Re: [jose] Should we keep or remove the JOSE JWS and JWE MIME types?
"Manger, James H" <James.H.Manger@team.telstra.com> Wed, 19 June 2013 06:20 UTC
Return-Path: <James.H.Manger@team.telstra.com>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2757521F972C for <jose@ietfa.amsl.com>; Tue, 18 Jun 2013 23:20:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.654
X-Spam-Level:
X-Spam-Status: No, score=-0.654 tagged_above=-999 required=5 tests=[AWL=0.247, BAYES_00=-2.599, HELO_EQ_AU=0.377, HOST_EQ_AU=0.327, RELAY_IS_203=0.994]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eV-5ehlPfPOb for <jose@ietfa.amsl.com>; Tue, 18 Jun 2013 23:20:52 -0700 (PDT)
Received: from ipxcvo.tcif.telstra.com.au (ipxcvo.tcif.telstra.com.au [203.35.135.208]) by ietfa.amsl.com (Postfix) with ESMTP id 1792B21F9928 for <jose@ietf.org>; Tue, 18 Jun 2013 23:20:48 -0700 (PDT)
X-IronPort-AV: E=Sophos;i="4.87,895,1363093200"; d="scan'208";a="142397451"
Received: from unknown (HELO ipccvi.tcif.telstra.com.au) ([10.97.217.208]) by ipocvi.tcif.telstra.com.au with ESMTP; 19 Jun 2013 16:20:47 +1000
X-IronPort-AV: E=McAfee;i="5400,1158,7110"; a="139774339"
Received: from wsmsg3705.srv.dir.telstra.com ([172.49.40.203]) by ipccvi.tcif.telstra.com.au with ESMTP; 19 Jun 2013 16:20:47 +1000
Received: from WSMSG3153V.srv.dir.telstra.com ([172.49.40.159]) by WSMSG3705.srv.dir.telstra.com ([172.49.40.203]) with mapi; Wed, 19 Jun 2013 16:20:46 +1000
From: "Manger, James H" <James.H.Manger@team.telstra.com>
To: Mike Jones <Michael.Jones@microsoft.com>, "jose@ietf.org" <jose@ietf.org>
Date: Wed, 19 Jun 2013 16:20:45 +1000
Thread-Topic: Should we keep or remove the JOSE JWS and JWE MIME types?
Thread-Index: Ac5si+PCJyNtJjwFQ3SCQ8Y9W8ChrQAAxHXwAAc8BoAAAJhEYA==
Message-ID: <255B9BB34FB7D647A506DC292726F6E1151BA6ABB8@WSMSG3153V.srv.dir.telstra.com>
References: <4E1F6AAD24975D4BA5B1680429673943678735D4@TK5EX14MBXC283.redmond.corp.microsoft.com> <255B9BB34FB7D647A506DC292726F6E1151BA6A75E@WSMSG3153V.srv.dir.telstra.com> <4E1F6AAD24975D4BA5B1680429673943678738FD@TK5EX14MBXC283.redmond.corp.microsoft.com>
In-Reply-To: <4E1F6AAD24975D4BA5B1680429673943678738FD@TK5EX14MBXC283.redmond.corp.microsoft.com>
Accept-Language: en-US, en-AU
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US, en-AU
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Subject: Re: [jose] Should we keep or remove the JOSE JWS and JWE MIME types?
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/jose>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 19 Jun 2013 06:20:58 -0000
> So we agree that dropping the JWS and JWE media types is a reasonable > thing to do. *Replacing* them with a JOSE media type is a reasonable thing to do. > As far as adding a complicated new media type without a clear use case > to do so, we don't agree. We're not trying to boil the ocean here. The web works by labelling each data format with a media type. I don't want to boil the ocean. I want to work with the web. > This thread was intended to be about simplifying things by removing > things that aren't actually being used - not adding new complicated > things that also aren't being used. The only reason a JOSE media type is not being used is that JWT defined its own media type, probably because no suitable JOSE media type existed. As an analogy, if application/json was not defined every app using JSON would need to define an app-specific media type. In practice, application/json is convenient in many situations. > For context on your proposal below, you've proposed several times in > several ways to completely restructure the processing rules for JWS and > JWE. None of those have gained traction with the working group to > date. Your proposal below seems to be more of the same - at least to > me. The "typ" fiasco showed many others also want a way to indicate the "mode" of a JOSE message. > One of the problems this would create would be having multiple ways of > indicating whether the object is a JWS or JWE - both the "alg" value > and the additional values you propose. As opposed to the multiple ways today - both the "alg" value and the presence/absence of "enc". My proposal defines 1 deterministic way (ie "mode" takes precedence): Mode = header.get("mode) If mode === undefined then Alg = header.get("alg") Mode = TABLE_OF_ALGS.get(alg).get("mode") EndIf Switch (mode) Case "sig1" ...verify signature... Case "enc1" ...decrypt... Default ...ERROR: unsupported message... EndSwitch > A problem with such duplication > is that it creates new error conditions to handle. For instance, what > if your new parameters said that the content was a JWS but the content > was actually a JWE? {"mode":"sig1", "alg":"ECDH-ES"} "mode" is "sig1" so the recipient tries to verify a signature, but fails because the "alg" value isn't a signature algorithm. Trivial. Not much different from a draft-11 message that has {"alg":"HS256", "enc":"A256GCM"}. Actually, my proposal is much better. With draft-11, half the recipients will process this as a JWS (based on "alg"), the other half will process this as a JWE (based on "enc") so who knows what will happen. > That's a new error condition that rules would have > to be specified to handle. Draft-11 doesn't specify rules for handling {"alg":"HS256", "enc":"A256GCM"}. It merely implies it cannot occur for legal input values -- no different than "mode" and "alg" contradicting each other. > It seems better to have one way of > determining this, rather multiple ways that might conflict. Agree. My proposal gives 1 way (that involves 2 steps to aid backward compatibility). > Without a clear use case for adding the complicated media type you > describe below which seems far from minimal, including saying why its > goals can't be accomplished with what already exists, I don't think it > makes sense. My view, anyway... If the JOSE group decides media type parameters are too complicated I could live with just application/jose and application/jose+json. Even that would be much better than the current JWE/JWS/JWT media types. I think "inner" and "mode" media type parameters add value. -- James Manger > -----Original Message----- > From: jose-bounces@ietf.org [mailto:jose-bounces@ietf.org] On Behalf Of > Manger, James H > Sent: Tuesday, June 18, 2013 8:52 PM > To: Mike Jones; jose@ietf.org > Subject: Re: [jose] Should we keep or remove the JOSE JWS and JWE MIME > types? > > Good questions, Mike. My (backward compatible) suggestions below. > > > The JWS and JWE documents currently define these MIME types for the > > convenience of applications that may want to use them: > > application/jws > > application/jws+json > > application/jwe > > application/jwe+json > > Drop these. > Define application/jose and application/jose+json. > > Allow two optional parameters on these media types: > > inner -- indicates the media type of the content of the JOSE message, > after removing 1 or more layers of JOSE protection. For instance, if a > JPEG image is signed with an RSA key, then encrypted with AES-GCM, > inner would be image/jpeg. > > mode -- indicates the sort of protection applied (eg signed, > encrypted, unprotected...). If multiple modes of protection are applied > in turn (eg signed then encrypted) they can all be listed: from the > outer-most mode to the inner-most; separated by a plus (eg > mode="enc+sig"). > > > A "mode" media type parameter would be easy to specify if JOSE messages > had a corresponding header field, instead of inferring the sort of > processing from the "alg" value. :-( > > > Suggestion: > > 1. Define a header parameter that indicates the sort of processing. Its > name could be "T", or "mode" (just not "typ" as that is too confused). > [I like "T" (short; stands out as THE primary field in a JOSE message), > but I use "mode" below to be a little less controversial.] > > 2. Create a registry for "mode" values. > > 3. Define some initial "mode" values, alongside the spec for that > processing: > "sig1" for digitally signing B64(header).B64(content); > "mac1" for MAC over B64(header).B64(content); > "enc1" for AEAD, where AAD is B64(header) > "none" for unprocessed content > "cmp" for compressed (but not protected) content > "enc2" for AEAD applied differently (as per the JSON representation) > ... > > 4. Allow the "mode" parameter to be absent if an "alg" value is present > and has a default "mode". This maintains compatibility with JOSE > messages based on previous drafts. > > 5. Define the default "mode" for existing "alg" values. For instance, > for "alg":"HS256" the default is "mode":"mac1". The registry of alg > values would have a column for the default mode (though new algs can > leave that column blank). > > 6. Drop the "crit" field. If you are creating a JOSE message with new > semantics that MUST be understood, just define a new "mode" value. For > example, to avoid some base64 overhead you could define "mode":"sig2" > to mean digitally sign header||content||len(header). > > 7. Allow a list of "mode" values to be specified as a parameter on a > JOSE media type. > > > [probably] > 8. A plus sign "+" can be appended to any "mode" value to indicate that > the content of this JOSE layer is another JOSE layer. That is, process > this message as per the "mode" without the "+", then process the > content as another JOSE message. > [Appending "+" is simpler than "cty":"jws" or "more":true, but assumes > the inner JOSE message uses the same serialization as the outer one.] > > > End result: simpler, more easily understood by people; one field that > is suitable for an implementation to use to switch to the appropriate > processing code; backward compatible with earlier drafts; clear > mechanism for making changes that MUST-be-understood (that we can be > confident code will notice). > > > > > That being said, I’m not aware of any uses of these by applications > at > > present. > > Apps such as OpenID Connect could use: > application/jose;inner=application/jwt+json > > Apps can still define their own media types for JOSE messages (eg > application/jwt) though that should not be necessary. > > > > Thus, I think that makes it fair game to ask whether we want to > keep > >them or remove them – in which case, if applications ever needed > them, > >they could define them later. > > > > Another dimension of this question for JWS and JWE is that it’s not > > clear that the four types application/jws, application/jws+json, > > application/jwe, and application/jwe+json are even the right ones. > It > > might be more useful to have generic application/jose and > > application/jose+json types, which could hold either JWS or JWE > > objects respectively using the compact or JSON serializations > > (although I’m not advocating adding them at this time). > > > > Having different JWS versus JWE MIME types apparently did contribute > > to at least Dick’s confusion about the purpose of the “typ” field, so > > deleting them could help eliminate this possibility of confusion in > > the future. Thus, I’m increasingly convinced we should get rid of > the > > JWS and JWE types and leave it up to applications to define the types > > they need, when they need them. > > > > Do people have use cases for these four MIME types now or should we > > leave them to future specs to define, if needed? > > We are defining a format for use on the web. The web identifies formats > via media types. So JOSE needs to define media types. > > -- > James Manger
- Re: [jose] Should we keep or remove the JOSE JWS … Manger, James H
- [jose] Should we keep or remove the JOSE JWS and … Mike Jones
- Re: [jose] Should we keep or remove the JOSE JWS … Jim Schaad
- Re: [jose] Should we keep or remove the JOSE JWS … Mike Jones
- Re: [jose] Should we keep or remove the JOSE JWS … Manger, James H
- Re: [jose] Should we keep or remove the JOSE JWS … Richard Barnes
- Re: [jose] Should we keep or remove the JOSE JWS … Mike Jones
- Re: [jose] Should we keep or remove the JOSE JWS … Justin Richer
- Re: [jose] Should we keep or remove the JOSE JWS … Justin Richer
- Re: [jose] Should we keep or remove the JOSE JWS … Richard Barnes
- Re: [jose] Should we keep or remove the JOSE JWS … Matt Miller (mamille2)
- Re: [jose] Should we keep or remove the JOSE JWS … Justin Richer
- Re: [jose] Should we keep or remove the JOSE JWS … Mike Jones
- Re: [jose] Should we keep or remove the JOSE JWS … Mike Jones
- Re: [jose] Should we keep or remove the JOSE JWS … Richard Barnes
- Re: [jose] Should we keep or remove the JOSE JWS … Jim Schaad
- Re: [jose] Should we keep or remove the JOSE JWS … Mike Jones
- Re: [jose] Should we keep or remove the JOSE JWS … Edmund Jay
- Re: [jose] Should we keep or remove the JOSE JWS … Richard Barnes
- Re: [jose] Should we keep or remove the JOSE JWS … Brian Campbell
- Re: [jose] Should we keep or remove the JOSE JWS … Richard Barnes
- Re: [jose] Should we keep or remove the JOSE JWS … John Bradley
- Re: [jose] Should we keep or remove the JOSE JWS … Manger, James H
- Re: [jose] Should we keep or remove the JOSE JWS … Tony Hansen