Document prevention of attacks on privacy

[emlun]

Fixes #743. Fixes #382.

#140 is related, but requires a normative requirement that authenticators make credential IDs look like opaque random data.

---

Preview | Diff

[emlun]

I'm starting to feel like many of these more "explainer" type sections might belong better in a separate appendix. The point of them is to make the spec more accessible and easier to understand - but the spec is already gigantic, and having them inline in the spec might just make it even more intimidating. What do others think?

[selfissued]

I understand your point about "explainer" sections, but moving them out of context to a different part of the spec makes it much less likely that implementers will read them and won't make the spec any smaller. Therefore, I'd keep them in-line.

[selfissued]

Please apply the suggested corrections and clarifications.

[selfissued]

physical person -> human being (replace all occurrences)

[emlun]

Done.

[selfissued]

and -> any

[emlun]

Fixed.

[selfissued]

I have no idea what "similar aliases" refers to. Maybe just say "e.g., usernames and [=user handles=]. (Also note the comma after "e.g.".

[emlun]

Both done.

[selfissued]

Add the missing comma after "[=platform authenticators=].

[emlun]

Fixed.

[selfissued]

A comma is always required after "e.g.". Please add it to all uses.

[emlun]

Fixed.

[selfissued]

Add a comma between "user" and "even".

[emlun]

Done.

[selfissued]

The phrase "are not correlatable as having the same [=managing authenticator=]" is awkward and hard to understand. Do you mean "are not correlatable as belonging to the same [=authenticator=]"? Or perhaps "are not correlatable as belonging to the same user"?

[emlun]

Done; I went with "correlatable as belonging to the same user".

[selfissued]

I don't see any target in the spec that "[=client-side-resident credential private key=]" refers to. Please review the uses of "[= ... =]" in this PR and ensure that all of them refer to locations with matching locations.

[emlun]

The reference did resolve successfully, but other links to it capitalize each of the (non-hyphenated) words, so I changed to that here too.

[emlun]

@selfissued Please re-review!

[nadalin]

@equalsJeffH Please review

[equalsJeffH]

This is looking overall good, tho have some detail-level comments/suggestions to discuss, thx!

[equalsJeffH]

nit: i suggest the term "natural person" rather than "human being"
https://en.wikipedia.org/wiki/Natural_person

[emlun]

Shall I also add that as a non-normative definition reference?

[equalsJeffH]

sure :)

[emlun]

Done; I'm not sure it belongs in the bibliography, though, so I didn't add it to there.

[jyasskin]

1. I'm nervous about using legal terms unless a lawyer has reviewed them.
2. "Historically, a human being was not necessarily a natural person in some jurisdictions where slavery existed (subject of a property right) rather than a person." makes me think we'd prefer "human being" here anyway.

[emlun]

Valid points. @equalsJeffH What do you think, do we revert this?

[equalsJeffH]

oh geeze.... I'd still use natural person but just not link it to wikipedia, or sure, use human being....

[equalsJeffH]

after grovelling in the spec on another PR, i note that we use "human" in other terms/phrases, such as human-palatable, so I'm thinking "human being" is fine. silly me.

[equalsJeffH]

hm, I'd tend to term these things below as "identifiers" rather than "identities" -- i.e., an identity is a collection of attributes where identifiers are among the attributes.

[emlun]

Ah yes, good point.

[equalsJeffH]

suggest:
s/ ownership of / correlation with /

[emlun]

It's not clear to me how that would improve this sentence - care to explain what you mean?

[equalsJeffH]

well... "ownership" has connotations of physical possession. however, the public key is handed to the RP who can do with it what they will. It correlates to the cred source and the cred private key therein. such correlation is proved by verifying signatures produced by the cred priv key, using the cred pub key held by the verifier.

so to me, we're using the notion of "ownership" inappropriately here. (and in computer/internet world in general we often misuse the notion of "own")

[emlun]

Ok. I think the word "correlation" makes it feel like this has something to do with the non-correlatability we talk about elsewhere, which might be confusing.

Would it perhaps be better to just remove the whole ", and thus ownership [...]" subordinate clause?

[equalsJeffH]

ok, yeah wrt "correlation".

Would it perhaps be better to just remove the whole ", and thus ownership [...]" subordinate clause?

works for me, thx.

[emlun]

Ok, will do.

[equalsJeffH]

s/ biometric information / biometric characteristic(s) /
cf. [ISOBiometricVocabulary] http://standards.iso.org/ittf/PubliclyAvailableStandards/c055194_ISOIEC_2382-37_2012.zip

[emlun]

Done.

[equalsJeffH]

suggest:
s/ the [=public key credentials=] employed in this specification / they /
s/ never / not /

[emlun]

Done.

[equalsJeffH]

suggest:
s/ to reveal other identities owned by the user / to reveal a user's other identities /

[emlun]

Done.

[equalsJeffH]

hm, for "it is only used as an additional layer of security for unlocking use of the [=authenticator=]", suggest:

it is used only locally to obtain [=user consent=] to create and [=registration|register=], or [=authentication|authenticate=] using, a [=public key credential=].

[emlun]

Hm, I think that formulation might be inaccurate, though - biometrics are not only used to obtain consent, but also as an additional authentication factor. That may not be relevant in this section, but I wouldn't like to suggest that they're used only as a way to obtain user consent (which could be interpreted to just mean "user presence").

But I like the initial rewording "it is used only localy", at least.

[equalsJeffH]

well, yeah, that formulation is dancing around the "first multi-factor" aka "first factor" (of a multi-factor authn) notions (which themselves are something else to clean up and clarify in the spec, cf. issue #462). our dfn for user consent does link off to further terms and leads to user verification.

So here's a reformulation using user verification instead:

... it is used only locally to perform [=user verification=] authorizing the creation and [=registration=] of, or [=authentication=] using, a [=public key credential=].

WDYT?

[emlun]

Ok, that looks good to me.

[equalsJeffH]

suggest:
/ at a different [=[RP]=] / at other [=[RPS]=] /

[emlun]

Done.

[equalsJeffH]

hm, i'm not sure why you're using the word "instead" here? IIUC, the [=UV=] [=flag=] is set by an authnr whenever it successfully performs user verification?

[emlun]

Hm, good point. What I meant was that the authenticator sets the (verifiably authentic) UV flag instead of sending the biometric data to the server, but you're right that the right hand side of that "instead" isn't clear enough.

[emlun]

I reformulated this a bit, does that look better?

[emlun]

I'm also considering perhaps mentioning the uvi and uvm extensions here, what do you think about that?

[equalsJeffH]

I hesitate to mention those extensions here, mostly due to being unsure of whether they will be implemented (?).

[equalsJeffH]

yes, however, if an RP is not checking attstn, then it is "trusting" the entire contraption here, and certainly "can" do that. Am not sure how to rephrase this. Perhaps it does not really need to be said?

[emlun]

I think it's worthwhile to point out how this is dfferent from the usual kind of (completely worthless) client-side authentication. And if the RP is not checking attestation, then the RP cannot trust that the UV flag is authentic, whether or not the RP chooses to act upon its value anyway. If the RP actually requires UV, then the RP MUST verify the attestation statement - otherwise that requirement is nothing more than wishful thinking.

[equalsJeffH]

see thread below #899 (review) for resolution

[nadalin]

@emlun Please merge

[emlun]

There are still a few more unresolved discussion points in #899 (review).

[equalsJeffH]

perhaps rephrase as:

... , this is performed locally by the [=biometric authenticator=] performing [=user verification=] and then signaling the result by setting the [=UV=] [=flag=] in the signed [=assertion=] response, instead of revealing the biometric data itself to the [=[RP]=].

I'm not sure about this part because there's going to be lots of RPs who "trust" webauthn assertions even though they do not verify attestations:

The [=[RP]=]
+can trust the authenticity of the [=UV=] [=flag=] as long as it trusts the security guarantees of the [=attestation certificate=]
+presented when the [=biometric authenticator=] was [=registration|registered=].

[emlun]

Thanks, that formulation looks very good!

I'm not sure about this part because there's going to be lots of RPs who "trust" webauthn assertions even though they do not verify attestations:

That is true, and the assertion as a whole can indeed be reasonably trusted without verifying the attestation statement (since a MitM attack on it, while theoretically possible, would be extremely difficult to maintain). The RP can't trust that the authenticator provides any given level of protection for the private key, but it can trust that something on the client side has possession of a particular private key. However, this part is specifically concerned with the authenticity of the UV bit, which can only be trusted if there's a trusted attestation signature.

[equalsJeffH]

agreed on most of the above, but...

However, this part is specifically concerned with the authenticity of the UV bit, which can only be trusted if there's a trusted attestation signature.

well, i disagree with that -- trust is in the eye of the RP. If an RP leaves AttestationConveyancePreference defaulting to none, it's still totally their decision whether to "trust" the UV bit flag, and "how much" to trust it. Amongst RPs performing "risk based authn", "trust" is a continuum. Amongst less sophisticated long-tail RPs, even with ignoring attestation, webauthn/fido-based authn is WAY better than shared secret username/password.

[emlun]

Ok, true. The point I'm trying to make is that this statement is in the context of "RP requires biometric recognition", which I would expect means a hard requirement that absolutely must be satisfied, and I would say risk-based authn falls outside that.

But ok, perhaps the word "trust" is the issue here. Maybe something like one of these?

• The RP can verify that the UV flag is authentic if the RP trusts the biometric authenticator's attestation certificate, presented when the credential was registered.
• The UV flag is guaranteed to be accurate if the RP trusts the biometric authenticator's attestation certificate, presented when the credential was registered.
• The biometric authenticator's attestation certificate, presented when the credential was registered, can attest to the accuracy of the UV flag.

[equalsJeffH]

hm, it seems to me that "guaranteeing" that the value of the UV is "accurate" is multi-faceted, beyond simply the presence of verifiable attestation. Even if one has verified the attestation, retrieved the corresponding authnr metadata, verified metadata sigs, verified that the authnr metadata asserts that the authnr performs user verification, it is possible for the authnr to have non-negligible (for some definition of negligible) False Acceptance Rate (i.e., is a lousy UV impl). What the ecosystem has to (ostensibly) protect against the latter scenario are the FIDO authnr and biometric certification programs, so add "verifying that the authnr is certified (perhaps to some particular "level")" to the list of things for the RP to verify, but that still is not a 100% guarantee. Note also not all authnrs will be certified.

The point I'm trying to make is that this statement is in the context of "RP requires biometric recognition", which I would expect means a hard requirement that absolutely must be satisfied...

well, in practical terms there is some wiggle room even if one has "a hard requirement that absolutely must be satisfied" because no biometric recognition system will be perfect. See: https://drafts.fidoalliance.org/biometrics/requirements/latest/Biometrics-Requirements-v1.0-wd-20180524.html#FARReq

I suspect that for simplistic low-value RPs (and possibly large RPs where user is involved in low-value interactions at that time), simply checking the assertion sig is valid and relying on UV flag value is Good Enough, whether or not the RP paid any attention to attestation.

For high-value RPs (or more generally, RP where user is involved in a high-value interaction), they can perform all the above checks and assign a higher score to the value of the UV flag in their overall assessment of the state of the particular interaction.

I'm not sure where we ought to document such detailed deployment considerations. And because "trust" is complex & subtle & RP-specific, I'm hesitant to make simplistic statements about it.

[emlun]

Oh boy, this turned out to be a gnarly one, didn't it... :) Thanks, you are indeed right on all points. I feel like what you suggested in #899 (comment) might be the way to go in the end, and dodge the issue instead:

Perhaps it does not really need to be said?

I would have liked to clearly point out how this is different from usual client side authentication, but that doesn't seem important enough to hold this up over if you still agree that deleting the last sentence is a reasonable way to go. I also notice that the first sentence does mention that the flag is signed over, so there's at least a hint of it still there.

[equalsJeffH]

you still agree that deleting the last sentence is a reasonable way to go

yep, fine by me, thanks.

the flag is signed over, so there's at least a hint of it still there.

yep.

[emlun]

Done!

[equalsJeffH]

wrt "The identities of the user's [=authenticators=]..." -- this confused me because it is separate from the immediately above models of authnrs revealed thru attestation, but this one does not mention attestation -- so is this referring to info that is revealed at he OS platform and transport layers which the [=client=] may see? if so, perhaps clarify?

[emlun]

Maybe this is just a brain fart on my part - the WebAuthn spec says absolutely nothing about this, so I agree it's probably confusing to even bring it up. The OS may be able to see serial numbers and such on the device level (YubiKeys provide APIs for querying for it, for example), but it should never be exposed to the RP.

So I'm thinking I'll just delete this bullet. That sound good?

[equalsJeffH]

I hesitate to mention those extensions here, mostly due to being unsure of whether they will be implemented (?).

[equalsJeffH]

i think this has come out really well @emlun -- just one new comment above. I also replied in a couple of our threads from yesterday on the prior state of this.

[equalsJeffH]

so we'll delete this final sentence?

[emlun]

Yep, done.

[equalsJeffH]

see #899 (comment) -- human being is fine, silly me. sorry/thx.

[samuelweiler]

I think this would resolve issue 382. I'm less sure that it resolves 743 - do we need "things implementers might need to do"? More generally: wow, this is verbose. But I don't really have a problem with it. I'm going to mark it as approved, since it doesn't seem to do any harm

[equalsJeffH]

LGTM, let's merge it, thx @emlun!