IETF Logo Mail Archive

Re: [jose] Do we have actual normative text which curves are allowed / standard for ECDH-ES in JOSE?

Filip Skokan <panva.ip@gmail.com> Tue, 03 November 2020 21:51 UTC

Return-Path: <panva.ip@gmail.com>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9F6203A121B for <jose@ietfa.amsl.com>; Tue, 3 Nov 2020 13:51:01 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 56DgZ6GsKO6Y for <jose@ietfa.amsl.com>; Tue, 3 Nov 2020 13:50:59 -0800 (PST)
Received: from mail-yb1-xb36.google.com (mail-yb1-xb36.google.com [IPv6:2607:f8b0:4864:20::b36]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CA41B3A1218 for <jose@ietf.org>; Tue, 3 Nov 2020 13:50:59 -0800 (PST)
Received: by mail-yb1-xb36.google.com with SMTP id h196so16207368ybg.4 for <jose@ietf.org>; Tue, 03 Nov 2020 13:50:59 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=7N0B2++RPK5jV4N4vUdqWFZWMWdGHZOIxb8KOw0HTZ0=; b=ocm5+m3NGNlGesoQx0Xfu6cJUZyufZ6hpCZNCRK+rdJ63C5x76ZfSEkBx1a6iArZ48 NTEii9GI9wzrt0QFVVl3QewjLwdXc7ZBMowop506dkHozvtKflDlGplA+gM/Q2Eyqzr2 1K2ZNqIc4PrncLOVsyvoRC3D6QdWGHIp6I/6s3lfYa5S0ZdpRWYvMMnABYMVdr+ZcdA9 EYIi8KkZu0YZRCbRbJZgI02PR5Fjh8/tFJ6TCWBGNHwQXazYQr1txpk9tD5c8YNDAGtm Xj0jDsFCD4zfHqqUy5vHVqyMeOOifV5dohGR5gVuBpBJXEB2o8cTFQIQUA8VbJUDYXrp jg9A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=7N0B2++RPK5jV4N4vUdqWFZWMWdGHZOIxb8KOw0HTZ0=; b=hgkKL85+UQpnM85iAr/8ExbpJH50SFzJsV/vq8PzL//VIZG8BbvvtK6Wjn8/iBt05I rsBc9lYDOFUNuJ+vmoVZsyE9A0jrpN2ysn7Gm8q/pGgZmcvKiv3kq9knNAkkOrcMMaBV 7THlzPdgMTLWXUDl7cu8OT7Gv2U2Ic7ic9r+0Px1lUA3x3cUeqnHMe0wVyQS/GyimRDL ssRX9iDNtHrVuxJH5wmsPKL5M3uCS4Wh9yajuPSiq3GRdFpKD0pcEanqYkTgtAXCy/LQ 99F3FkVimxDfSdHikT/KWelCQCEKObdZhGg33UyL7TT7TK2beqLfKlW20Pdzo8IkL+Ak dU8A==
X-Gm-Message-State: AOAM533da3FiyoJpigkbnOfAYvTix4iXEu7zatfZR7dTLd7j95JGbRVH Vz/I/5X/J8RQGtkvTS07xnJuQnLejfhPUmaREg==
X-Google-Smtp-Source: ABdhPJxU1AcYjh1maSPYWQN5D5zVRy76FJ3aQQbxYyOBz6JfMkdjZkyX3iQ1i8wFzK0oiLDMsMpXzttU+XP1u1BouRo=
X-Received: by 2002:a25:a369:: with SMTP id d96mr29081806ybi.254.1604440258876; Tue, 03 Nov 2020 13:50:58 -0800 (PST)
MIME-Version: 1.0
References: <b29e1554-42ae-3ce3-037b-ca3eaa4087d8@connect2id.com>
In-Reply-To: <b29e1554-42ae-3ce3-037b-ca3eaa4087d8@connect2id.com>
From: Filip Skokan <panva.ip@gmail.com>
Date: Tue, 03 Nov 2020 22:50:22 +0100
Message-ID: <CALAqi_-cYB1i4OZz6r9dtLziRn1jm1_5oVHCkXu2PMLYcW11JA@mail.gmail.com>
To: Vladimir Dzhuvinov <vladimir@connect2id.com>
Cc: "jose@ietf.org" <jose@ietf.org>, "Voss, Ray" <ray.voss@jpmorgan.com>, "Hamad, Samer K" <samer.k.hamad@chase.com>
Content-Type: multipart/alternative; boundary="000000000000b199bf05b33adbe5"
Archived-At: <https://mailarchive.ietf.org/arch/msg/jose/C1PZjpYEszVKoqyMNytev4czVqI>
Subject: Re: [jose] Do we have actual normative text which curves are allowed / standard for ECDH-ES in JOSE?
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/jose/>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 03 Nov 2020 21:51:02 -0000

Hi Vladimir,

I kinda got the same question from someone a couple days ago and could
pinpoint a clear normative answer.

We have https://tools.ietf.org/html/rfc7520 that shows ECDH-ES with P-384
and P-256. In not having any normative text around these curves being
allowed or P-521 being disallowed I always assumed all original three are
fair use for ECDH-ES (and its composite KW variants).

We also have https://tools.ietf.org/html/rfc8037 which specifically
mentions X25519 and X448 OKP subtypes to be usable for ECDH-ES (and its
composite KW variants).

Then we have the JOSE registration of EC secp256k1 curve which specifically
mentions that the curve is NOT released for ECDH in that document.

So,

EC P-256
EC P-384
EC P-521
OKP X25519
OKP X448

S pozdravem,
*Filip Skokan*


On Tue, 3 Nov 2020 at 22:40, Vladimir Dzhuvinov <vladimir@connect2id.com>
wrote:

> Today we received the question why the Nimbus JOSE+JWT lib supports the
> EC curves it does for ECDH (P-256, P-384, P-512) and I couldn't find any
> normative text or reference in the JWA spec to explain this.
>
> https://tools.ietf.org/html/rfc7518#section-4.6
>
>
> We also looked at the IANA registry for hints:
>
> https://www.iana.org/assignments/jose/jose.xhtml
>
>
> Contrast this with the JWS ECDSA, where the curves to go with the ESxxx
> algs are specced:
>
> https://tools.ietf.org/html/rfc7518#section-3.4
>
>
> Can someone help here? :)
>
>
> Thanks,
>
> Vladimir
>
> --
> Vladimir Dzhuvinov
>
>
> _______________________________________________
> jose mailing list
> jose@ietf.org
> https://www.ietf.org/mailman/listinfo/jose
>

v2.23.0 | Report a Bug | By Email