| rfc8959xml2.original.xml | rfc8959.xml | |||
|---|---|---|---|---|
| <?xml version='1.0' encoding='utf-8'?> | <?xml version="1.0" encoding="UTF-8"?> | |||
| <?xml-stylesheet type="text/xsl" href="rfc2629.xslt" ?> | ||||
| <!-- generated by https://github.com/cabo/kramdown-rfc2629 version 1.3.3 --> | ||||
| <!DOCTYPE rfc SYSTEM "../Tools/rfcbootstrap/rfc2629-xhtml.ent"> | <!DOCTYPE rfc SYSTEM "../Tools/rfcbootstrap/rfc2629-xhtml.ent"> | |||
| <?rfc toc="yes"?> | ||||
| <?rfc tocindent="yes"?> | <rfc xmlns:xi="http://www.w3.org/2001/XInclude" ipr="trust200902" docName="draft | |||
| <?rfc sortrefs="yes"?> | -nottingham-how-did-that-get-into-the-repo-02" number="8959" obsoletes="" update | |||
| <?rfc symrefs="yes"?> | s="" submissionType="IETF" category="info" consensus="true" xml:lang="en" tocInc | |||
| <?rfc strict="yes"?> | lude="true" sortRefs="true" symRefs="true" version="3"> | |||
| <?rfc compact="yes"?> | ||||
| <?rfc comments="yes"?> | ||||
| <?rfc inline="yes"?> | ||||
| <rfc xmlns:xi="http://www.w3.org/2001/XInclude" ipr="trust200902" docName="draft | ||||
| -nottingham-how-did-that-get-into-the-repo-02" category="info" obsoletes="" upda | ||||
| tes="" submissionType="IETF" xml:lang="en" tocInclude="true" sortRefs="true" sym | ||||
| Refs="true" version="3"> | ||||
| <!-- xml2rfc v2v3 conversion 3.2.1 --> | <!-- xml2rfc v2v3 conversion 3.2.1 --> | |||
| <front> | <front> | |||
| <title>The secret-token URI Scheme</title> | <title abbrev=""secret-token" URI Scheme">The "secret-token&q | |||
| <seriesInfo name="Internet-Draft" value="draft-nottingham-how-did-that-get-i | uot; URI Scheme</title> | |||
| nto-the-repo-02"/> | <seriesInfo name="RFC" value="8959"/> | |||
| <author initials="M." surname="Nottingham" fullname="Mark Nottingham"> | <author initials="M." surname="Nottingham" fullname="Mark Nottingham"> | |||
| <organization/> | <organization/> | |||
| <address> | <address> | |||
| <postal> | <postal> | |||
| <city>Prahran</city> | <city>Prahran</city> | |||
| <region>VIC</region> | <region>VIC</region> | |||
| <country>Australia</country> | <country>Australia</country> | |||
| </postal> | </postal> | |||
| <email>mnot@mnot.net</email> | <email>mnot@mnot.net</email> | |||
| <uri>https://www.mnot.net/</uri> | <uri>https://www.mnot.net/</uri> | |||
| </address> | </address> | |||
| </author> | </author> | |||
| <date year="2020"/> | <date year="2021" month="January" /> | |||
| <area>General</area> | <area>General</area> | |||
| <keyword>Internet-Draft</keyword> | <keyword>bearer token</keyword> | |||
| <keyword>token scanning</keyword> | ||||
| <abstract> | <abstract> | |||
| <t>This document registers the "secret-token" URI scheme, to aid in the id entification | <t>This document registers the "secret-token" URI scheme to aid in the identification | |||
| of authentication tokens.</t> | of authentication tokens.</t> | |||
| </abstract> | </abstract> | |||
| <note> | ||||
| <name>Note to Readers</name> | ||||
| <t><em>RFC EDITOR: please remove this section before publication</em></t> | ||||
| <t>The issues list for this draft can be found at <eref target="https://gi | ||||
| thub.com/mnot/I-D/labels/how-did-that-get-into-the-repo">https://github.com/mnot | ||||
| /I-D/labels/how-did-that-get-into-the-repo</eref>.</t> | ||||
| <t>The most recent (often, unpublished) draft is at <eref target="https:// | ||||
| mnot.github.io/I-D/how-did-that-get-into-the-repo/">https://mnot.github.io/I-D/h | ||||
| ow-did-that-get-into-the-repo/</eref>.</t> | ||||
| <t>Recent changes are listed at <eref target="https://github.com/mnot/I-D/ | ||||
| commits/gh-pages/how-did-that-get-into-the-repo">https://github.com/mnot/I-D/com | ||||
| mits/gh-pages/how-did-that-get-into-the-repo</eref>.</t> | ||||
| <t>See also the draft's current status in the IETF datatracker, at | ||||
| <eref target="https://datatracker.ietf.org/doc/draft-nottingham-how-did-that-get | ||||
| -into-the-repo/">https://datatracker.ietf.org/doc/draft-nottingham-how-did-that- | ||||
| get-into-the-repo/</eref>.</t> | ||||
| </note> | ||||
| </front> | </front> | |||
| <middle> | <middle> | |||
| <section anchor="introduction" numbered="true" toc="default"> | <section anchor="introduction" numbered="true" toc="default"> | |||
| <name>Introduction</name> | <name>Introduction</name> | |||
| <t>It has become increasingly common to use bearer tokens as an authentica tion mechanism in various | <t>It has become increasingly common to use bearer tokens as an authentica tion mechanism in various | |||
| protocols.</t> | protocols.</t> | |||
| <t>A bearer token is a security token with the property that any party in | ||||
| possession of the token (a | <t>A bearer token is a security token with the property that any party in | |||
| "bearer") can use the token in any way that any other party in possession of it | possession of the token (a "bearer") can use the token in any way that any other | |||
| can. Using a bearer | party in possession of it can. Using a bearer token does not require a bearer t | |||
| token does not require a bearer to prove possession of cryptographic key materia | o prove possession of cryptographic key material (proof-of-possession).</t> | |||
| l | <t>Unfortunately, the number of security incidents involving accidental di | |||
| (proof-of-possession).</t> | sclosure of these tokens has also increased. For example, we now regularly hear | |||
| <t>Unfortunately, the number of security incidents involving accidental di | about a developer committing an access token to a public source code repository, | |||
| sclosure of these tokens has also increased. For example, we now regularly hear | either because they didn't realize it was included in the committed code or bec | |||
| about a developer committing an access token to a public source code repository, | ause they didn't realize the implications of its disclosure.</t> | |||
| either because they didn't realise it was included in the committed code, or be | <t>This specification registers the "secret-token" URI scheme to | |||
| cause they didn't realise the implications of its disclosure.</t> | aid prevention of such accidental disclosures. When tokens are easier to unambi | |||
| <t>This specification registers the "secret-token" URI scheme to aid preve | guously identify, they can trigger warnings in continuous integration systems or | |||
| ntion of such accidental disclosures. When tokens are easier to unambiguously id | be used in source code repositories themselves. They can also be scanned for se | |||
| entify, they can trigger warnings in Continuous Integration systems, or be used | parately.</t> | |||
| in source code repositories themselves. They can also be scanned for separately. | <t>For example, if cloud.example.net issues access tokens to its clients f | |||
| </t> | or later use, and it does so by formatting them as "secret-token" URIs | |||
| <t>For example, if cloud.example.net issues access tokens to its clients f | , tokens that "leak" into places that they don't belong are easier to | |||
| or later use, and it does so by formatting them as secret-token URIs, tokens tha | identify. This could be through a variety of mechanisms; for example, if repo.ex | |||
| t "leak" into places that they don't belong are easier to identify. This could b | ample.com can be configured to refuse commits containing "secret-token" | |||
| e through a variety of mechanisms; for example, if repo.example.com can be confi | ; URIs, it helps its customers avoid accidental disclosures.</t> | |||
| gured to refuse commits containing secret-token URIs, it helps its customers avo | <t>"secret-token" URIs are intended to aid in identification of | |||
| id accidental disclosures.</t> | generated secrets, like API keys and similar tokens. They are not intended for u | |||
| <t>secret-token URIs are intended to aid in identification of generated se | se in controlled situations where ephemeral tokens are used, such as things like | |||
| crets like API keys and similar tokens. They are not intended for use in control | Cross-Site Request Forgery (CSRF) tokens.</t> | |||
| led situations where ephemeral tokens are used, such as things like Cross-Site R | ||||
| equest Forgery (CSRF) tokens.</t> | ||||
| <section anchor="notational-conventions" numbered="true" toc="default"> | <section anchor="notational-conventions" numbered="true" toc="default"> | |||
| <name>Notational Conventions</name> | <name>Notational Conventions</name> | |||
| <t>The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", " | <t> | |||
| SHOULD", "SHOULD NOT", | The key words "<bcp14>MUST</bcp14>", "<bcp14>MUST NOT</bcp14>", "<bcp14>REQU | |||
| "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to | IRED</bcp14>", "<bcp14>SHALL</bcp14>", "<bcp14>SHALL NOT</bcp14>", "<bcp14>SHOUL | |||
| be interpreted as | D</bcp14>", "<bcp14>SHOULD NOT</bcp14>", "<bcp14>RECOMMENDED</bcp14>", "<bcp14>N | |||
| described in BCP 14 <xref target="RFC2119" format="default"/> <xref target="RFC8 | OT RECOMMENDED</bcp14>", "<bcp14>MAY</bcp14>", and "<bcp14>OPTIONAL</bcp14>" in | |||
| 174" format="default"/> when, and only when, they appear in all capitals, as | this document are to be interpreted as described in BCP 14 <xref target="RF | |||
| shown here.</t> | C2119"/> <xref target="RFC8174"/> when, and only when, they appear in all capita | |||
| <t>This document uses ABNF <xref target="RFC5234" format="default"/>. It | ls, as shown here. | |||
| also uses the pchar rule from <xref target="RFC3986" format="default"/>.</t> | </t> | |||
| <t>This document uses ABNF <xref target="RFC5234" | ||||
| format="default"/>. It also uses the pchar rule from <xref | ||||
| target="RFC3986" format="default"/>.</t> | ||||
| </section> | </section> | |||
| </section> | </section> | |||
| <section anchor="the-secret-token-uri-scheme" numbered="true" toc="default"> | <section anchor="the-secret-token-uri-scheme" numbered="true" toc="default"> | |||
| <name>The secret-token URI scheme</name> | <name>The "secret-token" URI Scheme</name> | |||
| <t>The secret-token URI scheme identifies a token that is intended to be a | <t>The "secret-token" URI scheme identifies a token that is inte | |||
| secret.</t> | nded to be a secret.</t> | |||
| <artwork type="abnf" name="" align="left" alt=""><![CDATA[ | <sourcecode type="abnf"><![CDATA[ | |||
| secret-token-URI = secret-token-scheme ":" token | secret-token-URI = secret-token-scheme ":" token | |||
| secret-token-scheme = "secret-token" | secret-token-scheme = "secret-token" | |||
| token = 1*pchar | token = 1*pchar | |||
| ]]></artwork> | ]]></sourcecode> | |||
| <t>See <xref target="RFC3986" format="default"/>, Section 3.3 for a defini | <t>See <xref target="RFC3986" sectionFormat="comma" section="3.3"/> for a | |||
| tion of pchar. Disallowed characters - including non-ASCII characters - MUST be | definition of pchar. Disallowed characters -- including non-ASCII characters -- | |||
| encoded into UTF-8 <xref target="RFC3629" format="default"/> and then percent-en | <bcp14>MUST</bcp14> be encoded into UTF-8 <xref target="RFC3629" format="default | |||
| coded (<xref target="RFC3986" format="default"/>, Section 2.1).</t> | "/> and then percent-encoded (<xref target="RFC3986" sectionFormat="comma" secti | |||
| <t>When a token is both generated and presented for authentication, the en | on="2.1"/>).</t> | |||
| tire URI MUST be used, | <t>When a token is both generated and presented for authentication, the en | |||
| without changes.</t> | tire URI <bcp14>MUST</bcp14> be used, without changes.</t> | |||
| <t>For example, given the URI:</t> | <t>For example, given the URI:</t> | |||
| <artwork type="example" name="" align="left" alt=""><![CDATA[ | <sourcecode><![CDATA[ | |||
| secret-token:E92FB7EB-D882-47A4-A265-A0B6135DC842%20foo | secret-token:E92FB7EB-D882-47A4-A265-A0B6135DC842%20foo | |||
| ]]></artwork> | ]]></sourcecode> | |||
| <t>This string (character-for-character, case-sensitive) will both be issu | <t>This (character-for-character, case-sensitive) string will both be issu | |||
| ed by the token authority, and required for later access. Therefore, if the exam | ed by the token authority and required for later access. Therefore, if the examp | |||
| ple above were used as a bearer token in <xref target="RFC6750" format="default" | le above were used as a bearer token in <xref | |||
| />, a client might send:</t> | target="RFC6750" format="default"/>, a client might send:</t> | |||
| <artwork type="example" name="" align="left" alt=""><![CDATA[ | <sourcecode type="http-message"><![CDATA[ | |||
| GET /authenticated/stuff HTTP/1.1 | GET /authenticated/stuff HTTP/1.1 | |||
| Host: www.example.com | Host: www.example.com | |||
| Authorization: Bearer secret-token:E92FB7EB-D882-47A4-A265-A0B6135DC842%20foo | Authorization: Bearer | |||
| ]]></artwork> | secret-token:E92FB7EB-D882-47A4-A265-A0B6135DC842%20foo | |||
| ]]></sourcecode> | ||||
| </section> | </section> | |||
| <section anchor="iana-considerations" numbered="true" toc="default"> | <section anchor="iana-considerations" numbered="true" toc="default"> | |||
| <name>IANA Considerations</name> | <name>IANA Considerations</name> | |||
| <t>This document registers the following value in the URI Scheme registry: | <t>This document registers the following value in the | |||
| </t> | "Uniform Resource Identifier (URI) Schemes" registry:</t> | |||
| <ul spacing="normal"> | <dl newline="false" spacing="compact"> | |||
| <li>Scheme name: secret-token</li> | <dt>Scheme name:</dt> | |||
| <li>Status: provisional</li> | <dd>secret-token</dd> | |||
| <li>Applications / protocols that use this scheme: none yet</li> | <dt>Status:</dt> | |||
| <li>Contact: iesg@iesg.org</li> | <dd>provisional</dd> | |||
| <li>Change Controller: IESG</li> | <dt>Applications/protocols that use this scheme:</dt> | |||
| <li>References: (this document)</li> | <dd>none yet</dd> | |||
| </ul> | <dt>Contact:</dt> | |||
| <dd>iesg@iesg.org</dd> | ||||
| <dt>Change Controller:</dt> | ||||
| <dd>IESG</dd> | ||||
| <dt>References:</dt> | ||||
| <dd>RFC 8959</dd> | ||||
| </dl> | ||||
| </section> | </section> | |||
| <section anchor="security-considerations" numbered="true" toc="default"> | <section anchor="security-considerations" numbered="true" toc="default"> | |||
| <name>Security Considerations</name> | <name>Security Considerations</name> | |||
| <t>The token ABNF rule allows tokens as small as one character. This is no t recommended practice; applications should evaluate their requirements for entr opy and issue tokens correspondingly. | <t>The token ABNF rule allows tokens as small as one character. This is no t recommended practice; applications should evaluate their requirements for entr opy and issue tokens correspondingly. | |||
| See <xref target="RFC4086" format="default"/> for more information.</t> | See <xref target="RFC4086" format="default"/> for more information.</t> | |||
| <t>This URI scheme is intended to reduce the incidence of accidental discl osure; it cannot prevent intentional disclosure.</t> | <t>This URI scheme is intended to reduce the incidence of accidental discl osure; it cannot prevent intentional disclosure.</t> | |||
| <t>If it is difficult to correctly handle secret material, or unclear as t | <t>If it is difficult to correctly handle secret material, or unclear as t | |||
| o what the appropriate handling is, users might choose to obfuscate their secret | o what the appropriate handling is, users might choose to obfuscate their secret | |||
| tokens in order to evade detection (for example, removing the URI scheme for st | tokens in order to evade detection (for example, removing the URI scheme for st | |||
| orage). Mitigating this risk is often beyond the reach of | orage). | |||
| the system using the secret-token URI, but they can caution users against such p | ||||
| ractices, and | Mitigating this risk is often beyond the reach of the system using the &qu | |||
| provide tools to help.</t> | ot;secret-token" URI; users can be cautioned against such practices and be | |||
| provided tools to help.</t> | ||||
| </section> | </section> | |||
| </middle> | </middle> | |||
| <back> | <back> | |||
| <references> | <references> | |||
| <name>References</name> | <name>References</name> | |||
| <references> | <references> | |||
| <name>Normative References</name> | <name>Normative References</name> | |||
| <reference anchor="RFC2119" target="https://www.rfc-editor.org/info/rfc2 | ||||
| 119"> | <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.2119. | |||
| <front> | xml"/> | |||
| <title>Key words for use in RFCs to Indicate Requirement Levels</tit | <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.8174. | |||
| le> | xml"/> | |||
| <author initials="S." surname="Bradner" fullname="S. Bradner"> | <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.5234. | |||
| <organization/> | xml"/> | |||
| </author> | <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.3986. | |||
| <date year="1997" month="March"/> | xml"/> | |||
| <abstract> | <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.3629. | |||
| <t>In many standards track documents several words are used to sig | xml"/> | |||
| nify the requirements in the specification. These words are often capitalized. | ||||
| This document defines these words as they should be interpreted in IETF document | ||||
| s. This document specifies an Internet Best Current Practices for the Internet | ||||
| Community, and requests discussion and suggestions for improvements.</t> | ||||
| </abstract> | ||||
| </front> | ||||
| <seriesInfo name="BCP" value="14"/> | ||||
| <seriesInfo name="RFC" value="2119"/> | ||||
| <seriesInfo name="DOI" value="10.17487/RFC2119"/> | ||||
| </reference> | ||||
| <reference anchor="RFC8174" target="https://www.rfc-editor.org/info/rfc8 | ||||
| 174"> | ||||
| <front> | ||||
| <title>Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words</ti | ||||
| tle> | ||||
| <author initials="B." surname="Leiba" fullname="B. Leiba"> | ||||
| <organization/> | ||||
| </author> | ||||
| <date year="2017" month="May"/> | ||||
| <abstract> | ||||
| <t>RFC 2119 specifies common key words that may be used in protoco | ||||
| l specifications. This document aims to reduce the ambiguity by clarifying tha | ||||
| t only UPPERCASE usage of the key words have the defined special meanings.</t> | ||||
| </abstract> | ||||
| </front> | ||||
| <seriesInfo name="BCP" value="14"/> | ||||
| <seriesInfo name="RFC" value="8174"/> | ||||
| <seriesInfo name="DOI" value="10.17487/RFC8174"/> | ||||
| </reference> | ||||
| <reference anchor="RFC5234" target="https://www.rfc-editor.org/info/rfc5 | ||||
| 234"> | ||||
| <front> | ||||
| <title>Augmented BNF for Syntax Specifications: ABNF</title> | ||||
| <author initials="D." surname="Crocker" fullname="D. Crocker" role=" | ||||
| editor"> | ||||
| <organization/> | ||||
| </author> | ||||
| <author initials="P." surname="Overell" fullname="P. Overell"> | ||||
| <organization/> | ||||
| </author> | ||||
| <date year="2008" month="January"/> | ||||
| <abstract> | ||||
| <t>Internet technical specifications often need to define a formal | ||||
| syntax. Over the years, a modified version of Backus-Naur Form (BNF), called A | ||||
| ugmented BNF (ABNF), has been popular among many Internet specifications. The c | ||||
| urrent specification documents ABNF. It balances compactness and simplicity with | ||||
| reasonable representational power. The differences between standard BNF and AB | ||||
| NF involve naming rules, repetition, alternatives, order-independence, and value | ||||
| ranges. This specification also supplies additional rule definitions and encod | ||||
| ing for a core lexical analyzer of the type common to several Internet specifica | ||||
| tions. [STANDARDS-TRACK]</t> | ||||
| </abstract> | ||||
| </front> | ||||
| <seriesInfo name="STD" value="68"/> | ||||
| <seriesInfo name="RFC" value="5234"/> | ||||
| <seriesInfo name="DOI" value="10.17487/RFC5234"/> | ||||
| </reference> | ||||
| <reference anchor="RFC3986" target="https://www.rfc-editor.org/info/rfc3 | ||||
| 986"> | ||||
| <front> | ||||
| <title>Uniform Resource Identifier (URI): Generic Syntax</title> | ||||
| <author initials="T." surname="Berners-Lee" fullname="T. Berners-Lee | ||||
| "> | ||||
| <organization/> | ||||
| </author> | ||||
| <author initials="R." surname="Fielding" fullname="R. Fielding"> | ||||
| <organization/> | ||||
| </author> | ||||
| <author initials="L." surname="Masinter" fullname="L. Masinter"> | ||||
| <organization/> | ||||
| </author> | ||||
| <date year="2005" month="January"/> | ||||
| <abstract> | ||||
| <t>A Uniform Resource Identifier (URI) is a compact sequence of ch | ||||
| aracters that identifies an abstract or physical resource. This specification d | ||||
| efines the generic URI syntax and a process for resolving URI references that mi | ||||
| ght be in relative form, along with guidelines and security considerations for t | ||||
| he use of URIs on the Internet. The URI syntax defines a grammar that is a supe | ||||
| rset of all valid URIs, allowing an implementation to parse the common component | ||||
| s of a URI reference without knowing the scheme-specific requirements of every p | ||||
| ossible identifier. This specification does not define a generative grammar for | ||||
| URIs; that task is performed by the individual specifications of each URI schem | ||||
| e. [STANDARDS-TRACK]</t> | ||||
| </abstract> | ||||
| </front> | ||||
| <seriesInfo name="STD" value="66"/> | ||||
| <seriesInfo name="RFC" value="3986"/> | ||||
| <seriesInfo name="DOI" value="10.17487/RFC3986"/> | ||||
| </reference> | ||||
| <reference anchor="RFC3629" target="https://www.rfc-editor.org/info/rfc3 | ||||
| 629"> | ||||
| <front> | ||||
| <title>UTF-8, a transformation format of ISO 10646</title> | ||||
| <author initials="F." surname="Yergeau" fullname="F. Yergeau"> | ||||
| <organization/> | ||||
| </author> | ||||
| <date year="2003" month="November"/> | ||||
| <abstract> | ||||
| <t>ISO/IEC 10646-1 defines a large character set called the Univer | ||||
| sal Character Set (UCS) which encompasses most of the world's writing systems. | ||||
| The originally proposed encodings of the UCS, however, were not compatible with | ||||
| many current applications and protocols, and this has led to the development of | ||||
| UTF-8, the object of this memo. UTF-8 has the characteristic of preserving the | ||||
| full US-ASCII range, providing compatibility with file systems, parsers and othe | ||||
| r software that rely on US-ASCII values but are transparent to other values. Th | ||||
| is memo obsoletes and replaces RFC 2279.</t> | ||||
| </abstract> | ||||
| </front> | ||||
| <seriesInfo name="STD" value="63"/> | ||||
| <seriesInfo name="RFC" value="3629"/> | ||||
| <seriesInfo name="DOI" value="10.17487/RFC3629"/> | ||||
| </reference> | ||||
| </references> | </references> | |||
| <references> | <references> | |||
| <name>Informative References</name> | <name>Informative References</name> | |||
| <reference anchor="RFC6750" target="https://www.rfc-editor.org/info/rfc6 | ||||
| 750"> | <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.6750. | |||
| <front> | xml"/> | |||
| <title>The OAuth 2.0 Authorization Framework: Bearer Token Usage</ti | <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.4086. | |||
| tle> | xml"/> | |||
| <author initials="M." surname="Jones" fullname="M. Jones"> | ||||
| <organization/> | ||||
| </author> | ||||
| <author initials="D." surname="Hardt" fullname="D. Hardt"> | ||||
| <organization/> | ||||
| </author> | ||||
| <date year="2012" month="October"/> | ||||
| <abstract> | ||||
| <t>This specification describes how to use bearer tokens in HTTP r | ||||
| equests to access OAuth 2.0 protected resources. Any party in possession of a b | ||||
| earer token (a "bearer") can use it to get access to the associated resources (w | ||||
| ithout demonstrating possession of a cryptographic key). To prevent misuse, bea | ||||
| rer tokens need to be protected from disclosure in storage and in transport. [ | ||||
| STANDARDS-TRACK]</t> | ||||
| </abstract> | ||||
| </front> | ||||
| <seriesInfo name="RFC" value="6750"/> | ||||
| <seriesInfo name="DOI" value="10.17487/RFC6750"/> | ||||
| </reference> | ||||
| <reference anchor="RFC4086" target="https://www.rfc-editor.org/info/rfc4 | ||||
| 086"> | ||||
| <front> | ||||
| <title>Randomness Requirements for Security</title> | ||||
| <author initials="D." surname="Eastlake 3rd" fullname="D. Eastlake 3 | ||||
| rd"> | ||||
| <organization/> | ||||
| </author> | ||||
| <author initials="J." surname="Schiller" fullname="J. Schiller"> | ||||
| <organization/> | ||||
| </author> | ||||
| <author initials="S." surname="Crocker" fullname="S. Crocker"> | ||||
| <organization/> | ||||
| </author> | ||||
| <date year="2005" month="June"/> | ||||
| <abstract> | ||||
| <t>Security systems are built on strong cryptographic algorithms t | ||||
| hat foil pattern analysis attempts. However, the security of these systems is d | ||||
| ependent on generating secret quantities for passwords, cryptographic keys, and | ||||
| similar quantities. The use of pseudo-random processes to generate secret quant | ||||
| ities can result in pseudo-security. A sophisticated attacker may find it easier | ||||
| to reproduce the environment that produced the secret quantities and to search | ||||
| the resulting small set of possibilities than to locate the quantities in the wh | ||||
| ole of the potential number space.</t> | ||||
| <t>Choosing random quantities to foil a resourceful and motivated | ||||
| adversary is surprisingly difficult. This document points out many pitfalls in | ||||
| using poor entropy sources or traditional pseudo-random number generation techni | ||||
| ques for generating such quantities. It recommends the use of truly random hard | ||||
| ware techniques and shows that the existing hardware on many systems can be used | ||||
| for this purpose. It provides suggestions to ameliorate the problem when a hard | ||||
| ware solution is not available, and it gives examples of how large such quantiti | ||||
| es need to be for some applications. This document specifies an Internet Best C | ||||
| urrent Practices for the Internet Community, and requests discussion and suggest | ||||
| ions for improvements.</t> | ||||
| </abstract> | ||||
| </front> | ||||
| <seriesInfo name="BCP" value="106"/> | ||||
| <seriesInfo name="RFC" value="4086"/> | ||||
| <seriesInfo name="DOI" value="10.17487/RFC4086"/> | ||||
| </reference> | ||||
| </references> | </references> | |||
| </references> | </references> | |||
| <section anchor="acknowledgements" numbered="true" toc="default"> | <section anchor="acknowledgements" numbered="false" toc="default"> | |||
| <name>Acknowledgements</name> | <name>Acknowledgements</name> | |||
| <t>The definition of bearer tokens is from <xref target="RFC6750" format=" default"/>.</t> | <t>The definition of bearer tokens is from <xref target="RFC6750" format=" default"/>.</t> | |||
| </section> | </section> | |||
| </back> | </back> | |||
| <!-- ##markdown-source: | ||||
| H4sIAHDajF8AA6VYbW8buRH+vr+CVVCcHWglW3ESR+m1J78lAmI79UuLoigC | ||||
| apeSCK/IPZJrVT1cfnufGXJlSXXSK2oEyi7fhjPzzMwzm+d5FnSo1FDczZXw | ||||
| qnAq5ME+KCPub8bitpirhcrkZOLU4zArbWHkAotLJ6chNzYEbWZzucjndpmX | ||||
| uszDXIZ8hjO0CRZvKneqtvnBICtlwMbBweAgK/A4s241FNpMbZbp2g1FcI0P | ||||
| g4ODd1grnZJD8UEZ5WSVLa17mDnb1MPsQa3wVg7F2ATlDOSc0U2yzAdpyi+y | ||||
| sgZCVspnfiFd+PJzY4PyQ2FsVuuh+HuwRVfgR5tSmdAV3rrg1NTjabVID8Hp | ||||
| AlOFXdQyPSywGFPaVNqof2SZbMLcumEm8kzgTxuIuOyJq7U9eDia6lK6h90Z | ||||
| 62bS6H/JoK0Z8kihA8zx2cm5k4ZHnJrRrPjL+DSusI0JZLMR7ASzaMnDaiF1 | ||||
| NRQL+OIn+unBKDzROCg8D6H2w35/uVz22tl+lhnrFhD+qEj4zcXp4PDw3RB+ | ||||
| gDfWE1mW57mQExJWwMJ3c+0FANCQMfh2Hi7wAj4WnU3gdBg5npFDxhZSlzAR | ||||
| L9Rkdj3VBaue2akgU9JYHBF8gu9F4biw+nJFP8F+uVGyhLwse4kLi/Oz8d31 | ||||
| zVDUlZJe4ToL+6ggAnfEXfioiYI2StTNpEqnvyQtcAnvG+VFBQUElsRdjGhR | ||||
| SNqH0caUQgbxh9aAMx3mzaQHLPTJjv1xftav5ERVvv996P+xF4UurCerFWS8 | ||||
| PTsNynRFY/hyfq7K/XQB3GRTLPssydaWpX5fXJ/k3UQxxVyaGRRFNLGy6r+r | ||||
| RFjXwfdn87yW2PsblLtVSsjKW/YvK/GDF0XjHF0BYRka33p/fH53IZAHJEHq | ||||
| Qbku7pOt77Mx0dMqTHuIkj4A1/8fkw2bgOCz0GVZqSx7QdnC2bJhXGTZOIi5 | ||||
| 9PAztAUaDKArPY6uVhzrjELRAFUTBdO5hEmBLUDHDl4Xiqys/YJ0fJRO28Zn | ||||
| tbPIMbYiHI+2TmH/EkIRnWGVxpZwBNsH+2rlaByKQdhK1JJecXRtvVfek0gE | ||||
| DS2Oe/dk1okCOvuMXrr30zR20jFLuXGmxbT71smaY6An7skguGo8O4unlRZo | ||||
| gh+A458bDVTJJ+Xo8ojA7dMKt6qDnTlZz3UhkLwFsotyGkl9D+vtNMe/py37 | ||||
| sNc95aDQGKyrVl1WxTSLCWTgvLXh4DROJQStR1s98mWLOCYrUWpfVNY3uGK0 | ||||
| lletF8nzDNfkd1X2xAWSgPqnXCCZdMUSAu2SElxTSQdMzKEi8qBtYD5RqkdV | ||||
| kZdEDJXAkg0Jhw7J6pTzUt5BhWlcobC6pCwFXXVA5esKpdkNAKFMLlvh2qX5 | ||||
| gayL7I4x+GIpScOiakq1zqFJMAbo0C6KyXdP4bQL1RJiffSy37BRLyV3X6ti | ||||
| nZt/a4ZvE3wNgkBxER3vm2L+vEN8T/x1rsw6qOAiir6IIbh9MdGzBkEEw6di | ||||
| EVGwYnSjNs9mWLuUzsDynFlOLVYZ2sOsAGjjW/gVbr/wyT4UF2zBZ/2hFWu5 | ||||
| 8Kp6pBvetfIYKdjt8WJwAJULrxA7DE8Ybgs6GoivbFP20ghV27babAKE/mMf | ||||
| FJVmENOxFUUGXRNZEcUHzudwI/krEesyg43uSblol6v57vpwivQOCuNDR1Bm | ||||
| RJGUhUrjESKWEILqZQm9Wy5ojU5GACbAOqqSLBDmYGAzOJWznEIMws3r7Off | ||||
| sw6bliDjrg0BzLa1tbBmChc7WBPiwLkIuKnu0GSQmlz7nH6wyVxVtY+2Aw1C | ||||
| /gY+5aMFAL+BNlDD3YNYYxhGmTJeIhGUbXJC+s2YgVKoxUOINDwoMfo8pmTm | ||||
| 2VFeLzQSRctcInZIAiXKtRSyDikKMaSjs1VFp+rQpKhcIhvADzXFFNjdZnwQ | ||||
| dLsppMiLDHy+yKlD7sxvdVDiBilZgWIAkAiQldg7vb252H/iUy9eEAllYTgd | ||||
| MZOi1Ud6QrmZmLUXncv727tON/4vrq75+eb8z/fjm/Mzer79OPr0af3Qrrj9 | ||||
| eH3/6ezpKY5n2Hl6fXl5fnUWN2NU7Axdjv7WiZjvXH++G19fjT51Yq7bJJxk | ||||
| iMCxSDZ1SDfMZ3xWKl84PYnRfXL6WRweiV9++V1itb/+ml6OD98e4QVmNlGY | ||||
| NUgx8ZVjQtY1JXqqmFUFsNYaUALoIMKDcBhBDurt8mD4xovRydVFEvN68Api | ||||
| egIcg3MHz3NtR6Q44ZoK7NIhGuLyV++O32B5RiTl2QYsJtnoo29MrnFLWaat | ||||
| QBTq2m+hfKIi9cAZEPj161cUNTPdCo+cTsXfj1uy8iSnM+zE47PnZn/cqRGJ | ||||
| M2z//SgOX7IlSH7kjpuG6IrbRN5f9V5xzFDFnSIhtBHJm3viTHt4yS6pCGIA | ||||
| DQolAnC+WCwpfxhr8tHt6Xi8s4JhDVsoQzWgjBny/u4iP26v8mZAsCGMENUT | ||||
| KPZEp/N2w97zNx70Dom/cHGTT2xvArq1kUfoVGDX48CUFbYJZWQ89A68kzfa | ||||
| 63ISyIgqEhFJ1H63AM3QuUWSgK3D6OQ0ueWz4fm7wcXJ2/OT/Oz4eJAfvR0d | ||||
| 5aPBm9f56ODkzeGr12enx0eD3w8OptZGR0V+gOoLw+6t7Znj/vn6DZ0y6FQO | ||||
| 1ZDWcJF9EFtEEhtgkrqukorZEz2NfTQIXQzJRCvLjXoYyyZnVcf9HNcWtlHU | ||||
| i5gZeOdSpUTJNH2Hcxt49k9w2Zu3rw/IZTIVXnQIszmaFITIjrE+nN+J/oZn | ||||
| VNn3oZlOxce7u8/9w95h9hH93FBQX71R47JRVCh19uIkXuP/Mj21L6OrEaVs | ||||
| j0iP7MZ/vx+fWgoOctajrBrVMsenLzppvVtB75ftWPxesXlZmuMObsj0Xnuu | ||||
| Hhgd1RuEsi/WDU9MPJGKEmL4YPr8YpRYqYCdxNYAl6FAupr9RD/U59EEQ5rn | ||||
| uTq6IfrF2w+YuVFTeNcU9CFnb6sq7LN5btuu4D9N1AKNMzQnX04bfqOn8wvK | ||||
| 93igO67BnOiPbvud+BGIwr+mBbpQ76liPBkBNYKYkiKDAy9kb+1aRC/WLE+R | ||||
| dvUqUjyKiPYmhUXH7GtrSu5Eeyk3EmyPDijT8PaFZeqSPtNY09ajzWqwnfUR | ||||
| Tk2RuoDYNBXcFD1Ll96n/o90ToQ+HpZow1bPMOZukbyhpyBNTRVIHutRBOqb | ||||
| oGPVVq1148d8vEGW5q6KmfAy8VIyKIyDVbAf7yYEa9RgAArIjtFazK3ldk7Y | ||||
| Cbhj8WTsJCkZFJgHn4mkFl4B3S9BGWKu3tsiq/zxKFHrTUsy2Ud3IGdqvycu | ||||
| kdRmMlFwaO20fyDt+VsOEs7KxoJBjReYmp1m9BK7ECjQnr9bxLti0oSnBgd9 | ||||
| HN8waixnIMMgdcz9WuB5TpYZB2RJhuC4s0yN05ePiSweKDJGxQN6WTDNWYRg | ||||
| DIntirr9kQMKJXrylDB72b8BDPbT/CcWAAA= | ||||
| </rfc> | </rfc> | |||
| End of changes. 20 change blocks. | ||||
| 361 lines changed or deleted | 118 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||