Re: [jose] DISCUSS: Nonce/Timestamp parameter
Mike Jones <Michael.Jones@microsoft.com> Mon, 27 August 2012 18:11 UTC
Return-Path: <Michael.Jones@microsoft.com>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3C14B21F8532 for <jose@ietfa.amsl.com>; Mon, 27 Aug 2012 11:11:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.842
X-Spam-Level:
X-Spam-Status: No, score=-3.842 tagged_above=-999 required=5 tests=[AWL=-0.243, BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kUiGeHJkIbZL for <jose@ietfa.amsl.com>; Mon, 27 Aug 2012 11:11:57 -0700 (PDT)
Received: from am1outboundpool.messaging.microsoft.com (am1ehsobe003.messaging.microsoft.com [213.199.154.206]) by ietfa.amsl.com (Postfix) with ESMTP id 3F26A21F8551 for <jose@ietf.org>; Mon, 27 Aug 2012 11:11:57 -0700 (PDT)
Received: from mail26-am1-R.bigfish.com (10.3.201.229) by AM1EHSOBE002.bigfish.com (10.3.204.22) with Microsoft SMTP Server id 14.1.225.23; Mon, 27 Aug 2012 18:11:55 +0000
Received: from mail26-am1 (localhost [127.0.0.1]) by mail26-am1-R.bigfish.com (Postfix) with ESMTP id 8930E2C0186; Mon, 27 Aug 2012 18:11:55 +0000 (UTC)
X-Forefront-Antispam-Report: CIP:131.107.125.8; KIP:(null); UIP:(null); IPV:NLI; H:TK5EX14HUBC103.redmond.corp.microsoft.com; RD:none; EFVD:NLI
X-SpamScore: -31
X-BigFish: VS-31(zzbb2dI98dI9371I168aJ542M1432Izz1202hzz1033IL8275dhz2fh2a8h668h839h944hd25hf0ah107ah1155h)
Received-SPF: pass (mail26-am1: domain of microsoft.com designates 131.107.125.8 as permitted sender) client-ip=131.107.125.8; envelope-from=Michael.Jones@microsoft.com; helo=TK5EX14HUBC103.redmond.corp.microsoft.com ; icrosoft.com ;
Received: from mail26-am1 (localhost.localdomain [127.0.0.1]) by mail26-am1 (MessageSwitch) id 1346091113254449_23460; Mon, 27 Aug 2012 18:11:53 +0000 (UTC)
Received: from AM1EHSMHS004.bigfish.com (unknown [10.3.201.227]) by mail26-am1.bigfish.com (Postfix) with ESMTP id 325161C004E; Mon, 27 Aug 2012 18:11:53 +0000 (UTC)
Received: from TK5EX14HUBC103.redmond.corp.microsoft.com (131.107.125.8) by AM1EHSMHS004.bigfish.com (10.3.207.104) with Microsoft SMTP Server (TLS) id 14.1.225.23; Mon, 27 Aug 2012 18:11:52 +0000
Received: from TK5EX14MBXC284.redmond.corp.microsoft.com ([169.254.1.176]) by TK5EX14HUBC103.redmond.corp.microsoft.com ([157.54.86.9]) with mapi id 14.02.0318.003; Mon, 27 Aug 2012 18:11:51 +0000
From: Mike Jones <Michael.Jones@microsoft.com>
To: Justin Richer <jricher@mitre.org>
Thread-Topic: [jose] DISCUSS: Nonce/Timestamp parameter
Thread-Index: Ac2CTJhfhDZ21YmQR8aBkF8crw0gfQCF+DqAAAavCgA=
Date: Mon, 27 Aug 2012 18:11:51 +0000
Message-ID: <4E1F6AAD24975D4BA5B1680429673943667AB0E9@TK5EX14MBXC284.redmond.corp.microsoft.com>
References: <4E1F6AAD24975D4BA5B1680429673943667A93F8@TK5EX14MBXC284.redmond.corp.microsoft.com> <503B8B2D.7070202@mitre.org>
In-Reply-To: <503B8B2D.7070202@mitre.org>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [157.54.51.75]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
Cc: Jim Schaad <ietf@augustcellars.com>, "jose@ietf.org" <jose@ietf.org>
Subject: Re: [jose] DISCUSS: Nonce/Timestamp parameter
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/jose>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 27 Aug 2012 18:11:58 -0000
It is. For those of you wondering what the reference to "issued at" is, see http://tools.ietf.org/html/draft-ietf-oauth-json-web-token-03#section-4.1.3. -- Mike -----Original Message----- From: Justin Richer [mailto:jricher@mitre.org] Sent: Monday, August 27, 2012 7:59 AM To: Mike Jones Cc: Jim Schaad; jose@ietf.org Subject: Re: [jose] DISCUSS: Nonce/Timestamp parameter How is "issued at" not a timestamp? -- Justin On 08/24/2012 07:02 PM, Mike Jones wrote: > I'll note for discussion purposes that a nonce and a timestamp are not the same thing (although sometimes they are used to achieve similar/related goals). A nonce tends to be an opaque value that must be preserved across the communication. Whereas a timestamp typically has defined semantics - sometimes simply a non-decreasing integer value - and sometimes a representation of time, and then, sometimes with a uniqueness requirement. > > For discussion purposes, I'll say that the simplest thing for us to do (should we decide to do anything in this regard) would be to define the nonce as an opaque string value that must be preserved. > > We could also define a timestamp parameter, but as I wrote above, that would likely require us to specify additional semantics - starting with whether it's a non-decreasing integer or a representation of a time value. This seems much harder to define and possibly to use than a nonce. > > Would it make sense to define a nonce parameter now and hold off on defining a timestamp parameter until there's a clear demonstrated use case for which a nonce is not sufficient? That would be my personal recommendation. > > Best wishes, > -- Mike > > -----Original Message----- > From: jose-bounces@ietf.org [mailto:jose-bounces@ietf.org] On Behalf Of Jim Schaad > Sent: Friday, August 17, 2012 12:05 AM > To: jose@ietf.org > Subject: [jose] POLL: Nonce/Timestamp parameter > > <CHAIR> > > If you voted at the face-2-face please do not vote again. If you want to provide comments please change the title from POLL to DISCUSS. > > Do we need to define a nonce/timestamp parameter in the base specification? > > > > Room vote: 6 yes, 0 no, 1 discuss > > > _______________________________________________ > jose mailing list > jose@ietf.org > https://www.ietf.org/mailman/listinfo/jose > > > _______________________________________________ > jose mailing list > jose@ietf.org > https://www.ietf.org/mailman/listinfo/jose
- Re: [jose] DISCUSS: Nonce/Timestamp parameter Justin Richer
- Re: [jose] DISCUSS: Nonce/Timestamp parameter Mike Jones
- Re: [jose] DISCUSS: Nonce/Timestamp parameter Axel.Nennker
- Re: [jose] DISCUSS: Nonce/Timestamp parameter Mike Jones
- Re: [jose] DISCUSS: Nonce/Timestamp parameter Axel.Nennker
- Re: [jose] DISCUSS: Nonce/Timestamp parameter Dick Hardt
- Re: [jose] DISCUSS: Nonce/Timestamp parameter Brian Eaton
- Re: [jose] DISCUSS: Nonce/Timestamp parameter Dick Hardt
- Re: [jose] DISCUSS: Nonce/Timestamp parameter Anthony Nadalin
- Re: [jose] DISCUSS: Nonce/Timestamp parameter Axel.Nennker
- Re: [jose] DISCUSS: Nonce/Timestamp parameter Mike Jones
- Re: [jose] DISCUSS: Nonce/Timestamp parameter Dick Hardt
- Re: [jose] DISCUSS: Nonce/Timestamp parameter Axel Nennker
- Re: [jose] DISCUSS: Nonce/Timestamp parameter Stephen Kent
- Re: [jose] DISCUSS: Nonce/Timestamp parameter Stephen Kent
- Re: [jose] DISCUSS: Nonce/Timestamp parameter Richard Barnes
- Re: [jose] DISCUSS: Nonce/Timestamp parameter Axel.Nennker
- Re: [jose] DISCUSS: Nonce/Timestamp parameter Justin Richer
- Re: [jose] DISCUSS: Nonce/Timestamp parameter John Bradley
- Re: [jose] DISCUSS: Nonce/Timestamp parameter John Bradley
- Re: [jose] DISCUSS: Nonce/Timestamp parameter Breno de Medeiros
- Re: [jose] DISCUSS: Nonce/Timestamp parameter Brian Campbell
- Re: [jose] DISCUSS: Nonce/Timestamp parameter Justin Richer
- Re: [jose] DISCUSS: Nonce/Timestamp parameter Jim Schaad
- Re: [jose] DISCUSS: Nonce/Timestamp parameter Mike Jones
- Re: [jose] DISCUSS: Nonce/Timestamp parameter Daniel Holth