Re: [jose] Propsoed Signing Procedure
Mike Jones <Michael.Jones@microsoft.com> Sat, 29 June 2013 04:37 UTC
Return-Path: <Michael.Jones@microsoft.com>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BC54A21F99EB for <jose@ietfa.amsl.com>; Fri, 28 Jun 2013 21:37:45 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.598
X-Spam-Level:
X-Spam-Status: No, score=-3.598 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CQvXlgq7IwWz for <jose@ietfa.amsl.com>; Fri, 28 Jun 2013 21:37:39 -0700 (PDT)
Received: from na01-by2-obe.outbound.protection.outlook.com (mail-by2lp0243.outbound.protection.outlook.com [207.46.163.243]) by ietfa.amsl.com (Postfix) with ESMTP id 4468421F99A1 for <jose@ietf.org>; Fri, 28 Jun 2013 21:37:39 -0700 (PDT)
Received: from BL2FFO11FD011.protection.gbl (10.173.161.201) by BL2FFO11HUB021.protection.gbl (10.173.161.45) with Microsoft SMTP Server (TLS) id 15.0.717.3; Sat, 29 Jun 2013 04:37:37 +0000
Received: from TK5EX14HUBC102.redmond.corp.microsoft.com (131.107.125.37) by BL2FFO11FD011.mail.protection.outlook.com (10.173.161.17) with Microsoft SMTP Server (TLS) id 15.0.717.3 via Frontend Transport; Sat, 29 Jun 2013 04:37:37 +0000
Received: from TK5EX14MBXC283.redmond.corp.microsoft.com ([169.254.2.25]) by TK5EX14HUBC102.redmond.corp.microsoft.com ([157.54.7.154]) with mapi id 14.03.0136.001; Sat, 29 Jun 2013 04:37:36 +0000
From: Mike Jones <Michael.Jones@microsoft.com>
To: Jim Schaad <ietf@augustcellars.com>, "jose@ietf.org" <jose@ietf.org>
Thread-Topic: [jose] Propsoed Signing Procedure
Thread-Index: Ac50fElxmCSb5LZPRZybsBfpsl+MsgABLACA
Date: Sat, 29 Jun 2013 04:37:35 +0000
Message-ID: <4E1F6AAD24975D4BA5B1680429673943678A8DDE@TK5EX14MBXC283.redmond.corp.microsoft.com>
References: <063101ce747e$425dd4f0$c7197ed0$@augustcellars.com>
In-Reply-To: <063101ce747e$425dd4f0$c7197ed0$@augustcellars.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [157.54.51.37]
Content-Type: multipart/alternative; boundary="_000_4E1F6AAD24975D4BA5B1680429673943678A8DDETK5EX14MBXC283r_"
MIME-Version: 1.0
X-Forefront-Antispam-Report: CIP:131.107.125.37; CTRY:US; IPV:CAL; IPV:NLI; EFV:NLI; SFV:NSPM; SFS:(377454003)(199002)(189002)(164054003)(44976004)(69226001)(51856001)(55846006)(56776001)(81542001)(46102001)(77982001)(19300405004)(81342001)(74876001)(59766001)(54316002)(76482001)(77096001)(54356001)(79102001)(47446002)(74662001)(74502001)(71186001)(15202345003)(56816003)(83072001)(31966008)(53806001)(74366001)(74706001)(33656001)(4396001)(76796001)(49866001)(80022001)(76786001)(47736001)(16406001)(65816001)(561944002)(63696002)(20776003)(6806003)(47976001)(50986001)(66066001)(512954002)(16236675002); DIR:OUT; SFP:; SCL:1; SRVR:BL2FFO11HUB021; H:TK5EX14HUBC102.redmond.corp.microsoft.com; CLIP:131.107.125.37; RD:InfoDomainNonexistent; A:1; MX:1; LANG:en;
X-OriginatorOrg: microsoft.onmicrosoft.com
X-O365ENT-EOP-Header: Message processed by - O365_ENT: Allow from ranges (Engineering ONLY)
X-Forefront-PRVS: 0892FA9A88
Subject: Re: [jose] Propsoed Signing Procedure
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/jose>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 29 Jun 2013 04:37:45 -0000
Your description below confuses the JWS Payload (which can be any octet sequence) and the Encoded JWS Payload (which is the base64url encoded representation of the JWS Payload). For instance, you made a typo in your point 3.c.iii below by writing "JWS Payload" when you meant "Encoded JWS Payload".
Likewise, your first point 3 in your proposed 8.1 should be referring to the Encoded JWS Payload - not the JWS Payload. Similarly, you left off the "Encoded" in the second point 3 of your proposed 8.1.
Likewise, you are confusing the Encoded Payload and the Payload in your proposed 8.2 text. The payload has to be able to represent any octet stream, which your text doesn't enable. That's why we have the Encoded Payload in the first place.
Do you want to revise your proposal to eliminate this confusion, differentiating between the JWS Payload - which can represent any octet sequence, and the JWS Encoded Payload, which is a URL-safe, JSON-string-safe representation of that octet stream?
I understand that editorially you're trying to restructure the signing and verification sections to be more agnostic to whether there are multiple signatures. I don't have any issue with that.
Thanks,
-- Mike
From: jose-bounces@ietf.org [mailto:jose-bounces@ietf.org] On Behalf Of Jim Schaad
Sent: Friday, June 28, 2013 9:07 PM
To: jose@ietf.org; Mike Jones
Subject: [jose] Propsoed Signing Procedure
I would suggest something along the following lines. It is still missing some of the descriptive text that is required, but not a great deal of it.
Jim
5.1 Message signing or MACing
To create a JWS, on performs the following steps. The order of the steps is information, however the result of performing the steps is prescriptive.
1. Verify the content to be used as the JWS Payload is an octet stream. If it is not then the fail.
2. If a common signature header field exists, then serialize the object describing the header using UTF-8 and then base64 URL that result. This is now the Encoded JWS Header.
3. For each signature to be created perform the following steps:
a. Obtain the algorithm to be used for the signature operation. This may be in the common signature protected header, the common signature unprotected header or the signature header objects. If this is not a legal and supported signature algorithm then fail.
b. Verify that the key to be used for the signature operation is compatible with the signature algorithm.
c. Concatenate the following values for the octet stream to be signed:
i. The Encoded JWS header if it exists,
ii. One period character ('.')
iii. The JWS payload
d. Compute the signature value using the key, the signature algorithm and the octet stream to be signed.
e. Base64url encode the signature value, this is the Encoded JWS signature.
Section 8.1 Compact serialization
In order for a compact serialization to be created, the following conditions must be met:
1. There must be exactly one signer
2. There must not be a common unprotected header field or a signer header field. These can be combined before the signature is created to form the common protected header field.
3. The JWS payload MUST conform to the character set which is used for base64url encoding. This is A-Za-z0-9 (and whatever the rest of them are)
The compact serialization is formed by concatenating the following items:
1. The Encoded JWS Header,
2. One period character ('.')
3. The JWS Payload
4. One period character ('.')
5. The Encoded JWS signature
Section 8.2 JSON Serialization
The JSON serialization is an object with the following members:
Protected - a string containing the Encoded JWS Header (OPTIONAL)
Unprotected - an object containing any common unprotected header values (OPTINAL)
Payload - a string containing the JWS Payload (REQUIRED)
Signatures - an array containing one element for each signature created. Each array element consists of an object with the following members:
Header - an object containing any signer specific unprotected header values (OPTINAL)
Signature - a string containing the Encoded JWS Signature for that signer.
- Re: [jose] Propsoed Signing Procedure Richard Barnes
- [jose] Propsoed Signing Procedure Jim Schaad
- Re: [jose] Propsoed Signing Procedure Mike Jones
- Re: [jose] Propsoed Signing Procedure Jim Schaad