IETF Logo Mail Archive

Re: [jose] JOSE top-level syntax proposal

"Vladimir Dzhuvinov / NimbusDS" <vladimir@nimbusds.com> Fri, 01 June 2012 12:16 UTC

Return-Path: <vladimir@nimbusds.com>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0FD0621F869D for <jose@ietfa.amsl.com>; Fri, 1 Jun 2012 05:16:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.561
X-Spam-Level:
X-Spam-Status: No, score=-2.561 tagged_above=-999 required=5 tests=[AWL=0.038, BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id r-tIYikKHYx4 for <jose@ietfa.amsl.com>; Fri, 1 Jun 2012 05:16:01 -0700 (PDT)
Received: from n1plwbeout07-02.prod.ams1.secureserver.net (n1plsmtp07-02-02.prod.ams1.secureserver.net [188.121.52.107]) by ietfa.amsl.com (Postfix) with SMTP id 9654F21F8951 for <jose@ietf.org>; Fri, 1 Jun 2012 05:15:43 -0700 (PDT)
Received: (qmail 26210 invoked from network); 1 Jun 2012 12:15:36 -0000
Received: from unknown (HELO localhost) (188.121.52.246) by n1plwbeout07-02.prod.ams1.secureserver.net with SMTP; 1 Jun 2012 12:15:36 -0000
Received: (qmail 9791 invoked by uid 99); 1 Jun 2012 12:15:36 -0000
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"
X-Originating-IP: 46.10.79.251
User-Agent: Workspace Webmail 5.6.18
Message-Id: <20120601051535.cc40c4f3d92d2001859047cd8cabb9ab.4028586602.wbe@email07.europe.secureserver.net>
From: Vladimir Dzhuvinov / NimbusDS <vladimir@nimbusds.com>
To: "jose@ietf.org" <jose@ietf.org>
Date: Fri, 01 Jun 2012 05:15:35 -0700
Mime-Version: 1.0
Subject: Re: [jose] JOSE top-level syntax proposal
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/jose>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 01 Jun 2012 12:16:02 -0000

> I think the (nice looking) Nimbus code, for instance, 
> splits on dots, base64url-decodes, interprets as UTF-8, 
> parses as JSON, extracts the "alg" element, looks up 
> the alg value to learn its type... then sees it is an 
> encrypted message and passes the original string to the 
> encryption code (where splitting/decoding/interpreting/
> parsing happens all over again).

Yes, it is indeed so.

An alternative would be to pass both the decoded header 
JSON and the entire raw message (because the raw header is
required for signature verification). I didn't do it
because that would make the subclass APIs more complicated 
and a bit awkward too. 

I don't know how much performance is lost there, however.


> For instance, a web app firewall might perform some 
> sanity checks on the content.

I understand. I think that was your initial concern when
you first brought up the issue.


> Or (if your app accepts unprotected and signed 
> messages), you can convert a signed message to an 
> unprotected one when the signing algorithm is 
> unrecognized. At least that doesn't punish the sender 
> for trying to offer some security (by signing), even 
> if you don't support that algorithm yet.

The current format doesn't make this impossible.


> As a bonus, a message's mode is instantly obvious to 
> developers (without cut 'n pasting a header into a 
> base64url decoding tool).

Yes, this can be handy.


I'm still neutral on this proposal and would like to see
what the others think. In terms of coding to update our
existing library it doesn't seem like much work.


Vladimir

v2.23.0 | Report a Bug | By Email