Re: [Acme] Specify which JWS serialization is used

[Jörn Heissler <acme-specs@joern.heissler.de>]

On Thu, Jan 04, 2018 at 09:47:19 +1000, Fraser Tweedale wrote:
> I am the author of a JOSE library, and have had to deal with
> interoperability issues arising from the multiple serialisations and
> underspecified applications/protocols.  Please heed my advice.
> 
> Where there is a choice of JSON serialisation (i.e. exactly one
> signature), JOSE does not require or recommend a particular
> serialisation be used.  Not does the specification require or
> recommend that there be a mechanism for telling a library what JSON
> serialisation to use.  The outcome of this is that there are:
> 
> - implementations that unconditionally produce the General JSON
>   serialisation
> 
> - implementations that unconditionally produce the Flattened JSON
>   serialisation (and do not support multiple signatures at all)
> 
> - implementations that produce the Flattened serialisation when
>   there is a single signature, and the General JSON serialisation
>   otherwise
> 
> Therefore for interoperability and to avoid situations where a
> conforming JOSE library cannot be used for ACME, I suggest that ACME
> adopt the following regime:
> 
> - Conforming ACME implementations MUST process JWS objects using the
>   Flattened JWS JSON Serialization and SHOULD process JWS objects
>   using the General JWS JSON Serialization.
> 
> - Conforming ACME implementations MAY refuse to process JWS objects
>   with multiple signatures.  If an implementation accepts
>   multiple-signature JWS objects, it MUST validate at least one
>   signature using the account's public key.

This would work for me. I'm currently writing a new client (We need more
ACME clients!) and I'd prefer to stick to a single hard coded
serialization format which works with every conforming CA. Adding
flexibility (Use "flat" for this CA, use "general" for that CA, etc.)
would be troublesome.

But I'm worried about client implementations that use the next best JOSE
library which "unconditionally produces the General JSON serialisation".
Most CAs would support it ("SHOULD"). But some might decide not to:
"Yeah, we SHOULD support this. But our JOSE library only understands
the flat format and everyone but YOU does use the flat format".
Then who's to blame, the client or the CA?

Should this be changed to "MUST" or to "MAY"?
I.e. "flat" MUST be supported, "general" MUST/MAY be supported,
"compact" MAY be supported but needs a "application/jose" content type.


On Wed, Jan 03, 2018 at 19:51:53 -0600, Logan Widick wrote:
>    Here is a pull
>    request: [1]https://github.com/ietf-wg-acme/acme/pull/382
>    Let me know what you think.

> +Conforming ACME implementations MUST NOT process JWS objects using
> +the Compact JWS Serialization.

I think "compact" should be acceptable ("MAY process") iff the client sends
a "Content-Type: application/jose" header.

>    As for using JOSE implementations that lack support for the JSON
>    serialization formats (and only support the compact one), is there an
>    RFC, Internet-Draft, or similar document with an explanation of the
>    conversion process already prepared (that can simply be thrown into the
>    ACME draft's references section)? Or would it be necessary to include
>    an appendix in the ACME draft with an outline of the conversion
>    process? The conversion process looks fairly straightforward. However,
>    it would be nice if there was a document or part of a document that
>    could be easily referenced.

Your conversion guide sounds good. But personally I'd move this to a
separate document (like you were looking for) because it would be useful
in non-ACME related applications too.

Cheers,
Jörn