IETF Logo Mail Archive

Re: [jose] FOR WG DISCUSSION: #82 part A - Possibly changing representation of private JWK fields

Mike Jones <Michael.Jones@microsoft.com> Thu, 03 October 2013 03:20 UTC

Return-Path: <Michael.Jones@microsoft.com>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1411421F8F07 for <jose@ietfa.amsl.com>; Wed, 2 Oct 2013 20:20:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.165
X-Spam-Level:
X-Spam-Status: No, score=-3.165 tagged_above=-999 required=5 tests=[AWL=0.433, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fGtP-6zttMbh for <jose@ietfa.amsl.com>; Wed, 2 Oct 2013 20:20:03 -0700 (PDT)
Received: from na01-bl2-obe.outbound.protection.outlook.com (mail-bl2lp0205.outbound.protection.outlook.com [207.46.163.205]) by ietfa.amsl.com (Postfix) with ESMTP id C822F21F8F2E for <jose@ietf.org>; Wed, 2 Oct 2013 20:19:46 -0700 (PDT)
Received: from DM2PR03CA006.namprd03.prod.outlook.com (10.141.52.154) by BN1PR03MB007.namprd03.prod.outlook.com (10.255.224.37) with Microsoft SMTP Server (TLS) id 15.0.785.10; Thu, 3 Oct 2013 03:19:41 +0000
Received: from BY2FFO11FD005.protection.gbl (2a01:111:f400:7c0c::171) by DM2PR03CA006.outlook.office365.com (2a01:111:e400:2414::26) with Microsoft SMTP Server (TLS) id 15.0.785.10 via Frontend Transport; Thu, 3 Oct 2013 03:19:40 +0000
Received: from mail.microsoft.com (131.107.125.37) by BY2FFO11FD005.mail.protection.outlook.com (10.1.14.126) with Microsoft SMTP Server (TLS) id 15.0.785.10 via Frontend Transport; Thu, 3 Oct 2013 03:19:40 +0000
Received: from TK5EX14MBXC290.redmond.corp.microsoft.com ([169.254.1.157]) by TK5EX14HUBC107.redmond.corp.microsoft.com ([157.54.80.67]) with mapi id 14.03.0136.001; Thu, 3 Oct 2013 03:18:57 +0000
From: Mike Jones <Michael.Jones@microsoft.com>
To: "Manger, James H" <James.H.Manger@team.telstra.com>, Justin Richer <jricher@mitre.org>, Jim Schaad <ietf@augustcellars.com>, "jose@ietf.org" <jose@ietf.org>
Thread-Topic: [jose] FOR WG DISCUSSION: #82 part A - Possibly changing representation of private JWK fields
Thread-Index: AQHOv3tsOWz3vab9FU6tVj6nrFz1Spnh8eYAgABKDrCAABM/wA==
Date: Thu, 03 Oct 2013 03:18:56 +0000
Message-ID: <4E1F6AAD24975D4BA5B16804296739437201B2A0@TK5EX14MBXC290.redmond.corp.microsoft.com>
References: <4E1F6AAD24975D4BA5B16804296739436B7FBEA6@TK5EX14MBXC283.redmond.corp.microsoft.com> <521E552B.6060100@mitre.org> <CAOKiTbvnNka5jkY97ezyieGKhi_7WvnL6oEXTZNeWYzGWdEP+A@mail.gmail.com> <5223FF8E.1@nri.co.jp> <02f001cebf07$c0096300$401c2900$@augustcellars.com> <524C2CAF.1090009@mitre.org> <4E1F6AAD24975D4BA5B16804296739437201A306@TK5EX14MBXC290.redmond.corp.microsoft.com> <255B9BB34FB7D647A506DC292726F6E115318CAE20@WSMSG3153V.srv.dir.telstra.com>
In-Reply-To: <255B9BB34FB7D647A506DC292726F6E115318CAE20@WSMSG3153V.srv.dir.telstra.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [157.54.51.79]
Content-Type: multipart/alternative; boundary="_000_4E1F6AAD24975D4BA5B16804296739437201B2A0TK5EX14MBXC290r_"
MIME-Version: 1.0
X-Forefront-Antispam-Report: CIP:131.107.125.37; CTRY:US; IPV:CAL; IPV:NLI; EFV:NLI; SFV:NSPM; SFS:(189002)(51444003)(199002)(24454002)(479174003)(377454003)(79102001)(74366001)(74876001)(46102001)(16236675002)(53806001)(65816001)(59766001)(77982001)(54356001)(80022001)(63696002)(74706001)(20776003)(85306001)(19300405004)(83072001)(66066001)(512874002)(81342001)(81542001)(71186001)(15975445006)(31966008)(56776001)(74502001)(74662001)(54316002)(84326002)(76482001)(33656001)(80976001)(47446002)(4396001)(15202345003)(69226001)(56816003)(55846006)(6806004)(81816001)(44976005)(51856001)(77096001)(81686001)(19580405001)(19580395003)(76796001)(83322001)(47976001)(50986001)(49866001)(47736001)(76786001); DIR:OUT; SFP:; SCL:1; SRVR:BN1PR03MB007; H:mail.microsoft.com; CLIP:131.107.125.37; FPR:; RD:InfoDomainNonexistent; MX:1; A:1; LANG:en;
X-O365ENT-EOP-Header: Message processed by - O365_ENT: Allow from ranges (Engineering ONLY)
X-Forefront-PRVS: 09888BC01D
X-OriginatorOrg: DuplicateDomain-a84fc36a-4ed7-4e57-ab1c-3e967bcbad48.microsoft.com
Subject: Re: [jose] FOR WG DISCUSSION: #82 part A - Possibly changing representation of private JWK fields
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/jose>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 03 Oct 2013 03:20:16 -0000

Yes, these would use “kty”:”RSA” and additional key members defined by extensions, if needed.  In any event, if the private key is held in a TPM, its value wouldn’t be represented in the JWK.

From: Manger, James H [mailto:James.H.Manger@team.telstra.com]
Sent: Wednesday, October 02, 2013 7:29 PM
To: Mike Jones; Justin Richer; Jim Schaad; jose@ietf.org
Subject: RE: [jose] FOR WG DISCUSSION: #82 part A - Possibly changing representation of private JWK fields

> It’s not like the set of “kty” values is a fast-moving target.

A new classes of crypto might appear only occasionally, but I’m not sure that is the only time a new “kty” value will be needed. If your RSA private key is held in a smartcard a JWK representing that key to your software will not have “d”, “p” and “q” fields, but might have a PKCS#15 path and a PIN to unlock the smartcard. When an RSA key in on a TPM chip the JWK may have a TPMKEY URI <draft-mavrogiannopoulos-tpmuri>. When an RSA key is behind a PKCS#11 API the JWK needs the parameters to pass to PKCS#11 functions.

Do these JWKs use “kty”:”RSA”?

--
James Manger

From: jose-bounces@ietf.org<mailto:jose-bounces@ietf.org> [mailto:jose-bounces@ietf.org] On Behalf Of Mike Jones
Sent: Thursday, 3 October 2013 7:47 AM
To: Justin Richer; Jim Schaad; jose@ietf.org<mailto:jose@ietf.org>
Subject: Re: [jose] FOR WG DISCUSSION: #82 part A - Possibly changing representation of private JWK fields

I agree with Justin that the motivation for the breaking change seems pretty hypothetical to me.  Besides, a new standard key type only tends to be introduced every decade or so, so it *really* wouldn’t be that hard to update the hypothetical key filtering software to correctly filter new key types when needed, should such software ever be written.  It’s not like the set of “kty” values is a fast-moving target.

                                                                -- Mike

From: jose-bounces@ietf.org<mailto:jose-bounces@ietf.org> [mailto:jose-bounces@ietf.org] On Behalf Of Justin Richer
Sent: Wednesday, October 02, 2013 7:25 AM
To: Jim Schaad; jose@ietf.org<mailto:jose@ietf.org>
Subject: Re: [jose] FOR WG DISCUSSION: #82 part A - Possibly changing representation of private JWK fields

I think that the argument below is misleading -- why kind of hypothetical key parsing or filtering program is going to read a JWK that doesn't know the key types it's parsing out? I'm still not seeing the value in having things split out. From my vantage, it seems to be a fairly arbitrary syntax decision, and at this point I'd really rather not change syntax on stuff I'm already using on a daily basis.

 -- Justin
On 10/01/2013 08:38 PM, Jim Schaad wrote:
There is an argument below that it would be more robust to make any filter software know what is public and what is private since that enforces a per-type evaluation.  However I would argue that this is a problem for any new key type that is published after such filter software is done.

The program which is creating the JWK object is going to know what is public and what is private because it must have been updated in order to export the correct fields for the new key type.  However the filter code may not have been updated to understand this new key type and therefore has no ability to know what is public and what is private unless it was also programmed to do a registry lookup in the IANA registry to figure this out.  Even then it would be unable to deal with private key types.

By placing all private fields in a private object, the filter program would always be able to correct do the filtering and make sure that private key material is not published as it would, by definition, be in a single object which is easily identified.  This means that a server would not need to reject any new key types that it does not understand when trying to make sure that private information is not published.

To me this is more robust than not having this indicated by the exporter functions.

This is similar to what is done today in the ASN.1 case.  The ASN.1 structure description is different between the public key and the private key structures for those things you know about.  This makes it easy to do the decode on the public key and ensure that nothing exists that shouldn’t.  It is not possible for us to do a filter based just on the public fields since there are other elements that exist in the JWK object which have nothing to do with the key value.  I would not advocate having both a public and a private member object since that would be slightly ridiculous.

Jim

v2.23.0 | Report a Bug | By Email