Re: [jose] #15: Broken examples in JWE / JWS
Richard Barnes <rlb@ipv.sx> Mon, 25 March 2013 22:05 UTC
Return-Path: <rlb@ipv.sx>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 981D321F8904 for <jose@ietfa.amsl.com>; Mon, 25 Mar 2013 15:05:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.274
X-Spam-Level:
X-Spam-Status: No, score=-1.274 tagged_above=-999 required=5 tests=[AWL=-0.849, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RDNS_NONE=0.1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zPAVaLN5kA88 for <jose@ietfa.amsl.com>; Mon, 25 Mar 2013 15:05:13 -0700 (PDT)
Received: from mail-ob0-x235.google.com (mail-ob0-x235.google.com [IPv6:2607:f8b0:4003:c01::235]) by ietfa.amsl.com (Postfix) with ESMTP id 25C7E21F8903 for <jose@ietf.org>; Mon, 25 Mar 2013 15:05:13 -0700 (PDT)
Received: by mail-ob0-f181.google.com with SMTP id ni5so6467023obc.26 for <jose@ietf.org>; Mon, 25 Mar 2013 15:05:12 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:x-received:x-originating-ip:in-reply-to:references :date:message-id:subject:from:to:cc:content-type:x-gm-message-state; bh=SW2CUx71JiOkbWMkXRaPHQxR+yWqEo6TD4qcmwrwlGQ=; b=QyFPnLp1Eqd0Tm7AoaHOSudNrK9HTWTbpUH11rpRpCLgSBEQVgWgsssCaGptL+QlT8 dYQejW2yuTDLzegTSPf1Tq09+X6aDwaW3PX1GzC6HktWZwwgbcfJBAZu0okgnrM+GYjG wMWKS5ehRtmI/PO0xjilFQcj5bP1RAmY2g1JNtklX4kLeI/YSu2P4Zy/QJl+56Fc50NM UTXFeOBLaXjr6dZ3GcKpDbGHQz92KqZkQMjdP7T6X1/wGVIiGPyR8mK0zkzBG1tAUvtz qWmMZylsFQH0boXGWS2XEY/HXrJUxLXQYmuQ4xqFcH3/5nSXj6wByI9L6FdLTF/MbiL6 sKSA==
MIME-Version: 1.0
X-Received: by 10.182.132.43 with SMTP id or11mr1072557obb.67.1364249112593; Mon, 25 Mar 2013 15:05:12 -0700 (PDT)
Received: by 10.60.172.146 with HTTP; Mon, 25 Mar 2013 15:05:12 -0700 (PDT)
X-Originating-IP: [192.1.51.16]
In-Reply-To: <4E1F6AAD24975D4BA5B1680429673943675886B8@TK5EX14MBXC283.redmond.corp.microsoft.com>
References: <049.dec2e6a11006261f47529bfcdfa8c51d@trac.tools.ietf.org> <064.854734170572ce8e0ba10611390025ce@trac.tools.ietf.org> <012701ce274a$8e17ca30$aa475e90$@augustcellars.com> <CAL02cgQ00JWPph9irvkcyqHi=gOMVt4W9J47e_UMWxdr=1_=MQ@mail.gmail.com> <013c01ce2763$ef72d950$ce588bf0$@augustcellars.com> <CAL02cgRZA8vvXcUjpnPMzjzZYLbNFTbceZ9JyjQwBt5bpuy5Aw@mail.gmail.com> <CA+k3eCR+GGRA_CSRXktGzGqV-8aZuvpYBDAR8UUFeZ0=NiEMAw@mail.gmail.com> <CAL02cgRQF18RPmCOAs-ObF=prVpcTO3q9YpRKE7hUwKPxzROKw@mail.gmail.com> <4E1F6AAD24975D4BA5B1680429673943675886B8@TK5EX14MBXC283.redmond.corp.microsoft.com>
Date: Mon, 25 Mar 2013 18:05:12 -0400
Message-ID: <CAL02cgS06z50tO0txEgROVx6rJGziu-Tqwa3YV2mw-2J-2T9UQ@mail.gmail.com>
From: Richard Barnes <rlb@ipv.sx>
To: Mike Jones <Michael.Jones@microsoft.com>
Content-Type: multipart/alternative; boundary="14dae93a0c17be18c704d8c6ffbf"
X-Gm-Message-State: ALoCoQmxqEiohaSyAkzpOsVHsivbGhQ+qYhpWJUIxQ3po/26VcRyfqoIXluDPQjiNXWXK9TR/jWz
Cc: "draft-ietf-jose-json-web-encryption@tools.ietf.org" <draft-ietf-jose-json-web-encryption@tools.ietf.org>, Jim Schaad <ietf@augustcellars.com>, Brian Campbell <bcampbell@pingidentity.com>, "jose@ietf.org" <jose@ietf.org>
Subject: Re: [jose] #15: Broken examples in JWE / JWS
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/jose>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 25 Mar 2013 22:05:14 -0000
IF your application is always doing something out of band, and IF every JOSE object you ever receive uses the same out of band channel, and IF the JOSE library can locate the pre-negotiated parameters based on something other than the JOSE object, .... You can see where I'm going with this. In order for just leaving things out to be workable, you have to bake some of that out-of-band logic into your JOSE library. In which case it's not really out-of-band any more, and we should specify it. And clearly specifying security negotiation protocol is not in scope for this group. If you have an explicit marking (e.g., SPI), there's a clean interface between the stuff that only knows JOSE and stuff that does negotiation. (BTW, +1 to what Jim said) On Mon, Mar 25, 2013 at 5:54 PM, Mike Jones <Michael.Jones@microsoft.com>wrote: > If you already know that something is going on out of band, the > indication in the JOSE object would be unnecessary.**** > > ** ** > > -- Mike*** > * > > ** ** > > *From:* jose-bounces@ietf.org [mailto:jose-bounces@ietf.org] *On Behalf > Of *Richard Barnes > *Sent:* Monday, March 25, 2013 2:31 PM > *To:* Brian Campbell > *Cc:* draft-ietf-jose-json-web-encryption@tools.ietf.org; Jim Schaad; > jose@ietf.org > > *Subject:* Re: [jose] #15: Broken examples in JWE / JWS**** > > ** ** > > I realize that's the common case. But the spec doesn't say that. **** > > ** ** > > All I'm saying is, the spec should REQUIRE that a sender include either a > key indicator, or an indication that something is going on out of band.*** > * > > ** ** > > --Richard**** > > ** ** > > ** ** > > On Mon, Mar 25, 2013 at 8:15 AM, Brian Campbell < > bcampbell@pingidentity.com> wrote:**** > > /* special magic */ is just some out of band agreement on the key to use > or how to infer it. Which isn't really special or magic. But probably > pretty common.**** > > ** ** > > On Fri, Mar 22, 2013 at 7:37 PM, Richard Barnes <rlb@ipv.sx> wrote:**** > > I've renamed the issue to try to clarify.**** > > ** ** > > You're right that there are alternative ways to locate a key. But a JOSE > object needs to contain at least one of them, or else the /* special magic > */ clause applies. **** > > ** ** > > --Richard**** > > ** ** > > On Fri, Mar 22, 2013 at 9:15 PM, Jim Schaad <ietf@augustcellars.com> > wrote:**** > > This may or may not be a flaw in the specification. However the item you > created in the tracker does not reflect what you have put here. I think > you would be better served by saying that there is a flaw in the > specifications in that there should be a MUST that some type of key or key > reference is required in a JWS or JWE.**** > > **** > > I would note that your example code should be more complex in that it does > not deal with jku or any of the x* methods of referencing keys.**** > > **** > > Jim**** > > **** > > **** > > *From:* Richard Barnes [mailto:rlb@ipv.sx] > *Sent:* Friday, March 22, 2013 4:09 PM > *To:* Jim Schaad > *Cc:* draft-ietf-jose-json-web-encryption@tools.ietf.org; jose@ietf.org*** > * > > > *Subject:* Re: [jose] #15: Broken examples in JWE / JWS**** > > **** > > I admit that they are not broken according to the current spec. However, > I have a lot of trouble figuring out how I would write code to process them. > **** > > **** > > If "kid" or "jwk" MUST be present to indicate what key I should use, then > I can have deterministic code:**** > > if (/* recognized "kid" or "jwk" value */) { **** > > /* use it */**** > > } else {**** > > /* FAIL. can't process this object */**** > > }**** > > **** > > As the spec stands, I have no idea what to put in that "else" clause. I'm > clearly not supposed to fail, because the parameters are optional. But > what else?**** > > if (/* recognized "kid" or "jwk" value */) { **** > > /* use it */**** > > } else {**** > > /* insert special magic here */**** > > }**** > > **** > > This is actually what SPI is supposed to clear up. SPI would provide an > explicit third branch for the special magic to live in.**** > > if (/* recognized "kid" or "jwk" value */) { **** > > /* use it */**** > > } else if (/* recognized SPI value */) {**** > > /* process using stored parameters */**** > > } else {**** > > /* FAIL. can't process this object */**** > > }**** > > **** > > But without the concept of SPI, the spec is broken because of the > non-determinism noted above.**** > > **** > > --Richard**** > > **** > > **** > > **** > > On Fri, Mar 22, 2013 at 6:13 PM, Jim Schaad <ietf@augustcellars.com> > wrote:**** > > My inclination is that this response is correct. > > What make you think that the key or key reference is required and cannot be > implied? > > Jim**** > > > > > -----Original Message----- > > From: jose-bounces@ietf.org [mailto:jose-bounces@ietf.org] On Behalf Of > > jose issue tracker > > Sent: Friday, March 22, 2013 2:37 PM > > To: draft-ietf-jose-json-web-encryption@tools.ietf.org; > ignisvulpis@gmail.com > > Cc: jose@ietf.org > > Subject: Re: [jose] #15: Broken examples in JWE / JWS > > > > #15: Broken examples in JWE / JWS > > > > > > Comment (by ignisvulpis@gmail.com): > > > > I think this is not an issue. The examples are NOT broken and they do > not > > need a fix. > > I suggest to close this ticket. > > The draft should definitely not make these illegal. These objects are > perfect > > examples for a valid JWS/JWE. > > > > -- > > -------------------------+---------------------------------------------- > **** > > > -------------------------+---**** > > > Reporter: rlb@ipv.sx | Owner: draft-ietf-jose-json-web- > > Type: defect | encryption@tools.ietf.org > > Priority: minor | Status: new > > Component: json-web- | Milestone: > > encryption | Version: > > Severity: - | Resolution: > > Keywords: | > > -------------------------+---------------------------------------------- > **** > > > -------------------------+---**** > > > > > Ticket URL: <http://trac.tools.ietf.org/wg/jose/trac/ticket/15#comment:1 > > > > jose <http://tools.ietf.org/jose/> > > > > _______________________________________________ > > jose mailing list > > jose@ietf.org > > https://www.ietf.org/mailman/listinfo/jose**** > > **** > > ** ** > > > _______________________________________________ > jose mailing list > jose@ietf.org > https://www.ietf.org/mailman/listinfo/jose**** > > ** ** > > ** ** >
- Re: [jose] #15: At least one key indicator should… jose issue tracker
- [jose] #15: Broken examples in JWE / JWS jose issue tracker
- Re: [jose] #15: Broken examples in JWE / JWS jose issue tracker
- Re: [jose] #15: Broken examples in JWE / JWS Jim Schaad
- Re: [jose] #15: Broken examples in JWE / JWS Richard Barnes
- Re: [jose] #15: Broken examples in JWE / JWS jose issue tracker
- Re: [jose] #15: Broken examples in JWE / JWS Richard Barnes
- Re: [jose] #15: Broken examples in JWE / JWS Jim Schaad
- Re: [jose] #15: At least one key indicator should… jose issue tracker
- Re: [jose] #15: Broken examples in JWE / JWS Richard Barnes
- Re: [jose] #15: At least one key indicator should… jose issue tracker
- Re: [jose] #15: Broken examples in JWE / JWS Brian Campbell
- Re: [jose] #15: Broken examples in JWE / JWS Richard Barnes
- Re: [jose] #15: Broken examples in JWE / JWS Mike Jones
- Re: [jose] #15: Broken examples in JWE / JWS Jim Schaad
- Re: [jose] #15: Broken examples in JWE / JWS Richard Barnes
- Re: [jose] #15: Broken examples in JWE / JWS Dick Hardt
- Re: [jose] #15: Broken examples in JWE / JWS Mike Jones
- Re: [jose] #15: Broken examples in JWE / JWS Dick Hardt
- Re: [jose] #15: Broken examples in JWE / JWS Dick Hardt
- Re: [jose] #15: At least one key indicator should… jose issue tracker
- Re: [jose] #15: At least one key indicator should… jose issue tracker
- Re: [jose] #15: At least one key indicator should… jose issue tracker