►
From YouTube: SIG-Auth Bi-Weekly Meeting for 20230412
Description
SIG-Auth Bi-Weekly Meeting for 20230412
A
All
right,
hello,
everyone
welcome
to
the
April
12th
2023
meeting
of
saigoth.
Let's
kick
off,
we
have
quite
a
few
items
on
the
agenda.
First
off
I
just
want
to
make
a
quick
announcement
in
case
you're
at
kubecon
or,
if
you're
able
to
join
remotely.
We
do
have
to
take
off
Deep
dive.
The
link
is
provided
We'll,
Be,
Love,
we'll
love
to
catch
up
with
folks,
all
right,
I,
don't
think,
there's
anything
other
than
the
discussion
topic.
B
Ide
yeah
so
yeah
so
last
time
the
feedback
was.
If
our
motivation
is
just
automatic
rotation,
we
can
do
that
through
files
like
there's
like
an
existing
path
to
just
you
know,
have
it
pick
up
changes
from
disk?
We
don't
want
to
do
that.
We
don't
want
to
have
these
keys
on
disk.
The
idea
is
to
decouple
this
logic.
B
B
B
F
E
F
A
reasonable
path
for
migrating
to
Auto
generated
ones,
and
that's
basically
done.
We
have
some
cleanup
work
to
do
there,
but
there's
not
a
path
for
migrating
explicit
dependencies
on
the
requested
ones.
We
could
maybe
look
at
making
the
one
if
you
request
a
token
in
a
secret
like
moving
the
generation
of
that
from
the
controller
manager
into
the
API
server.
That
might
be
a
possibility,
but
the
nature
of
those
tokens
I,
don't
think
we
can
change
reasonably
because.
H
H
H
D
D
D
I
mean
yeah,
like
so
I
I,
don't
think
it's
out
of
scope,
I
I!
Think
if
you're
gonna
try
to
fix
it,
you
should
actually
try
to
fix
it
right.
So
stepping
back
for
a
bit
is
the
I.
Also
think.
Let
me
actually
pause
for
a
second
David.
You
wrote
a
comment
there.
You
want
to
talk
about
that.
First,
since
I
think
you
wrote.
D
D
D
F
E
D
F
Yeah
I'm
trying
to
understand
like
what
keys
are
being
used
that
are
more
powerful
than
access
to
the
cube.
Api
server
would
be
like.
If
you
have
access
to
the
keep
API
server,
you
can
already
do
things.
You
could
restart
the
qbi
server
with
another
key
pair
so
that
it
would
like
spit
out
tokens
and
accept
tokens
with
that
key
pair
like
if
you
have
that
level
of
access.
F
H
H
The
API,
the
verifying
of
those
of
tokens
signed
by
the
API
server
that
are
used
by
other
systems,
say
cloud
off
somewhere
is,
is
going
to
have
to
trust
the
API
server.
You
know
we're
not
necessarily
the
API
server,
but
wherever
you
have
the
issue
or
endpoint
for
The
Trusted
set
of
keys.
So
even
if
you
know,
if
a
if
a
bad
actor
does
who
control
the
API
server
does
add
a
new,
a
new,
you
know
row
key.
E
D
You
don't
need
to
do
that
right,
like
you,
could
just
use
like
the
request,
herder
stuff
right,
the
the
ability
to
just
tell
the
API
server
who
you
are
so
you
can
just
impersonate
any
identity
and
just
ask
you
to
Mint
tokens,
so
they
would
get
audited
you're
right
that
there
was
totally
because
it
would
be
following
the
regular
path.
It
would
be
a
regular
audit
Trail
for
this,
but
it
doesn't
prevent
you
from
basically
infinite
abuse
of
the
system
in
an
online
attack.
F
H
Okay,
because
then
you
then
you
have
like
yes,
an
operator
could,
at
you
know,
potentially
at
one
point,
create
a
road
key
update,
an
API
server,
a
key
or
music
credential
have
access
to
the
API
server,
but
they
don't
necessarily
have
access
to
the
external
system
that
those
tokens
are
being
used
for,
okay,
right
and
then
so
take
the
taste
of
AWS.
If,
if
even
even
a,
if,
even
if
I'm,
not
running
EPS,
I'm
running
cops
and
I.
Put
my
oh,
my
keys
in
an
S3
bucket
for
my
oidc
provider.
H
Now
I
have
now
as
a
you
know,
as
a
if
I
want
to
get
Cloud
credential
like
AWS
Cloud
credentials
by
by
assuming
some
role
with
with
a
token
signed
by
the
API
server.
I
have
to
have
the
key.
I
have
to
have
be
able
to
publish
that
key
to
the
public
endpoint
and,
and
it
is
now
it's
orderable
or
it's.
It's
yeah.
C
F
F
Otherwise
we
were
sort
of
like
half
fixing
the
problem
in
kubernetes
and
it
doesn't
really
make
sense
and,
like
someone
mentioned
something
about
types
of
EX
like
extending
this,
and
that
raises
big
questions
for
me,
like
I,
don't
really
want
the
token
surface
to
be
extendable,
I'm,
not
sure
exactly
what
was
meant
by
that
I
think
those
have
to
be
resolved
and
given
the
list
of
what
we
have
in
Flight,
I
would
rather
see
us
like
finish
some
in-progress
things
before
we
take
on
a
new
extension
point.
But
that's
my.
D
You
can
already
you
can
already
intercept
everything,
Jordan
request,
header
lets.
You
do
right,
like
that's
kind
of
the
point,
I'm
not
saying
it's
a
good
recommendation,
but
if,
at
the
end
of
the
day
we're
talking
about
a
significantly
complex
feature
that
has
like
an
incredibly
Niche
use
case,
I'm
kind
of
okay,
saying
that
you
get
an
incredibly
Niche
implementation
right,
maybe
I'm
kind
of
hand
waving
there.
A
little
bit.
I
haven't
thought
through
that
too
much.
D
But
the
the
other
thing
I
wanted
to
suggest
here
to
see
if
it
was
tractable
is
so
I'm
generally
like
really
not
in
favor
of
any
more
of
these
grpc
things
being
shoved
into
like
core
critical
parts
of
the
API
server.
Like
I've
learned
my
lesson
from
KMS:
it's
just
a
just
a
crappy
thing:
don't
do
it
don't
add
more!
D
Is
there
a
way
that
we
could
try
to
leverage
that
existing
extension
point
to
help
and
disregard
somehow
so
like
having
some
kind
of
way
to
like
chain
the
KMS?
To
give
you
like
a
derived
key
or
something,
but
something
that's
not
as
something
that's
not
on
disk,
but
maybe
in
memory,
maybe
with
some
kind
of
TTL
associated
with
it.
H
D
I
mean
it
would
stay
in
process
right.
The
API
server
is
not
going
to
write
it
out.
It's
got.
It's
got
to
stay
in
process
right,
so
I
I
think
at
some
point
you
can
start
saying
that
someone's
not
necessarily
going
to
be
able
to
get
into
the
memory
of
the
API
server.
But
maybe,
if
that's
still
in
your
threat
model,
then
you
get
really
painful.
H
D
So
you,
you
can't
really
meaningfully
export
those
because
they
die
very
quickly
but
they're,
not
in
line
to
the
request
right.
You
you
ask
for
it.
I
guess
you
I
think
it
goes
through
some
kind
of
CSR
flow,
but
you
you
generate
your
local
key,
you
ask
for
it
to
be
signed
and
you
have
it
intermediate
and
you
get
to
use
it
for
a
certain
amount
of
time.
D
F
G
E
E
F
I
did
I
like
I,
said
I'm,
not
really
expecting
us
to
like
leave
today,
knowing
like
this
is
exactly
what
we're
working
on
for
128,
but
I
wanted
to
I,
first
linked
to
the
open
enhancements
issues
tagged
with
Sig
auth,
just
to
remind
us
that
there's
a
lot
of
stuff
that
isn't
done
yet
that
we
kind
of
have
in
flight,
and
so
as
we
want
to
look
at
spinning
up
new
stuff.
Also,
let's
try
to
make
progress
and
complete
some
of
the
in-flight
stuff.
F
So
that
was
just
the
first
thing.
Take
a
look
there.
If
there
are
things
you've
been
involved
in
you
kind
of
forgot
about
or
sitting
here
in
beta,
maybe
look
at
what
it
takes
to
get
to
GA,
and
if
we
can
make
some
of
those
things
happen.
The
second
bullet
was
I.
Think
it'd
be
helpful
to
know
where
things
are
in
each
stage.
So
some
things
you
need
design
some
things
already
designed
and
we
just
need
to
like
Implement
them
and
make
progress.
Some
things
have
implementations
that
need
review.
F
So
whatever
the
work
is,
that
needs
to
be
done
like
the
next
step.
What
we're
wanting
to
accomplish
for
128,
let's
be
really
clear
about
like
what
the
goal
is
for
128
land
of
design
or
have
an
implementation
and
a
review,
and
then
we
need
to
make
sure
we're
load,
balancing
folks.
So
like
this,
this
isn't
really
like
a
wish
list
like
here's.
What
I
want
to
be
in
128,
but
I'm
not
planning
on
working
on.
This
is
more
like
here's,
what
I'm
planning
to
do
in
128.
F
And
then
I
roughly
sorted
this
list
in
order
of
like
things
that
were
furthest
along
in
the
pipeline.
So
there
are
a
couple
things
that
the
who
am
I,
API,
very
small
surface
area,
pretty
well
understood
pretty
much
just
mechanically
stepping
through
the
progression.
So
I
think
that
one
is
a
reasonable
thing
to
Target
GA
I'm
happy
to
review
it
and
I
need
to
get
confirmation.
Oh
I
see
a
someone
in
the
chat.
Hopefully
this
is
a
pretty
mechanical
graduation
to
GA
that
we
can
get
in.
I
F
F
F
E
D
Thought
Sergey
was
here,
that's
where
I
saw
him
on.
Maybe
he
had
to
drop
down
here?
Okay,
sure,
so
we
can
near
the
later.
Part
of
the
agenda
is
like
what
I'm
highlighting
here
like
I.
Have
some
stuff
I
want
to
make
changes
to
for
chemistry
to
to
the
crypto
stuff,
so
I,
so
in
my
mind,
KMS
V2
cannot
go
to
GA
in
128,
like
I
need
two
releases
like
I
planned
on
making
like
some
read
level
changes
and
then
some
right
level
changes.
D
So
if
we,
if
we're
saying
KMS
V2,
has
to
have
like
near
completed
automated
rotation,
then
we
gotta,
like
finish
all
the
storage
version,
stuff
If.
Instead,
we
would
pull
that
out,
maybe
into
its
own
thing
on
track
it
separately.
Then
it
would
not
necessarily
block
kmsv2
itself
from
going
GA
right,
so
there
could
be
a
separate
cap.
That's
basically
like
here's,
the
storage
version
API
that
does
this
right
now
and
here's
the
API
server
identity,
stuff.
That
does
this
right
now
and
together
and
add
some
enhancements.
And
here
you
go.
D
J
So
we
have
one
more
piece
of
Alpha
scope,
work
to
land
I,
think
in
128,
which
is
the
actual
projected
volume
support,
and
then
you
talked
about
beta,
but
I
think
it
makes
a
little
more
sense
to
land
cubelet
certificate,
support
like
cubelet
pod
certificate
support
and
have
them
both
be
at
Alpha
first,
so
we
can
see
how
they
play
together
if
that
makes
sense,
so
that
was
my
kind
of
optimistic
forward-looking
plan
was
I.
Have
that
draft
kept
about
workload?
J
J
E
F
I'm
not
opposed
to
getting
the
projected
volume
in
Alpha.
First
I
do
think
there's
value
in
the
API,
even
if
we
don't
have
the
projected
volumes
like
just
as
a
as
a
way
to
say
here's
how
you
get
the
signing
certificates
for
this.
Even
if
things
were
talking
to
the
API
directly
I
I
think
that's
a
useful
API,
even
by
itself
so
they're
delaying.
D
J
F
E
E
F
J
F
J
E
D
D
B
F
Would
like
to
be
able
to
control
the
failure
policy
on
a
web
hook
like
right
now
web
hooks
that
there's
an
error
calling
them
their
timeout
or
something
authorization's
like
well,
no
opinion
go
on
to
the
next
authorizer
and
I
would
like
to
be
able
to
say
if
this
authorizer
is
unavailable
that
counts
as
a
or
times
out.
That's
a
deal
closed,
so
I
am
interested.
I
can
help
with
review
at
the
very
least,
maybe
implementation
or
design,
but
I.
F
F
F
D
D
D
F
E
D
F
D
F
E
D
I
D
So
I
plan
on
working
on
this
one,
this
coming
release
and
probably
I'll,
probably
drag
the
niche
and
elect,
and
someone
else
with
me
then
yeah
and
I
think
some
of
the
I'm
forgetting
his
name.
But
a
member
of
the
community
helped
write
up
a
bunch
of
tests
that
test
the
existing
oidc
functionality
so
that
I
want
to
get
that
merged
sort
of
early
in
the
1
28
cycle.
So
we
can
have
the
CI
signal.
F
D
D
So
if
we,
if
we,
if
we,
if
we
write
code
that
messes
with
the
existing
stuff,
it
needs
to
be
really
strongly
gated
and
ideally
we
don't
mess
with
the
existing
stuff,
if
at
all
possible,
but
we
can
figure
that
out,
but
yeah
I
think
that's
the
core
thing
right
is
like.
If
you
have
an
alpha
implementation,
it
doesn't
have
to
be
perfect
or
done.
It
is
Alpha.
That
is
what
that
means.
Yeah.
I
D
E
I
D
But
yeah
so
that
that's
the
hard
part
right
is
like
I
had
basically
thought
that
we
would
just
copy
paste
the
existing
authenticator
and
just
start
ripping
it
apart
and
making
it
do
what
we
wanted.
But
that's
really
hard
to
do
if
we
have
to
maintain
perfect
feature
parity
with
the
other
one
or
behavioral
parody,
at
least
so,
but
I
understand
where
you're
coming
from
on
that
Jordan
I
I.
Just
that
wasn't
sort
of
what
was
on
my
mind
but
I.
E
D
F
F
G
F
D
G
D
G
G
A
J
D
D
So
obviously
the
part
where
the
remote
KMS
encrypts
a
data,
encryption
key
is
sort
of
unchanged,
but
currently
on
Startup
and
on
key
rotation.
We
do
some
fancy,
non's
calculation
and
sorry
I'm,
saying
that
wrong.
When
we
use
our
data
encryption
key
that
has
been
encrypted
by
the
KMS
plugin
every
time
we
do
an
encryption
with
it.
We
generate
a
new
nonce.
The
nonce
is
both
partially
random
and
it
has
a
counter.
We
are
limited
to
12
bytes,
because
AES
GCM
is
annoying,
so
that's
kind
of
how
it
works
today.
D
D
Let
me
step
back
for
a
second
canvas.
V1
had
none
of
these
issues
because
it
always
made
a
new
deck.
Every
time
it
was
going
to
do
an
encryption,
so
it
was
always
a
new
deck,
so
it
had
this
horrible,
like
failure
mode
where
it
always
needed
the
remote
plugin
to
be
100
available
for
every
single
call,
but
it
didn't
have
any
like
cryptographic
shortfalls
it
just
just
and
it
had
a
purely
random
knots.
D
So
I
I
wanted
to
come
up
with
an
approach
that
retains
the
existing
minimal
Reliance
on
the
external
KMS,
but
restores
more
of
the
capabilities
that
V1
had
from
the
crypto
standpoint,
while
not
sort
of
gaining
the
massive
cash
size
problem
that
V1
also
has
so
like.
In
order
to
function
efficiently,
you
need
like
an
effectively
an
unbounded
debt
cache
because
you
just
have
one-to-one
mapping.
D
So
this
this.
Basically
this
this
describes
a
scheme.
That's
vaguely
called
nonsense
extension.
So
it's
a
it's
a
mechanism
for
adding
extra
bytes
that
are
used
to
derive
sub
Keys,
which
is
it,
for
example.
It's
done
by
the
I
think
it's
called
Cha-Cha
forget
the
name.
Now
the
Cha
Cha
say:
first
Mike
I
see
you
on
muted.
Did
you
have
thoughts.
C
D
D
That
was
at
a
particular
counter
state
at
like
time,
10,
but
at
time
five
is
when
you
took
the
snapshot,
and
then
you
restored
the
VM
at
that
snapshot.
So
it's
going
to
go
from
five
to
ten
again,
so
it's
going
to
count
back
up
right.
So
all
of
those
things
that
encrypts
further
will
have
collisions.
C
D
Yes,
two
things
that
write
the
desk.
So
if
you
have
a
single
nonce
Collision,
you
immediately
leak
the
like
the
authentication,
key
and
I.
Think
I
think
you
only
need
like
a
handful
of
collisions
to
leak,
the
full
key
you
have
to
do
like
more
complex
math,
but
yeah
you
end
up
losing
the
actual
encryption
key
and
because
we're
using
the
same
deck
for
all
of
them.
You
basically
lose
the
entire
backup.
D
Right,
like
that's,
the
real
issue
is
that
even
if
this
happens
point
zero,
one
percent
of
the
time
or
zero
zero
one
percent.
In
those
cases,
the
whole
system
falls
apart
right.
So
right
now
the
canvas
V2
docs
basically
say
do
not
use
VMware
stay
restores
with
this
feature,
because
we
can't
guarantee
that
it'll
work
exactly
like
you
expect.
C
D
D
So
the
design
basically
says
we'll
just
use
an
hkdf
with
a
salt
that
we
store
beside
like
a
public
salt
that
we
store
with
the
existing
nonce
and
off
when
I
get
around
to
actually
making
an
actual
PR
for
this
I'll
have
all
the
links
to
the
stuff
where
I
looked
at
this
stuff.
But
it
the
scheme
is
generally
known
as
like
a
non-sustansian
scheme.
Right
is
that
you're
you're?
E
E
D
C
To
derive
the
keys,
but
then
the
sequence
numbers
for
like
asgcm
are
the
nonsense
for
the
TLs
record.
Numbers
are
the
nonsense
for
the
in
the
asgcm
Cyber
Suite
right,
and
they
don't
even
have
that
Randomness
that
we
add,
because
we
are,
you
know
adding
that
prefix
to
the
knots,
the
only
in
your
PR,
the
there's,
some
prefix
that
is
still
random.
So.