Re: [jose] Pete Resnick's Abstain on draft-ietf-jose-json-web-key-33: (with COMMENT)
Mike Jones <Michael.Jones@microsoft.com> Tue, 14 October 2014 12:52 UTC
Return-Path: <Michael.Jones@microsoft.com>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C995C1A87A1; Tue, 14 Oct 2014 05:52:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.902
X-Spam-Level:
X-Spam-Status: No, score=-1.902 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YLuAXmnd6et9; Tue, 14 Oct 2014 05:52:14 -0700 (PDT)
Received: from na01-bl2-obe.outbound.protection.outlook.com (mail-bl2on0137.outbound.protection.outlook.com [65.55.169.137]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 16C8E1A87C5; Tue, 14 Oct 2014 05:52:14 -0700 (PDT)
Received: from BN3PR0301CA0010.namprd03.prod.outlook.com (25.160.180.148) by CY1PR0301MB1209.namprd03.prod.outlook.com (25.161.212.143) with Microsoft SMTP Server (TLS) id 15.0.1049.19; Tue, 14 Oct 2014 12:52:12 +0000
Received: from BN1BFFO11FD060.protection.gbl (2a01:111:f400:7c10::1:138) by BN3PR0301CA0010.outlook.office365.com (2a01:111:e400:4000::20) with Microsoft SMTP Server (TLS) id 15.0.1049.19 via Frontend Transport; Tue, 14 Oct 2014 12:52:12 +0000
Received: from mail.microsoft.com (131.107.125.37) by BN1BFFO11FD060.mail.protection.outlook.com (10.58.145.15) with Microsoft SMTP Server (TLS) id 15.0.1039.16 via Frontend Transport; Tue, 14 Oct 2014 12:52:11 +0000
Received: from TK5EX14MBXC286.redmond.corp.microsoft.com ([169.254.1.93]) by TK5EX14HUBC103.redmond.corp.microsoft.com ([157.54.86.9]) with mapi id 14.03.0210.003; Tue, 14 Oct 2014 12:51:40 +0000
From: Mike Jones <Michael.Jones@microsoft.com>
To: Pete Resnick <presnick@qti.qualcomm.com>, The IESG <iesg@ietf.org>
Thread-Topic: Pete Resnick's Abstain on draft-ietf-jose-json-web-key-33: (with COMMENT)
Thread-Index: Ac/nrZP0e+k8EFGBTKiLptwaoglqKA==
Date: Tue, 14 Oct 2014 12:51:39 +0000
Message-ID: <4E1F6AAD24975D4BA5B16804296739439BB0D499@TK5EX14MBXC286.redmond.corp.microsoft.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [157.54.51.36]
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-EOPAttributedMessage: 0
X-Forefront-Antispam-Report: CIP:131.107.125.37; CTRY:US; IPV:CAL; IPV:NLI; IPV:NLI; EFV:NLI; SFV:NSPM; SFS:(10019020)(6009001)(438002)(189002)(377454003)(43784003)(52044002)(199003)(13464003)(51704005)(76482002)(55846006)(21056001)(95666004)(106466001)(81156004)(4396001)(104016003)(120916001)(107046002)(99396003)(77096002)(86612001)(230783001)(97736003)(92566001)(86362001)(92726001)(50466002)(85306004)(15975445006)(20776003)(19580395003)(19580405001)(44976005)(66066001)(6806004)(64706001)(23676002)(84676001)(47776003)(68736004)(69596002)(46102003)(2656002)(31966008)(15202345003)(85852003)(54356999)(87936001)(50986999)(26826002)(85806002)(33656002)(80022003); DIR:OUT; SFP:1102; SCL:1; SRVR:CY1PR0301MB1209; H:mail.microsoft.com; FPR:; MLV:ovrnspm; PTR:InfoDomainNonexistent; MX:1; A:1; LANG:en;
X-Microsoft-Antispam: UriScan:;
X-Microsoft-Antispam: BCL:0;PCL:0;RULEID:;SRVR:CY1PR0301MB1209;
X-O365ENT-EOP-Header: Message processed by - O365_ENT: Allow from ranges (Engineering ONLY)
X-Forefront-PRVS: 03648EFF89
Received-SPF: Pass (protection.outlook.com: domain of microsoft.com designates 131.107.125.37 as permitted sender) receiver=protection.outlook.com; client-ip=131.107.125.37; helo=mail.microsoft.com;
Authentication-Results: spf=pass (sender IP is 131.107.125.37) smtp.mailfrom=Michael.Jones@microsoft.com;
X-OriginatorOrg: microsoft.onmicrosoft.com
Archived-At: http://mailarchive.ietf.org/arch/msg/jose/2jqtcKLUxo0hKxFbOjmDZr2pAMM
Cc: "jose-chairs@tools.ietf.org" <jose-chairs@tools.ietf.org>, "draft-ietf-jose-json-web-key@tools.ietf.org" <draft-ietf-jose-json-web-key@tools.ietf.org>, "jose@ietf.org" <jose@ietf.org>
Subject: Re: [jose] Pete Resnick's Abstain on draft-ietf-jose-json-web-key-33: (with COMMENT)
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/jose/>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 14 Oct 2014 12:52:25 -0000
The proposed resolutions have been incorporated in the -33 draft. I hope that on that basis, you can change your ballot position from Abstain to No Objection. I did delete the "silly" sentence from Section 5.1, after all. Thanks again, -- Mike > -----Original Message----- > From: Mike Jones [mailto:Michael.Jones@microsoft.com] > Sent: Monday, October 06, 2014 12:54 AM > To: Pete Resnick; The IESG > Cc: jose-chairs@tools.ietf.org; draft-ietf-jose-json-web-key@tools.ietf.org; > jose@ietf.org > Subject: RE: Pete Resnick's Abstain on draft-ietf-jose-json-web-key-33: (with > COMMENT) > > Thanks for your review, Pete. I've added the working group to the thread so > they're aware of your comments. > > > -----Original Message----- > > From: Pete Resnick [mailto:presnick@qti.qualcomm.com] > > Sent: Wednesday, October 01, 2014 9:54 PM > > To: The IESG > > Cc: jose-chairs@tools.ietf.org; > > draft-ietf-jose-json-web-key@tools.ietf.org > > Subject: Pete Resnick's Abstain on draft-ietf-jose-json-web-key-33: > > (with > > COMMENT) > > > > Pete Resnick has entered the following ballot position for > > draft-ietf-jose-json-web-key-33: Abstain > > > > When responding, please keep the subject line intact and reply to all > > email addresses included in the To and CC lines. (Feel free to cut > > this introductory paragraph, however.) > > > > > > Please refer to > > http://www.ietf.org/iesg/statement/discuss-criteria.html > > for more information about IESG DISCUSS and COMMENT positions. > > > > > > The document, along with other ballot positions, can be found here: > > http://datatracker.ietf.org/doc/draft-ietf-jose-json-web-key/ > > > > > > > > ---------------------------------------------------------------------- > > COMMENT: > > ---------------------------------------------------------------------- > > > > Given my concerns with the other documents in this series, I'm not yet > > willing to ballot No Objection on this document. So I will Abstain, at least for > the moment. > > We'll see how the rest of the discussion goes. > > > > Comments directly on this document: > > > > 4/5: > > > > The member names within a JWK MUST be unique; recipients MUST either > > reject JWKs with duplicate member names or use a JSON parser that > > returns only the lexically last duplicate member name, as specified > > in Section 15.12 (The JSON Object) of ECMAScript 5.1 [ECMAScript]. > > > > That first MUST is bogus. You are allowing them not to be unique in > > the rest of the sentence. And it's not clear what you mean by "recipients" > > here. Sounds like you mean "parsers" or "interpreters". If it were me, > > I'd stick to the "MUST be unique" and be done with it, but either way > > this paragraph needs fixing. > > The first MUST is a requirement on producers; the second is a requirement on > consumers. I propose to reword this text to make this more explicit. > > This language has been extensively discussed in the working group and again as > a result of Stephen Kent's secdir review. For instance, see the thread "JWK > member names, was: [jose] SECDIR review of draft-ietf-jose-json-web-key-31" > in the JOSE mailing list archives, beginning on 9/12/14. There was a whole JSON > working group that created a new standards-track JSON spec (RFC 7159) that > that decided *not* to prohibit parsers from accepting inputs with duplicate > names. JOSE doesn't have sufficient influence to change the JSON parsers that > are actually deployed and available to developers. As Richard Barnes pointed > out during the telechat, the point of JOSE is to enable crypto with tools that > people actually have and use. If we rule out the use of existing parsers, we will > have failed to meet that basic goal. > > > 4.1: The second paragraph is redundant given the first paragraph; I'd delete it. > > Actually, it's not. The second paragraph says where the initial values are defined > (Section 6.1 of JWA). > > > And why do you need "use" at all given that you've got "key_ops"? > > They are for different use cases. Use is for public-key-only use cases and mirrors > what other specs do in this regard. key_ops was later added for WebCrypto, > and is for use cases where any of public, private, or symmetric keys may be > present. The "use" member predates "key_ops" by several years and was > already in widespread use before we added key_ops late in the game. We > talked about removing "use" but the working group was very much in favor of > retaining it. > > > 4.5: > > > > The structure of the "kid" value is > > unspecified. > > > > You should at least mention that this is a string. "The 'kid' value is > > a text string, but it's structure is otherwise unspecified." Or something like > that. > > It actually already does say "The "kid" value is a case-sensitive string". > > > 4.6 (and 4.7-4.9): > > > > If other members > > are present, the contents of those members MUST be semantically > > consistent with the related fields in the first certificate. > > > > This is a pretty silly use of MUST. If the answer to the question, > > "Why might someone do otherwise?" is "Because they're an idiot", you > > probably don't need the MUST. > > Jim Schaad and others were in favor of adding this language when the "x5u", > etc. parameters were added ... so that idiots aren't free to be idiots. :-) > > > 5: > > > > Implementations SHOULD ignore JWKs within a JWK Set that use "kty" > > (key type) values that are not understood by them, are missing > > required members, or for which values are out of the supported > > ranges. > > > > I don't understand that SHOULD. This is completely dependent on what > > the implementation is doing. Unknown key types might be ignorable, but > > they might be vitally important. Why is this not a MAY? > > This language also came from Jim Schaad. The point is that when RSA and > Elliptic Curve keys are eventually replaced by new key types, implementations > should be prepared to have new key types appear in the set of advertised keys > without breaking because they don't yet understand them. > > > 5.1: Strike the last sentence. It's silly. > > It describes a requirement of the JWK Set data format this is not otherwise > described. > > > 7: The first two sentences of the first paragraph and the first > > sentence of the second paragraph should be moved under Security > > Considerations; that's what this is. I'd delete the rest, as the > > encryption of any JSON object is handled by JWE. > > The sentences you would like to move are introductory material motivating the > descriptions of encrypted JWKs and JWK Sets and the recommendations to use > them under these circumstances. > > > You might mention the content type somewhere, but the way it is in the > > document now is way overdone, with the whole "MUST...unless construction. > > Simply make it: > > > > The content type of "jwk+json" can be used for "cty" header of the JWE. > > > > if you must have something. > > This specific language, using the "must ... unless" construction was a result of a > specific working group discussion on this topic, so I'm reluctant to tinker with it. > For instance, your "can" language loses the "must ... unless" sense that some > working group members insisted upon. > > Thanks again, > -- Mike