You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardexpand all lines: draft-ietf-oauth-attestation-based-client-auth.md
+26-17
Original file line number
Diff line number
Diff line change
@@ -65,19 +65,25 @@ This specification defines an extension to the OAuth 2 protocol as defined in {{
65
65
66
66
# Introduction
67
67
68
+
Traditional OAuth security concepts perform client authentication through a backend channel. In ecosystems such as the Issuer-Holder-Verifier model used in {{SD-JWT}}, this model raises privacy concerns, as it would enable the backend to recognize which Holder (i.e. client) interacts with which Issuer (i.e. Authorization Server) and potentially furthermore see the credentials being issued. This specification establishes a mechanism for a backend-attested client authentication through a frontend channel to address these issues.
69
+
70
+
Additionally, this approach acknowledges the evolving landscape of OAuth 2 deployments, where the ability for public clients to authenticate securely and reliably has become increasingly important. Leveraging platform mechanisms to validate a client instance, e.g. for mobile native apps, enables secure authentication that would otherwise be difficult with traditional OAuth client authentication methods. Transforming these platform-specific mechanisms into a common format as described in this specification abstracts this complexity to minimize the efforts for the Authorization Server.
71
+
72
+
This primary purpose of this specification is the authentication of a client instance enabled through the client backend attesting to it. The client backend may also attest further technical properties about the hardware and software of the client instance.
73
+
68
74
The following diagram depicts the overall architecture and protocol flow.
69
75
70
76
~~~ ascii-art
71
77
(3)
72
78
+-------+
73
79
| |
74
80
| \ /
75
-
+---------------+
76
-
| |
77
-
| Client |
78
-
| Backend |
79
-
| |
80
-
+---------------+
81
+
+--------------------+
82
+
| |
83
+
| Client Attester |
84
+
| (backend) |
85
+
| |
86
+
+--------------------+
81
87
/ \ |
82
88
(2) | | (4)
83
89
| \ /
@@ -96,21 +102,19 @@ The following diagram depicts the overall architecture and protocol flow.
96
102
97
103
The following steps describe this OAuth flow:
98
104
99
-
(1) The Client Instance generates a key (Client Instance Key) and optional further attestations (that are out of scope) to prove its authenticity to the Client Backend.
105
+
(1) The Client Instance generates a key (Client Instance Key) and optional further attestations (that are out of scope) to prove its authenticity to the Client Attester.
100
106
101
-
(2) The Client Instance sends this data to the Client Backend in request for a Client Attestation JWT.
107
+
(2) The Client Instance sends this data to the Client Attester in request for a Client Attestation JWT.
102
108
103
-
(3) The Client Backend validates the Client Instance Key and optional further data. It generates a signed Client Attestation JWT that is cryptographically bound to the Client Instance Key generated by the Client. Therefore, the attestation is bound to this particular Client Instance.
109
+
(3) The Client Attester validates the Client Instance Key and optional further data. It generates a signed Client Attestation JWT that is cryptographically bound to the Client Instance Key generated by the Client. Therefore, the attestation is bound to this particular Client Instance.
104
110
105
-
(4) The Client Backend responds to the Client Instance by sending the Client Attestation JWT.
111
+
(4) The Client Attester responds to the Client Instance by sending the Client Attestation JWT.
106
112
107
113
(5) The Client Instance generates a Proof of Possession (PoP) with the Client Instance Key.
108
114
109
115
(6) The Client Instance sends both the Client Attestation JWT and the Client Attestation PoP JWT to the authorization server, e.g. within a token request. The authorization server validates the Client Attestation and thus authenticates the Client Instance.
110
116
111
-
Please note that the protocol details for steps (2) and (4), particularly how the Client Instance authenticates to the client Backend, are beyond the scope of this specification. Furthermore, this specification is designed to be flexible and can be implemented even in scenarios where the client does not have a backend server. In such cases, each Client Instance is responsible for performing the functions typically handled by the backend on its own.
112
-
113
-
This approach acknowledges the evolving landscape of OAuth 2 deployments, where the ability for public clients to authenticate securely and reliably has become increasingly important.
117
+
Please note that the protocol details for steps (2) and (4), particularly how the Client Instance authenticates to the Client Attester, are beyond the scope of this specification. Furthermore, this specification is designed to be flexible and can be implemented even in scenarios where the client does not have a backend serving as a Client Attester. In such cases, each Client Instance is responsible for performing the functions typically handled by the Client Attester on its own.
114
118
115
119
# Conventions and Definitions
116
120
@@ -119,7 +123,7 @@ This approach acknowledges the evolving landscape of OAuth 2 deployments, where
119
123
# Terminology
120
124
121
125
Client Attestation JWT:
122
-
: A JSON Web Token (JWT) generated by the client backend which is bound to a key managed by a Client Instance which can then be used by the instance for client authentication.
126
+
: A JSON Web Token (JWT) generated by the Client Attester which is bound to a key managed by a Client Instance which can then be used by the instance for client authentication.
123
127
124
128
Client Attestation Proof of Possession (PoP) JWT:
125
129
: A Proof of Possession generated by the Client Instance using the key that the Client Attestation JWT is bound to.
@@ -128,15 +132,18 @@ Client Instance:
128
132
: A deployed instance of a piece of client software.
129
133
130
134
Client Instance Key:
131
-
: A cryptographic asymmetric key pair that is generated by the Client Instance where the public key of the key pair is provided to the client backend. This public key is then encapsulated within the Client Attestation JWT and is utilized to sign the Client Attestation Proof of Possession.
135
+
: A cryptographic asymmetric key pair that is generated by the Client Instance where the public key of the key pair is provided to the Client Attester. This public key is then encapsulated within the Client Attestation JWT and is utilized to sign the Client Attestation Proof of Possession.
136
+
137
+
Client Attester:
138
+
: An entity that authenticates a Client Instance and attests it by issuing a Client Attestation JWT.
132
139
133
140
# Relation to RATS
134
141
135
142
The Remote Attestation Procedures (RATS) architecture defined by {{RFC9334}} has some commonalities to this document. The flow specified in this specification relates to the "Passport Model" in RATS. However, while the RATS ecosystem gives explicit methods and values how the RATS Attester proves itself to the Verifier, this is deliberately out of scope for Attestation-Based Client Authentication. Additionally, the terminology between RATS and OAuth is different:
136
143
137
144
- a RATS "Attester" relates to an OAuth "Client"
138
145
- a RATS "Relying Party" relates to an OAuth "Authorization Server or Resource Server"
139
-
- a RATS "Verifier" relates to the "Client Backend" defined in this specification
146
+
- a RATS "Verifier" relates to the "Client Attester" defined in this specification
140
147
- a RATS "Attestion Result" relates to the "Client Attestation JWT" defined by this specification
141
148
- a RATS "Endorser", "Reference Value Provider", "Endorsement", "Evidence" and "Policies and Reference Values" are out of scope for this specification
142
149
@@ -427,7 +434,7 @@ Authorization servers issuing a refresh token in response to a token request usi
427
434
Because the Client Attestation and Client Attestation PoP are communicated using HTTP headers, implementers should consider that web servers may have a default maximum HTTP header size configured which could be too low to allow conveying a Client Attestation and or Client Attestation PoP in an HTTP request. It should be noted, that this limit is not given by the HTTP {{RFC9112}}, but instead web server implementations commonly set a default maximum size for HTTP headers. As of 2024, typical limits for modern web servers configure maximum HTTP headers as 8 kB or more as a default.
428
435
## Rotation of Client Instance Key
429
436
430
-
This specification does not provide a mechanism to rotate the Client Instance Key in the Client Attestation JWT's "cnf" claim. If the Client Instance needs to use a new Client Instance Key for any reason, then it MUST request a new Client Attestation JWT from its Client Backend.
437
+
This specification does not provide a mechanism to rotate the Client Instance Key in the Client Attestation JWT's "cnf" claim. If the Client Instance needs to use a new Client Instance Key for any reason, then it MUST request a new Client Attestation JWT from its Client Attester.
431
438
432
439
# Privacy Considerations
433
440
@@ -478,6 +485,8 @@ This section requests registration of the following scheme in the "Hypertext Tra
0 commit comments