IETF Logo Mail Archive

Re: [jose] #23: Make crypto independent of binary encoding (base64)

John Bradley <ve7jtb@ve7jtb.com> Wed, 12 June 2013 06:16 UTC

Return-Path: <ve7jtb@ve7jtb.com>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 212C521F9C14 for <jose@ietfa.amsl.com>; Tue, 11 Jun 2013 23:16:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.598
X-Spam-Level:
X-Spam-Status: No, score=-2.598 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hv-ilOkEbzCn for <jose@ietfa.amsl.com>; Tue, 11 Jun 2013 23:16:54 -0700 (PDT)
Received: from mail-wg0-x236.google.com (mail-wg0-x236.google.com [IPv6:2a00:1450:400c:c00::236]) by ietfa.amsl.com (Postfix) with ESMTP id 4BE4C21F9A43 for <jose@ietf.org>; Tue, 11 Jun 2013 23:16:54 -0700 (PDT)
Received: by mail-wg0-f54.google.com with SMTP id n11so165966wgh.33 for <jose@ietf.org>; Tue, 11 Jun 2013 23:16:49 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=content-type:mime-version:subject:from:in-reply-to:date:cc :message-id:references:to:x-mailer:x-gm-message-state; bh=/aodH3k4QT054dko/eUogm/3OcI9tGE9VG4N79jYzQ8=; b=FMA5qw6NWtIBb5IcOdcm19tunDrv6/byxreC8c4CVAy35FZbMtvi9055OhBQUu2xkj OFPipXJ6Q+Bgl6SoqU+Ui99gIlqtKkoNIdkSQW3nad0nh+lFXEr4JFsCICu/vIy1eDb5 /U80rPythfEs5m+Iavynte1vlhVAJ3/KlvzweUz1Jq+eCO/lYKCU8LOrqh77wV/Be6ZR ygm6OMMmAIZxYsXj/l4GgJtSsVOYN6AhYMLqZER+9Z7vj7tJA4VL8zURjpA0xAUkzCUB eXO1IDZSA+FcOqbf2Lqi2zSzYl7h4IAfDRFvbSBUpZWRSPBzzPton091n3PE2A+L8/iE tDbA==
X-Received: by 10.180.108.3 with SMTP id hg3mr3393921wib.17.1371017809881; Tue, 11 Jun 2013 23:16:49 -0700 (PDT)
Received: from [192.168.50.14] ([87.213.45.202]) by mx.google.com with ESMTPSA id ay7sm989225wib.9.2013.06.11.23.16.47 for <multiple recipients> (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Tue, 11 Jun 2013 23:16:47 -0700 (PDT)
Content-Type: multipart/signed; boundary="Apple-Mail=_AE67C745-56E4-4731-A6A1-3CE501A6BF7C"; protocol="application/pkcs7-signature"; micalg="sha1"
Mime-Version: 1.0 (Mac OS X Mail 6.5 \(1508\))
From: John Bradley <ve7jtb@ve7jtb.com>
In-Reply-To: <CAHBU6isGzV1ZM1xczwK3v-rcusDwv6LHkag3KwX2QH+UFWGzpQ@mail.gmail.com>
Date: Wed, 12 Jun 2013 08:16:46 +0200
Message-Id: <637787CD-63D9-4FCC-8DFE-AF0692C262B3@ve7jtb.com>
References: <049.69ffc5ebf959c6eac7990651822fadf9@trac.tools.ietf.org> <CAHBU6isGzV1ZM1xczwK3v-rcusDwv6LHkag3KwX2QH+UFWGzpQ@mail.gmail.com>
To: Tim Bray <tbray@textuality.com>
X-Mailer: Apple Mail (2.1508)
X-Gm-Message-State: ALoCoQmw38fimSJwdpdvVVcpAUYezagw6m+b4SFi4oFzWiirGMjhlMisu+3w+/5gOq+mXcAfnK6O
Cc: Richard Barnes <rlb@ipv.sx>, draft-barnes-jose-use-cases@tools.ietf.org, jose issue tracker <trac+jose@trac.tools.ietf.org>, jose <jose@ietf.org>
Subject: Re: [jose] #23: Make crypto independent of binary encoding (base64)
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/jose>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 12 Jun 2013 06:16:56 -0000

Changing what the integrity is calculated over is about a big breaking change.

I have personally considered alternate encodings for constrained environments (internet of things) however the format we have now has the advantage that it is hard for developers to get wrong, unlike xmldsig.

Jim made a good point that you have to encode the length of the parts or have a separator that cannot appear in the parts. 

I expect that escaping every "." in the JSON is not going to work very well. 

We know what we have works.  It is possible to have long debates over things that won't work.

The integrity has always been calculated this way,  It is not new.

John B.


On 2013-06-12, at 6:20 AM, Tim Bray <tbray@textuality.com> wrote:

> I haven’t been following this closely, but someone who uses JWTs (there are a lot of them out there) asked me “Wouldn’t this break all the existing JWT libraries and software deployed in production?”  I’m not 100% sure, but it looks to me like the answer is yes.  Since i observe empirically that JWTs work very well in production for federated login and many other applications, and offer a level of security that is acceptable to some of the most paranoid security organizations in the world, I think this proposal is not remotely close to being cost-effective.
> 
> Forgive me if I’m wrong and this wouldn’t actually break JWTs.  -T
> 
> 
> On Tue, Jun 11, 2013 at 10:58 AM, jose issue tracker <trac+jose@trac.tools.ietf.org> wrote:
> #23: Make crypto independent of binary encoding (base64)
> 
>  The cryptographic operations that JOSE performs should not depend on the
>  transfer encoding used for binary components.  The operations should work
>  directly on the encoded byte strings, not on the encoded form.
> 
>  This is already true for content, IV, ciphertext, encrypted key, and
>  authentication tag.  The only thing that needs fixing is the protected
>  header value.  That's a little tricky, since the protected header value is
>  JSON, which doesn't have a standard encoding.  But it's not that onerous
>  just to convert it to UTF-8 -- in fact, senders are already required to
>  convert the protected header to UTF-8.
> 
>  So the only change is to require recipients to convert the protected
>  header to UTF-8 before using it.   This can be accomplished with two minor
>  changes:
> 
>  <http://tools.ietf.org/html/draft-ietf-jose-json-web-
>  signature-11#section-5.2>
>  OLD: "The resulting JWS Protected Header MUST be a completely valid JSON
>  object conforming to RFC 4627 [RFC4627]."
>  NEW: "The resulting JWS Protected Header MUST be a completely valid JSON
>  object conforming to RFC 4627 [RFC4627].  If the JWE Protected Header is
>  valid, convert it to the UTF-8 encoding.  Otherwise, reject the JWE."
> 
>  <http://tools.ietf.org/html/draft-ietf-jose-json-web-
>  encryption-11#section-5.2>
>  OLD: "The resulting JWE Protected Header MUST be a completely valid JSON
>  object conforming to RFC 4627 [RFC4627]."
>  NEW: "The resulting JWE Protected Header MUST be a completely valid JSON
>  object conforming to RFC 4627 [RFC4627].  If the JWE Protected Header is
>  valid, convert it to the UTF-8 encoding.  Otherwise, reject the JWE."
> 
> --
> -------------------------------------+-------------------------------------
>  Reporter:  rlb@ipv.sx               |      Owner:  draft-barnes-jose-use-
>      Type:  defect                   |  cases@tools.ietf.org
>  Priority:  major                    |     Status:  new
> Component:  draft-barnes-jose-use-   |  Milestone:
>   cases                              |    Version:
>  Severity:  -                        |   Keywords:
> -------------------------------------+-------------------------------------
> 
> Ticket URL: <http://trac.tools.ietf.org/wg/jose/trac/ticket/23>
> jose <http://tools.ietf.org/jose/>
> 
> _______________________________________________
> jose mailing list
> jose@ietf.org
> https://www.ietf.org/mailman/listinfo/jose
> 
> _______________________________________________
> jose mailing list
> jose@ietf.org
> https://www.ietf.org/mailman/listinfo/jose

v2.23.0 | Report a Bug | By Email