IETF Logo Mail Archive

Re: [jose] Field Matrix

Mike Jones <Michael.Jones@microsoft.com> Thu, 20 June 2013 21:03 UTC

Return-Path: <Michael.Jones@microsoft.com>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E4F4121E804E for <jose@ietfa.amsl.com>; Thu, 20 Jun 2013 14:03:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.477
X-Spam-Level:
X-Spam-Status: No, score=-2.477 tagged_above=-999 required=5 tests=[AWL=0.121, BAYES_00=-2.599, HTML_MESSAGE=0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0COtQnrVZ2eW for <jose@ietfa.amsl.com>; Thu, 20 Jun 2013 14:03:25 -0700 (PDT)
Received: from na01-bl2-obe.outbound.protection.outlook.com (mail-bl2lp0211.outbound.protection.outlook.com [207.46.163.211]) by ietfa.amsl.com (Postfix) with ESMTP id 8D2A821E8093 for <jose@ietf.org>; Thu, 20 Jun 2013 14:03:24 -0700 (PDT)
Received: from BY2FFO11FD025.protection.gbl (10.1.15.204) by BY2FFO11HUB028.protection.gbl (10.1.14.139) with Microsoft SMTP Server (TLS) id 15.0.707.0; Thu, 20 Jun 2013 21:02:12 +0000
Received: from TK5EX14HUBC106.redmond.corp.microsoft.com (131.107.125.37) by BY2FFO11FD025.mail.protection.outlook.com (10.1.15.214) with Microsoft SMTP Server (TLS) id 15.0.707.0 via Frontend Transport; Thu, 20 Jun 2013 21:02:12 +0000
Received: from TK5EX14MBXC283.redmond.corp.microsoft.com ([169.254.2.25]) by TK5EX14HUBC106.redmond.corp.microsoft.com ([157.54.80.61]) with mapi id 14.03.0136.001; Thu, 20 Jun 2013 21:01:40 +0000
From: Mike Jones <Michael.Jones@microsoft.com>
To: Richard Barnes <rlb@ipv.sx>, Jim Schaad <ietf@augustcellars.com>
Thread-Topic: [jose] Field Matrix
Thread-Index: Ac5t5xRPeyoH6vXbTWe6CTWcVqhYoAAEOSMAAAAwarA=
Date: Thu, 20 Jun 2013 21:01:40 +0000
Message-ID: <4E1F6AAD24975D4BA5B16804296739436787AC69@TK5EX14MBXC283.redmond.corp.microsoft.com>
References: <053f01ce6de7$8ed108e0$ac731aa0$@augustcellars.com> <CAL02cgTVfWU_Ly1txm_k6s+omX8ZzUHTbp58HK03_EZ0qg_7cA@mail.gmail.com>
In-Reply-To: <CAL02cgTVfWU_Ly1txm_k6s+omX8ZzUHTbp58HK03_EZ0qg_7cA@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [157.54.51.79]
Content-Type: multipart/alternative; boundary="_000_4E1F6AAD24975D4BA5B16804296739436787AC69TK5EX14MBXC283r_"
MIME-Version: 1.0
X-Forefront-Antispam-Report: CIP:131.107.125.37; CTRY:US; IPV:CAL; IPV:NLI; EFV:NLI; SFV:NSPM; SFS:(24454002)(199002)(189002)(377454003)(54316002)(56816003)(66066001)(79102001)(55846006)(19300405004)(81342001)(4396001)(71186001)(65816001)(54356001)(74662001)(74502001)(74366001)(16236675002)(46102001)(44976004)(16406001)(512954002)(53806001)(51856001)(76482001)(77982001)(31966008)(76786001)(20776003)(77096001)(74876001)(50986001)(74706001)(81542001)(69226001)(80022001)(63696002)(76796001)(47446002)(47976001)(15202345003)(47736001)(49866001)(56776001)(33656001)(6806003)(59766001); DIR:OUT; SFP:; SCL:1; SRVR:BY2FFO11HUB028; H:TK5EX14HUBC106.redmond.corp.microsoft.com; CLIP:131.107.125.37; RD:InfoDomainNonexistent; A:1; MX:1; LANG:en;
X-OriginatorOrg: microsoft.onmicrosoft.com
X-O365ENT-EOP-Header: Message processed by - O365_ENT: Allow from ranges (Engineering ONLY)
X-Forefront-PRVS: 08831F51DC
Cc: "jose@ietf.org" <jose@ietf.org>
Subject: Re: [jose] Field Matrix
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/jose>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 20 Jun 2013 21:03:32 -0000

There was a working group decision at the Denver meeting that "crit" must be integrity protected.  The reason for this is straightforward.

If not integrity protected, an attacker could strip the "crit" field, defeating the semantic requirement that implementations must reject the input if a "crit" value is used that is not understood.  Thus, the spec requires that this field be integrity protected whenever used.

                                                                -- Mike

From: jose-bounces@ietf.org [mailto:jose-bounces@ietf.org] On Behalf Of Richard Barnes
Sent: Thursday, June 20, 2013 1:52 PM
To: Jim Schaad
Cc: jose@ietf.org
Subject: Re: [jose] Field Matrix

You can eliminate the "protection required" field, because there aren't any of those.

Or there shouldn't be: The only security case we have is algorithm dependent ("alg" must be protected if "alg" == "PS256", "PS512").  The only fields for which the specs currently require integrity protection are "zip" and "crit".  Neither of these have the property that changing them would cause a security violation, except in some application-dependent sense.  So the choice of integrity protection should be left to applications, not fixed in the spec.

--Richard

On Thu, Jun 20, 2013 at 2:54 PM, Jim Schaad <ietf@augustcellars.com<mailto:ietf@augustcellars.com>> wrote:
<no hat>

Having just started looking at a design implementation, I am now more than ever interested in seeing this matrix of fields.  At the present time I think the following columns are probably of interest:

Name, must understand, use required, common vs specific, protection required

I was just looking at the alg and enc fields for JWE and realized that one was specific - so it should be one location - and one was common - so it should be in a different location.  And then I needed to start thinking about where it goes in terms of compacted vs one recipient vs two recipients.

Do you have an idea of when this matrix might show up?

Jim

v2.23.0 | Report a Bug | By Email