[OGSA-AUTHZ] holder-of-key or sender-vouches SAML token?

Fri May 9 09:04:15 CDT 2008

Hi Weizhong,

On Fri, May 9, 2008 at 9:31 AM, wz qiang <weizhongqiang at gmail.com> wrote:
>
> On 5/8/08, Tom Scavo <trscavo at gmail.com> wrote:
> > There's a problem with the Attribute Exchange Profile it seems.  If
> > you bind a VOMS-SAML token to a SOAP message and authenticate via
> > WS-Security SAML Token Profile, everything is fine because the key
> > bound to the SAML token is the same key presented to the RP.
>
> "the key bound to the SAML token is the same key presented to the RP", here
> you meant the the key bound to SAML Token is the same key which signs the
> VOMS-SAML token?

No.  The use case involves a user who presents an end-entity
certificate to the VOMS-SAML server, and then later presents that same
certificate to the RP.  The VOMS-SAML server binds the user's key (or
the entire certificate, it doesn't matter) to the SAML token.  This is
called holder-of-key subject confirmation.

> If so, I can not see any real scenario for this. The
> VOMS-SAML token (or any other attribute token) should be signed by some AA,
> but the "hold-of key" situation in SAML Token (WS-Security) should present
> the principle of the identity (which means should be the identity
> certificate which signed by some CA).

The SAML token is signed by the VOMS-SAML server, yes, but that's not
relevant to the point I'm trying to make.  In this use case, the user
authenticates to the RP using the same credential used to obtain the
SAML token.  By proving possession of the private key associated with
the certificate, the user also satisfies the holder-of-key subject
confirmation in the SAML token since the key in the token is the same
as the key in the certificate.

> >  However,
> > if you bind a VOMS-SAML token to a proxy certificate, there are
> > problems since the key presented to the RP is different than the key
> > bound to the SAML token, and so the holder-of-key subject confirmation
> > on the assertion is not satisfied.
>
> Why is it a problem here? Why can't we just put VOMS-SAML token into proxy
> certificate, and look it the same way as traditional VOMS AC (attribute
> certificate)?

The VOMS-SAML token as profiled is a holder-of-key token whereas the
VOMS is a sender-vouches token.  The SAML token is stronger than the
AC.

In this case, the user proves possession of the private key associated
with the proxy certificate, but that leaves the key in the SAML token
unconfirmed.  The key in the SAML token is the same as the key in the
end-entity certificate, not the proxy certificate.

> > Now a VOMS AC is essentially a security token with sender-vouches
> > subject confirmation, so I wonder if the VOMS-SAML assertion should
> > have sender-vouches subject confirmation as well.
>
> I agree.

That requires a change to the Attribute Exchange Profile, I'm afraid.

> > Alternatively, the
> > proxy certificate could be constructed such that its key is the same
> > key bound to the EEC.
>
> The same as above, the AA and CA should not be mixed, I guess.

See my comments above.  The issue I'm raising here has nothing to do
with the signature on the token.  The issue is what confirmation
method to use on the SAML token?  In particular, what are the
consequences of downgrading the confirmation method from holder-of-key
to sender-vouches?

Tom