think/hope we're ok with using it in a similar fashion.
@@ -620,6 +628,9 @@ user consent to a specific transaction. The structure of these signatures is def | |||
|
|||
- The optional <dfn>timeoutSeconds</dfn> parameter specifies a time, in seconds, that the caller is willing to wait for the | |||
call to complete. This is treated as a hint, and may be overridden by the platform. | |||
|
|||
- The optional <dfn>rpId</dfn> parameter specifies the rpId claimed by the caller. If it is omitted, it will be assumed to | |||
be equal to the caller's origin. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
see comment above wrt "caller" et al.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Also fixed.
Since rpId is now equal to origin except when explicitly specified by the caller, and it is folded into the authenticatorData, having it in ClientData adds no value. Fixes #189
`domain` by running the algorithm in [[!HTML51-20160621]] section 6.4.1 (but do not change the current document's `domain`). | ||
If it is not permissible, reject |promise| with a <a>DOMException</a> whose name is "SecurityError", and terminate this | ||
algorithm. If it is permissible, then set |rpId| to the Unicode serialization of {{CredentialOptions/rpId}}. Set |rpIdHash| | ||
to the SHA-256 hash of the UTF-8 encoding of |rpId|. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
similar comments to the above chunk of text as I had on the foregoing.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Tweaked the text a little bit to hopefully make it better.
@@ -222,7 +218,8 @@ NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and | |||
|
|||
: <dfn>Relying Party Identifier</dfn> | |||
: <dfn>RP ID</dfn> | |||
:: A Relying Party Identifier is derived from a <a>[RP]</a>'s web origin's hostname by computing the hostname's <a>eTLD+1</a>. | |||
:: A Relying Party Identifier defines the scope of a given credential, i.e. the set of web origins that the client will permit | |||
to access that credential. It is derived from a <a>[RP]</a>'s web origin's hostname or directly specified by the [RP]. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
s/access/wield/
suggest revise last sentence to be:
It a [RP]'s origin's |host| component, or is explicitly specified by the [RP] to be either its origin's |host| component or the |host| component with subdomains removed such that it continues to pass the checks in relaxing the same-origin restriction algorithm. See step 3 of both {{#makeCredential}} and {{#getAssertion}}.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I rewrote the definition - let me know if this is better.
3. Set |callerOrigin| to the <a link-for='web'>origin</a> of the caller. If {{CredentialOptions/rpId}} is not specified, then | ||
set |rpId| to the Unicode serialization of |callerOrigin| as specified in [[!HTML51-20160621]] section 6.4. If | ||
{{CredentialOptions/rpId}} is specified, then check if its value would be an acceptable setting for the current document's | ||
`domain` by running the algorithm in [[!HTML51-20160621]] section 6.4.1 (but do not change the current document's `domain`). |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
fyi/fwiw, the linking style used in PR #202 allows direct linking to things like that algorithm such that we do not need to mention section #s. also, i suggest citing HTML51 as simply [[!HTML51]].
@@ -553,6 +554,7 @@ authorizing an authenticator with which to complete the operation. | |||
<pre class="idl"> | |||
dictionary CredentialOptions { | |||
unsigned long timeoutSeconds; | |||
USVString rpId; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why USVString here? See http://heycam.github.io/webidl/#idl-USVString
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This RP ID will be sent to the authenticator "over the wire" when authenticatorMakeCredential is invoked. That seems to fit the USVString use case in the above guidance, though I would welcome expert guidance here.
@@ -610,6 +615,7 @@ user consent to a specific transaction. The structure of these signatures is def | |||
<pre class="idl"> | |||
dictionary AssertionOptions { | |||
unsigned long timeoutSeconds; | |||
USVString rpId; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why USVString here? See http://heycam.github.io/webidl/#idl-USVString
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
See above comment regarding same issue in CredentialOptions.
@@ -691,7 +700,6 @@ string-valued keys. Values may be any type that has a valid encoding in JSON. It | |||
dictionary ClientData { | |||
required DOMString challenge; | |||
required DOMString origin; | |||
required DOMString rpId; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
How come you're removing it from the ClientData?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
See #189. The rpId is being passed in the options so it's not clear why it should also be in the client data. Also the RP ID now gets hashed into the signature as well so it seems redundant to have this here.
I've reviewed portions of the latest commits and see some issues that ought to be cleaned up. I may be able to comment more tonight, and if not, I will tomorrow morning. |
<a>relaxing the same-origin restriction</a> by setting the `document.domain` attribute, using | ||
{{ScopedCredentialOptions/rpId}} as the given value but without changing the current document's `domain`. If any errors are | ||
thrown, reject |promise| with a <a>DOMException</a> whose name is "SecurityError", and terminate this algorithm. If no | ||
errors are thrown, set |rpId| to the value of `host` as computed by the algorithm. Set |rpIdHash| to the SHA-256 hash of the |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
s/the algorithm/the procedure/
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks. I also rearranged the sentences so it reads a bit better (avoid switching back and forth between "this algorithm" and "that procedure".
<a>relaxing the same-origin restriction</a> by setting the `document.domain` attribute, using | ||
{{ScopedCredentialOptions/rpId}} as the given value but without changing the current document's `domain`. If any errors are | ||
thrown, reject |promise| with a <a>DOMException</a> whose name is "SecurityError", and terminate this algorithm. If no | ||
errors are thrown, set |rpId| to the value of `host` as computed by the algorithm. Set |rpIdHash| to the SHA-256 hash of the | ||
UTF-8 encoding of |rpId|. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
AFAIU, we do not need to UTF-8 encode rpId. It will be in "asciiDomain" format and we ought to simply hash that, unless there's something I"m missing....
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
You're right, but I wonder if we should be Unicode serializing the RP ID here since it will go to the authenticator which may want to display it. However we can discuss that separately.
<a>relaxing the same-origin restriction</a> by setting the `document.domain` attribute, using | ||
{{ScopedCredentialOptions/rpId}} as the given value but without changing the current document's `domain`. If any errors are | ||
thrown, reject |promise| with a <a>DOMException</a> whose name is "SecurityError", and terminate this algorithm. If no | ||
errors are thrown, set |rpId| to the value of `host` as computed by the algorithm. Set |rpIdHash| to the SHA-256 hash of the |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
s/the algorithm/the procedure/
<a>relaxing the same-origin restriction</a> by setting the `document.domain` attribute, using | ||
{{ScopedCredentialOptions/rpId}} as the given value but without changing the current document's `domain`. If any errors are | ||
thrown, reject |promise| with a <a>DOMException</a> whose name is "SecurityError", and terminate this algorithm. If no | ||
errors are thrown, set |rpId| to the value of `host` as computed by the algorithm. Set |rpIdHash| to the SHA-256 hash of the | ||
UTF-8 encoding of |rpId|. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
AFAIU, we do not need to UTF-8 encode rpId. It will be in "asciiDomain" format and we ought to simply hash that, unless there's something I"m missing....
@@ -564,6 +568,9 @@ authorizing an authenticator with which to complete the operation. | |||
|
|||
- The <dfn>timeoutSeconds</dfn> parameter specifies a time, in seconds, that the caller is willing to wait for the call to | |||
complete. This is treated as a hint, and may be overridden by the platform. | |||
|
|||
- The <dfn>rpId</dfn> parameter explicitly specifies the RP ID that the credential should be associated with. If it is | |||
omitted, the RP ID will be set to the caller's origin. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
fyi/fwiw, i did nose around in the HTML spec(s) and they also use the term "caller" (in terms of the caller of an algorithm/operation), so I think/hope we're ok with using it in a similar fashion.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good to me modulo these detail-level comments. The comments wrt not UTF-8 encoding prior to hashing rpId are the material comments.
Also, we should include "fixes #178" in a commit msg here prior to merge.
@@ -1287,16 +1288,15 @@ Upon receiving an attestation statement in the form of a {{WebAuthnAttestation}} | |||
|
|||
2. Verify that the {{ClientData/challenge}} in the {{ClientData}} matches the challenge that was sent to the authenticator. | |||
|
|||
3. Verify that the {{ClientData/origin}} and {{ClientData/rpId}} in the {{ClientData}} match the origin and RP ID used by the | |||
RP. | |||
3. Verify that the {{ClientData/origin}} in the {{ClientData}} matches the origin used by the RP. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
s/origin used by the RP/[RP]'s origin/ ?
I did "approve changes" ahead of time so @vijaybh is otherwise unimpeded in finishing this up and merging. |
Note this PR also fixes #178 by removing all use of the term lowercase
Alternative approach to #162 suggested by @balfanz. This change also gets rid of references to PSL and eTLD+1, replacing them with references to the HTML spec.