Re: [COSE] Review draft-ietf-cose-webauthn-algorithms-02.txt
Mike Jones <Michael.Jones@microsoft.com> Sat, 02 November 2019 03:03 UTC
Return-Path: <Michael.Jones@microsoft.com>
X-Original-To: cose@ietfa.amsl.com
Delivered-To: cose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C9C54120A1A for <cose@ietfa.amsl.com>; Fri, 1 Nov 2019 20:03:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.89
X-Spam-Level:
X-Spam-Status: No, score=-1.89 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, HTTPS_HTTP_MISMATCH=0.1, SPF_PASS=-0.001, T_KAM_HTML_FONT_INVALID=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=microsoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id euKKzlQKWOTf for <cose@ietfa.amsl.com>; Fri, 1 Nov 2019 20:03:38 -0700 (PDT)
Received: from NAM06-DM3-obe.outbound.protection.outlook.com (mail-dm3nam06on070d.outbound.protection.outlook.com [IPv6:2a01:111:f400:fe56::70d]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AE2011209A6 for <cose@ietf.org>; Fri, 1 Nov 2019 20:03:30 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=ay7+U16TwIVtIq7GaoMaWfw91rUgTqnc9+uCFd7LNL5yH9WHYoqKr5ykGAZEiaFdEeA9q76qe3s/RmuxUjS2D0yUHUy/qMcX6E3OfP+L8EjsFfKf/8X+aPzhhn1aR90liiGZKgC7j5ZTh/Gdk4fVdacC215DDA9yGJyXsLhz27w+vCNFy6cUZfqCubWYsQTLF/ALvCb1wEyI6WdDMK1JQQwXXX8zN+nRjjg8WtCG4q0Aufmt8v4uwrxj8sClAWNrA1atnNulH16Nv4/Mt+RvS4jMj+R0QKUt///yCW/jRaV6vbp7i/WPtSXQJ2h/XY0ONgmx/TUFhceg0kJScd1AgQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=ySDQHIhBSSM2EqLY/6Ojuy434DT5pxZliOQZo7oXfHg=; b=cMBRcuEDzcPC24BUa+9juD4e/NMUacSYc2yAZ7VyfiQ8meFBpU4b+jmWNNUkKeKkT+YwJ4vdZOB0u6DPOVxdjQLe4gFj1NQFCx+si7hYbkTK/HjW4X2oPvgFMEziE7AKQsQX+SChWacPfUZoi8tGxXBK68zIiBEFKJ/XdGSpXUzVQPweVKfAIpPqwtFjo9CSIUn4jp0bPUPhVLZ98riMKK3rGqOQytx5X1Z24hr7xo+JMqW4Wcc7y3+fouVTAALyaZThReaHPYW3Pkj5vTjDwYP+oG18ruYenbbnynhh9OH1VnJB6NvzAWxv+uhhIuIsXlGxpodnww5qk8HZGbCyzA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=microsoft.com; dmarc=pass action=none header.from=microsoft.com; dkim=pass header.d=microsoft.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=ySDQHIhBSSM2EqLY/6Ojuy434DT5pxZliOQZo7oXfHg=; b=FxE0Kbx2JGonYFE0exynnmo4YszJS9zwWuvLw3Y1+qfZ3hLQ9tLzF9S3SQSe4vPdZva6etcgABWuDp49V1kDJG8c0JjtRp4vDA0YVeR4qZ+yPbAdslrcHBYd64yyu02bR6iR9C9PjwEb+ziSfL7+f79d+h0gzuxo5GCMqgHSAh8=
Received: from BYAPR00MB0565.namprd00.prod.outlook.com (20.179.56.23) by BYAPR00MB0565.namprd00.prod.outlook.com (20.179.56.23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2450.0; Sat, 2 Nov 2019 03:03:23 +0000
Received: from BYAPR00MB0565.namprd00.prod.outlook.com ([fe80::fc38:10d3:6060:8b60]) by BYAPR00MB0565.namprd00.prod.outlook.com ([fe80::fc38:10d3:6060:8b60%5]) with mapi id 15.20.2450.000; Sat, 2 Nov 2019 03:03:22 +0000
From: Mike Jones <Michael.Jones@microsoft.com>
To: Jim Schaad <ietf@augustcellars.com>, "cose@ietf.org" <cose@ietf.org>
Thread-Topic: [COSE] Review draft-ietf-cose-webauthn-algorithms-02.txt
Thread-Index: AdWKzH1ZtLW2gCD0TXmPehr3YYoMsAD0VUcwAKMJBBA=
Date: Sat, 02 Nov 2019 03:03:22 +0000
Message-ID: <BYAPR00MB056562BCB6482049BDD2FC74F57D0@BYAPR00MB0565.namprd00.prod.outlook.com>
References: <041a01d58e90$9449ff90$bcddfeb0$@augustcellars.com> <MN2PR00MB0574F4672E2BD1F23E074F89F5610@MN2PR00MB0574.namprd00.prod.outlook.com>
In-Reply-To: <MN2PR00MB0574F4672E2BD1F23E074F89F5610@MN2PR00MB0574.namprd00.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_ActionId=493681de-f555-455f-931b-0000516ad6f2; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_ContentBits=0; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Enabled=true; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Method=Standard; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Name=Internal; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SetDate=2019-10-29T21:14:17Z; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SiteId=72f988bf-86f1-41af-91ab-2d7cd011db47;
authentication-results: spf=none (sender IP is ) smtp.mailfrom=Michael.Jones@microsoft.com;
x-originating-ip: [50.47.93.218]
x-ms-publictraffictype: Email
x-ms-office365-filtering-ht: Tenant
x-ms-office365-filtering-correlation-id: d5398966-5d92-484e-c20e-08d75f4138f0
x-ms-traffictypediagnostic: BYAPR00MB0565:
x-microsoft-antispam-prvs: <BYAPR00MB05650CBE2E5DFA83A2CF52C5F57D0@BYAPR00MB0565.namprd00.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-forefront-prvs: 0209425D0A
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(39860400002)(366004)(346002)(396003)(136003)(376002)(189003)(199004)(13464003)(5660300002)(11346002)(52536014)(316002)(14444005)(22452003)(256004)(74316002)(110136005)(86362001)(966005)(10290500003)(14454004)(33656002)(478600001)(2501003)(66574012)(25786009)(606006)(229853002)(66066001)(6116002)(790700001)(76116006)(446003)(66946007)(66476007)(486006)(6306002)(55016002)(54896002)(9686003)(53546011)(6436002)(102836004)(6506007)(76176011)(99286004)(3846002)(7696005)(2906002)(236005)(4001150100001)(81166006)(8936002)(6246003)(81156014)(8676002)(7736002)(8990500004)(71200400001)(476003)(71190400001)(186003)(26005)(64756008)(66446008)(66556008)(10090500001); DIR:OUT; SFP:1102; SCL:1; SRVR:BYAPR00MB0565; H:BYAPR00MB0565.namprd00.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: microsoft.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: fU6NS8rdRoIRFiXlS7TZ4ZajXPhcONQa99VGMrZnfBW83Mk4BKlmAnAemUqkS8RLWo7d3q3X/tOVCD35AZtoc22HtIMlWe4YQiK45JwPYszGdvGMxTWtdFD7dF3pOFq7/6SMniKAcs5DidNMtyqvJ0MvkJX+dYacnvEvG7FvwaSEkYtLgfuoabfqVkcJYhB52QRfP9i2skaaUqEwBrPYk143D8+GttLH78S3j4wDokObE1GxZy+swK2Wpi6SZvpOHD6hSjQBP6RVPsxkei42uMy+kb6D1DcCfVOZpWNNJbEEyLXq6WCUTtcyW5/7HwCVNWs+p+uCctjRN2nRs44KNP/0rj0HSfdofCr7bgLXnu0We4TkZ1b9reQlI0fF+dGre1/h8lHf//VAnZdzUI/uDpibwLOhikHzHPA8Qre5I4DPMB3XfUCw0PyKpwwCh963
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_BYAPR00MB056562BCB6482049BDD2FC74F57D0BYAPR00MB0565namp_"
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
X-MS-Exchange-CrossTenant-Network-Message-Id: d5398966-5d92-484e-c20e-08d75f4138f0
X-MS-Exchange-CrossTenant-originalarrivaltime: 02 Nov 2019 03:03:22.7480 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: mlZeWJAehOQ/ixvT8DoYlTuJmPLaZ9P6nROr6imONkdj6GXDi4ov2RuGCArZS0pDw1D0Ppba10QHu2j8yC2rdg==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BYAPR00MB0565
Archived-At: <https://mailarchive.ietf.org/arch/msg/cose/m4F2fd7LauQeF-tgen-OKNgkMDM>
Subject: Re: [COSE] Review draft-ietf-cose-webauthn-algorithms-02.txt
X-BeenThere: cose@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: CBOR Object Signing and Encryption <cose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/cose>, <mailto:cose-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cose/>
List-Post: <mailto:cose@ietf.org>
List-Help: <mailto:cose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/cose>, <mailto:cose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 02 Nov 2019 03:03:43 -0000
-03 has been published, which addresses Jim's review comments on -02 in the manner described in the reply below. Thanks again for your reviews, Jim.
-- Mike
From: Mike Jones
Sent: Tuesday, October 29, 2019 4:20 PM
To: Jim Schaad <ietf@augustcellars.com>; cose@ietf.org
Subject: RE: [COSE] Review draft-ietf-cose-webauthn-algorithms-02.txt
Replies are inline, prefixed by "Mike>".
-----Original Message-----
From: COSE <cose-bounces@ietf.org<mailto:cose-bounces@ietf.org>> On Behalf Of Jim Schaad
Sent: Tuesday, October 29, 2019 12:39 PM
To: cose@ietf.org<mailto:cose@ietf.org>
Subject: [COSE] Review draft-ietf-cose-webauthn-algorithms-02.txt
1. The document needs to have a short title added to it.
Mike> I've added this "abbrev" value in the current editor's draft "COSE & JOSE Registrations for WebAuthn Algs", which fits in the available space.
2. Abstract - The text "FIDO Alliance FIDO2 Client to Authenticator Protocol" needs to get cleaned up. It is not clear to me if FIDO2 is supposed to be an abbreviation of the previous FIDO Alliance or not. Flip the sentence to use from or insert specification earlier.
Mike> I've deleted "FIDO2" (which was being used as an adjective applying the spec name).
3. Section 1 - I am not sure why you are using the term "related" rather than "the" in this section. This seems to be different than the abstract in that feature. Relate makes me think that it is something that is different but similar in this case.
Mike> I've deleted "related".
4. While I guess it is reasonable to have the description of why things are not recommended in the security considerations, I myself would not really think of them as such. However not having a pointer from section 2 to that information seems harsh as we are saying the are not recommended without have a pointer to the discussion.
Mike> I've added the pointers.
5. I have problems with the following text: "Implementation of this algorithm is RECOMMENDED because of its widespread use in decentralized systems and those that chose it over the NIST curves." Firstly, this is an incorrect use of the RFC 2119 language, this is not a protocol statement.
Mike> I've lowercased "recommended".
Secondly, this is not what the recommended column in table 2 means and thus is trying to overload that column with something that is not real. Third, the fact that people chose this over the NIST curves is not necessarily a reason for the IETF to recommended its implementation.
Mike> Recall that the JOSE algorithms come with Implementation Requirements (see https://tools.ietf.org/html/rfc7518#section-7.1.1), whose values are one of Required, Recommended, Optional, Deprecated, or Prohibited. It's in that sense that the word "Recommended" is being used - more than Optional but less than Required. The COSE registry value that seems to most closely correspond with this is "Recommended: True". (As I see it, it's unfortunate that COSE compressed these five values down to two, but I realize that that's water under the bridge, unless we want to reconsider this choice in the BIS COSE registry instructions.)
6. I still want to see in the text the reasoning behind not just using the current ECDSA algorithm in COSE.
Mike> I provided the reasoning in my response to your previous review. Having a curve-specific algorithm identifier lets implementations do what you asked about - ensuring that the curve associated with a key cannot be changed and the modified key still be used.
7. Add text on checking point is on the curve to section 5.4
Mike> I assume you're talking about adding text like that in https://tools.ietf.org/html/draft-ietf-oauth-jwt-bcp-07#section-3.4. I'll admit that I'm not enough of an expert on secp256k1 usage to know whether an on-curve check is what is called for or a different validation procedure. A definitive reference would be highly appreciated. In particular, I don't know whether the Galois y² = x³ + 7 finite field form used with secp256k1 is amenable to a check that the (x, y) pair are on the curve or whether a different check is needed.
Thanks again for your detailed reviews, Jim. I'll plan to publish a new draft incorporating these issue resolutions before Monday's submission cutoff.
-- Mike
-----Original Message-----
From: COSE <cose-bounces@ietf.org<mailto:cose-bounces@ietf.org>> On Behalf Of internet-drafts@ietf.org<mailto:internet-drafts@ietf.org>
Sent: Thursday, October 24, 2019 2:35 PM
To: i-d-announce@ietf.org<mailto:i-d-announce@ietf.org>
Cc: cose@ietf.org<mailto:cose@ietf.org>
Subject: [COSE] I-D Action: draft-ietf-cose-webauthn-algorithms-02.txt
A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the CBOR Object Signing and Encryption WG of the IETF.
Title : COSE and JOSE Registrations for WebAuthn
Algorithms
Author : Michael B. Jones
Filename : draft-ietf-cose-webauthn-algorithms-02.txt
Pages : 13
Date : 2019-10-24
Abstract:
The W3C Web Authentication (WebAuthn) specification and the FIDO
Alliance FIDO2 Client to Authenticator Protocol (CTAP) specification
use CBOR Object Signing and Encryption (COSE) algorithm identifiers.
This specification registers the following algorithms in the IANA
"COSE Algorithms" registry, which are used by WebAuthn and CTAP
implementations: RSASSA-PKCS1-v1_5 using SHA-256, SHA-384, SHA-512,
and SHA-1, and ECDSA using the secp256k1 curve and SHA-256. It
registers the secp256k1 elliptic curve in the IANA "COSE Elliptic
Curves" registry. Also, for use with JSON Object Signing and
Encryption (JOSE), it registers the algorithm ECDSA using the
secp256k1 curve and SHA-256 in the IANA "JSON Web Signature and
Encryption Algorithms" registry and the secp256k1 elliptic curve in
the IANA "JSON Web Key Elliptic Curve" registry.
The IETF datatracker status page for this draft is:
https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdatatracker.ietf.org%2Fdoc%2Fdraft-ietf-cose-webauthn-algorithms%2F&data=02%7C01%7CMichael.Jones%40microsoft.com%7Ce279955f279c4ac5a9a908d75ca7c308%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637079747916555344&sdata=P5WknFu56wOZwH1i%2BRJMvqjHYjF9VD32CSrkWBg5bA8%3D&reserved=0
There are also htmlized versions available at:
https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Ftools.ietf.org%2Fhtml%2Fdraft-ietf-cose-webauthn-algorithms-02&data=02%7C01%7CMichael.Jones%40microsoft.com%7Ce279955f279c4ac5a9a908d75ca7c308%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637079747916555344&sdata=ZutAl6JaemEvVdC5KZFeTthXl75YYP1ebBgrNWcSi1A%3D&reserved=0
https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdatatracker.ietf.org%2Fdoc%2Fhtml%2Fdraft-ietf-cose-webauthn-algorithms-02&data=02%7C01%7CMichael.Jones%40microsoft.com%7Ce279955f279c4ac5a9a908d75ca7c308%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637079747916555344&sdata=R%2FKt7qEM0q3v4%2FFvm0WSLoHPkQP8vHK5I4qXyFQXBIk%3D&reserved=0
A diff from the previous version is available at:
https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf.org%2Frfcdiff%3Furl2%3Ddraft-ietf-cose-webauthn-algorithms-02&data=02%7C01%7CMichael.Jones%40microsoft.com%7Ce279955f279c4ac5a9a908d75ca7c308%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637079747916555344&sdata=Zt9aIA57AKdF2PlPPtlm2E%2F6OjAvizDxU%2BoRrkpTwKI%3D&reserved=0
Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org.
Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/
_______________________________________________
COSE mailing list
COSE@ietf.org<mailto:COSE@ietf.org>
https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2Fcose&data=02%7C01%7CMichael.Jones%40microsoft.com%7Ce279955f279c4ac5a9a908d75ca7c308%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637079747916555344&sdata=k6n9t50ylb2R8YbKl6x479T253Zw0iLSMbIex5nYmV0%3D&reserved=0
_______________________________________________
COSE mailing list
COSE@ietf.org<mailto:COSE@ietf.org>
https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2Fcose&data=02%7C01%7CMichael.Jones%40microsoft.com%7Ce279955f279c4ac5a9a908d75ca7c308%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637079747916555344&sdata=k6n9t50ylb2R8YbKl6x479T253Zw0iLSMbIex5nYmV0%3D&reserved=0