Re: [jose] JWK Thumbprint spec incorporating feedback from IETF 90

"Manger, James" <James.H.Manger@team.telstra.com> Fri, 25 July 2014 07:48 UTC

Return-Path: <James.H.Manger@team.telstra.com>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 917DD1AD972 for <jose@ietfa.amsl.com>; Fri, 25 Jul 2014 00:48:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.201
X-Spam-Level:
X-Spam-Status: No, score=-0.201 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HELO_EQ_AU=0.377, HOST_EQ_AU=0.327, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RELAY_IS_203=0.994] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id b2uTldd44SAJ for <jose@ietfa.amsl.com>; Fri, 25 Jul 2014 00:48:09 -0700 (PDT)
Received: from ipxcvo.tcif.telstra.com.au (ipxcvo.tcif.telstra.com.au [203.35.135.208]) by ietfa.amsl.com (Postfix) with ESMTP id 9413D1A0011 for <jose@ietf.org>; Fri, 25 Jul 2014 00:48:06 -0700 (PDT)
X-IronPort-AV: E=Sophos; i="5.01,729,1399989600"; d="scan'208,217"; a="26898029"
Received: from unknown (HELO ipcbvi.tcif.telstra.com.au) ([10.97.217.204]) by ipocvi.tcif.telstra.com.au with ESMTP; 25 Jul 2014 17:36:34 +1000
X-IronPort-AV: E=McAfee;i="5600,1067,7509"; a="238665420"
Received: from wsmsg3752.srv.dir.telstra.com ([172.49.40.173]) by ipcbvi.tcif.telstra.com.au with ESMTP; 25 Jul 2014 17:46:51 +1000
Received: from WSMSG3153V.srv.dir.telstra.com ([172.49.40.159]) by WSMSG3752.srv.dir.telstra.com ([172.49.40.173]) with mapi; Fri, 25 Jul 2014 17:46:36 +1000
From: "Manger, James" <James.H.Manger@team.telstra.com>
To: Mike Jones <Michael.Jones@microsoft.com>, "jose@ietf.org" <jose@ietf.org>
Date: Fri, 25 Jul 2014 17:46:35 +1000
Thread-Topic: JWK Thumbprint spec incorporating feedback from IETF 90
Thread-Index: Ac+miKNuBtxfut2OQbOQnkt0qFG0jQBGkorQ
Message-ID: <255B9BB34FB7D647A506DC292726F6E1154BC0A106@WSMSG3153V.srv.dir.telstra.com>
References: <4E1F6AAD24975D4BA5B16804296739439ADDDB5B@TK5EX14MBXC294.redmond.corp.microsoft.com>
In-Reply-To: <4E1F6AAD24975D4BA5B16804296739439ADDDB5B@TK5EX14MBXC294.redmond.corp.microsoft.com>
Accept-Language: en-US, en-AU
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US, en-AU
Content-Type: multipart/alternative; boundary="_000_255B9BB34FB7D647A506DC292726F6E1154BC0A106WSMSG3153Vsrv_"
MIME-Version: 1.0
Archived-At: http://mailarchive.ietf.org/arch/msg/jose/66gKwg894_TVYjQ3HmzHgYhWeD4
Subject: Re: [jose] JWK Thumbprint spec incorporating feedback from IETF 90
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/jose/>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 25 Jul 2014 07:48:11 -0000

Mike,

> http://tools.ietf.org/html/draft-jones-jose-jwk-thumbprint-01

These JWK thumbprint changes are ok (saying anything “unusual” is undefined, to avoid defining canonical JSON).

However, the more important issues have not been addressed.
See my earlier comments http://www.ietf.org/mail-archive/web/jose/current/msg04054.html

Are JWK thumbprints suitable to use on a blacklist of revoked keys? Almost certainly not. The spec needs to be much clearer about when  it is and isn’t suitable to use these thumbprints.

SUGGESTION: Add this introductory text.

  A JWK thumbprint is a short label that unambiguously identifies a single mathematical key. When a thumbprint from another party matches a thumbprint you have, it is safe to assume the other party is referring to the same mathematical key as you. A matching thumbprint does not indicate that the other party has the same metadata about the key (eg algorithms, key-id, etc).

  When thumbprints do not match, it does not guarantee that different keys are being referenced as there can be alternative representations for a given mathematical key, each giving a different thumbprint. Consequently, a list of thumbprints is not a suitable way represent a blacklist of revoked keys, for instance.

SUGGESTION: Add a paragraph to the Security Considerations section warning against using JWK thumbprints in a blacklist.

  (perhaps based on the 2nd paragraph from the suggestion above)



The thumbprint spec say only REQUIRED fields are included in a thumbprint. The JWK spec says:
  “Use of the "use" member is OPTIONAL, unless the application requires its presence.”
I hope this doesn’t imply that “use” is sometimes omitted from the thumbprint, but sometimes included in the thumbprint because some applications require its presence.


Since you need special knowledge for each specific “kty” value to calculate a thumbprint (ie the fields to include for that “kty” value), it would be better to require each definition of a new “kty” value to explicitly list its thumbprint fields.

SUGGESTION: Modify the JSON Key Types Registry [JWA, section 7.4] to include a “Thumbprint fields” item. Modify draft-jones-jose-jwk-thumbprint to refer to this item, instead of REQUIRED fields.

  Thumbprint fields:
    List of fields (in addition to “kty”) that are included when calculating a
    thumbprint for a key with this “kty” value.

   o  "kty" Parameter Value: "EC"
   o  Thumbprint fields: "crv", "x", "y"

   o  "kty" Parameter Value: "RSA"
   o  Thumbprint fields: "e", "n"

   o  "kty" Parameter Value: "oct"
   o  Thumbprint fields: "k"


It is strange to define JWK in one spec, but establish a registry for type of JWKs in a different spec [JWA].
SUGGESTION: Move JWA sections 7.4 and 7.4.1 to the JWK spec.

--
James Manger

From: jose [mailto:jose-bounces@ietf.org] On Behalf Of Mike Jones
Sent: Thursday, 24 July 2014 1:13 AM
To: jose@ietf.org
Subject: [jose] JWK Thumbprint spec incorporating feedback from IETF 90

I’ve updated the JSON Web Key (JWK) Thumbprint specification to incorporate the JOSE working group feedback on the -00 draft from IETF 90<http://www.ietf.org/meeting/90/>.  The two changes were:

·         Said that the result is undefined if characters requiring escaping are needed in the hash input.

·         Added instructions for representing integer numeric values in the hash input.

If a canonical JSON representation standard is ever adopted, this specification could be revised to use it, resulting in unambiguous definitions for those values (which are unlikely to ever occur in JWKs) as well.  (Defining a complete canonical JSON representation is very much out of scope for this work!)

The specification is available at:

·         http://tools.ietf.org/html/draft-jones-jose-jwk-thumbprint-01