Re: [jose] Proposed resolution of header criticality issue: meta/asd
Richard Barnes <rlb@ipv.sx> Tue, 12 March 2013 14:30 UTC
Return-Path: <rlb@ipv.sx>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4F85B21F86D5 for <jose@ietfa.amsl.com>; Tue, 12 Mar 2013 07:30:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.499
X-Spam-Level:
X-Spam-Status: No, score=-2.499 tagged_above=-999 required=5 tests=[AWL=0.477, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7t2dmjVigKOP for <jose@ietfa.amsl.com>; Tue, 12 Mar 2013 07:30:50 -0700 (PDT)
Received: from mail-oa0-f51.google.com (mail-oa0-f51.google.com [209.85.219.51]) by ietfa.amsl.com (Postfix) with ESMTP id A8A3921F84CA for <jose@ietf.org>; Tue, 12 Mar 2013 07:30:49 -0700 (PDT)
Received: by mail-oa0-f51.google.com with SMTP id h2so5779325oag.38 for <jose@ietf.org>; Tue, 12 Mar 2013 07:30:49 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:x-received:x-originating-ip:in-reply-to:references :date:message-id:subject:from:to:cc:content-type:x-gm-message-state; bh=HrAvqixjGjm1+1hPDsbURLq0sLU7Sm3L8wlzXlH5wrw=; b=K8WkGJvRtlGu8mvk/eiWMkQ+CucLbyNsHrsoZ4ysBh7t6hpky1AlhWaoV4nFEOTCPf ovjj17tsr0Hg0psxk486IPCih4E+KOh8tp8DnSpG98TPYj6iZSAkkTS6qAdRnHq3pFMg pihzs9V3OE7/JLFCBtdto3Y87vK1TK4sMUM4OP/YGUhkIMgdE7E2kBOLsEe1RS1sUiC5 w4Y0719qEzOhTv24co/5bIF2NzpENs9OMjyKH1lEuQt+HgKSzgCBFJitgresTd6cjQJE +eZHu+/5cjfJ65LSVGeDkknDURrh/jy5dOv6zkyrcw6CQJLNY7nWbSEHyTbIUuI8GYRU uRYw==
MIME-Version: 1.0
X-Received: by 10.60.172.18 with SMTP id ay18mr12074464oec.126.1363098648062; Tue, 12 Mar 2013 07:30:48 -0700 (PDT)
Received: by 10.60.40.233 with HTTP; Tue, 12 Mar 2013 07:30:47 -0700 (PDT)
X-Originating-IP: [128.89.254.2]
In-Reply-To: <4E1F6AAD24975D4BA5B1680429673943674FBA8E@TK5EX14MBXC283.redmond.corp.microsoft.com>
References: <4E1F6AAD24975D4BA5B1680429673943674FBA8E@TK5EX14MBXC283.redmond.corp.microsoft.com>
Date: Tue, 12 Mar 2013 10:30:47 -0400
Message-ID: <CAL02cgTu0k99WgGoGxuEx8TgN9Y0fuWuUYoL4t043gzF-K_6QA@mail.gmail.com>
From: Richard Barnes <rlb@ipv.sx>
To: Mike Jones <Michael.Jones@microsoft.com>
Content-Type: multipart/alternative; boundary="bcaec54fae48b63f0904d7bb2243"
X-Gm-Message-State: ALoCoQkhlrUIiaf81cH8XWyRH3MrtxmkHjWN9QSLxlTvqPMC0QyucWtTefZTAQheyXHBjdLF//c0
Cc: James H Manger <James.H.Manger@team.telstra.com>, "jose@ietf.org" <jose@ietf.org>
Subject: Re: [jose] Proposed resolution of header criticality issue: meta/asd
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/jose>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 12 Mar 2013 14:30:51 -0000
That's a good example of an application making a field mandatory. It doesn't have to be mandatory in the base spec. Unlike with "zip", you don't have to understand "cty" when you validate a signature or decrypt an object. So I would put it in the "MAY ignore" bin. On Tue, Mar 12, 2013 at 10:06 AM, Mike Jones <Michael.Jones@microsoft.com>wrote: > The content type field is used as input to crypto processing rules and > is not necessarily application-specific data. For instance, see JWT’s > normative use of the field to convey structural information in > http://tools.ietf.org/html/draft-ietf-oauth-json-web-token-06#section-7. > > *From:* Manger, James H > *Sent:* March 12, 2013 6:40 AM > *To:* Mike Jones, rlb@ipv.sx > *CC:* jose@ietf.org > *Subject:* Re: [jose] Proposed resolution of header criticality issue: > meta/asd > > I would put "cty" (content type) under "meta". > > Mike, do you think "cty" isn't needed, or that there is no value in > separating such a field from the others? > > -- > James Manger > > ----- Reply message ----- > From: "Mike Jones" <Michael.Jones@microsoft.com> > Date: Wed, Mar 13, 2013 12:07 am > Subject: [jose] Proposed resolution of header criticality issue > To: "John Bradley" <ve7jtb@ve7jtb.com>, "Richard Barnes" <rlb@ipv.sx> > Cc: "Tim Bray" <tbray@textuality.com>, "Manger, James H" < > James.H.Manger@team.telstra.com>, "Karen O'Donoghue" < > odonoghue@isoc.org>, "jose" <jose@ietf.org> > > I’m with Richard on this. The application-specific-data/meta field isn’t > needed. > > -- Mike > > From: Richard Barnes > Sent: March 11, 2013 10:02 PM > To: John Bradley > CC: Tim Bray, Manger, James H, Karen ODonoghue, jose > Subject: Re: [jose] Proposed resolution of header criticality issue > > +1 to cheers. I already high-fived Mike in person. > > FWIW, my preference would be to get rid of "asd" or "meta" (part 5). I > don't think it's relevant to the criticality discussion, and it's just not > needed. > > --Richard > > > > On Mon, Mar 11, 2013 at 11:01 PM, John Bradley <ve7jtb@ve7jtb.com<mailto: > ve7jtb@ve7jtb.com>> wrote: > > On 2013-03-11, at 10:48 PM, "Manger, James H" < > James.H.Manger@team.telstra.com<mailto:James.H.Manger@team.telstra.com>> > wrote: > > I’ll add some cheers — this does look like substantial progress. > > I assume the fields such as “epk”, “apu” etc that sometimes must be > understood, and at other times must be ignored (depending on “alg” or “enc” > value) would NOT be listed in the “crit” field as they are defined in the > “base specs”. > > Correct > > Being in the “base specs” is the right criteria for whether a field should > be listed in “crit” as long as “base specs” means: “base specifications for > the particular “alg”/”enc” values”. It shouldn’t mean (and doesn’t have to > mean) the base spec for the whole JOSE system. > > > Crit is only for extensions, it is up to the extension definition to > decide if the field needs to be in crit. > > > P.S. “meta” might be a nicer label than “asd”. > > I don't have any particular attachment to the name. Some places things > like this are called associated data, though not the places normal people > go I grant you. > Meta-data about the payload is what it is, The current practice is to use > three character names. I am fine with met or meta (I suspect that if you > are throwing crap into the envelope the single character won't kill anyone. > > James if you like the solution and want it to be meta I will back you on > it :) > > John B. > > > -- > James Manger > > From: jose-bounces@ietf.org<mailto:jose-bounces@ietf.org> [mailto:jose- > <mailto:jose->bounces@ietf.org<mailto:bounces@ietf.org>] On Behalf Of Tim > Bray > Sent: Tuesday, 12 March 2013 12:43 PM > To: Karen ODonoghue > Cc: jose > Subject: Re: [jose] Proposed resolution of header criticality issue > > Cue wild cheers from the peanut gallery where non-cryptographers sit. > MustIgnore is infinitely more robust and open-ended than MustUnderstand. -T > > On Mon, Mar 11, 2013 at 5:31 PM, Karen O'Donoghue <odonoghue@isoc.org > <mailto:odonoghue@isoc.org>> wrote: > > Folks, > > A side meeting was held Sunday with a number of jose working group > participants to try to resolve the open issue related to header > criticality. The following are the proposed resolutions from the meeting. > Point 5 of the proposed resolution below is actually independent of the > other 4 points, and could be considered separately. This will all be > discussed in Wednesday's meeting. > > In addition to the text below, there was some agreement to replace the > "understand" text with something a bit more explicit like "must process". > However, that text has not been rolled into the summary text below yet. > > Thank you to Jim Schaad, Mike Jones, John Bradley, Nat Sakimura, Martin > Thomas, Eric Rescorla, Matt Miller, and Richard Barnes for your efforts > (and my apologies if I missed someone). > > Regards, > Karen > > 1: Change the language “Additional members MAY be present in the JWK. If > present, they MUST be understood by implementations using them.” to > “Additional members MAY be present in the JWK. If not understood by > implementations encountering them, they MUST be ignored.” (And make the > same change for JWK Set as well.) > > 2: Characterize all existing JWS and JWE header fields as either must be > understood or may be ignored. “alg”, “enc”, and “zip” must be understood. > “kid”, “x5u”, “x5c”, “x5t”, “jwk”, “jku”, “typ”, and “cty” can be ignored > because while not using them may result in the inability to process some > signatures or encrypted content, this will not result in a security > violation – just degraded functionality. Other fields such as “epk”, > “apu”, “apv”, “epu”, and “epv” must be understood and used when “alg” or > “enc” values requiring them are used, and otherwise they may be ignored. > > 3. Define a new header field that lists which additional fields not > defined in the base specifications must be understood and acted upon when > present. For instance, an expiration-time extension field could be marked > as must-be-understood-and-acted-upon. One possible name for this would be > “crit” (critical). An example use, along with a hypothetical “exp” > (expiration-time) field is: > > {"alg":"ES256", > "crit":["exp"], > "exp”:1363284000 > } > > 4. All additional header fields not defined in the base specifications > and not contained in the “crit” list MUST be ignored if not understood. > > 5. Define a new header field “asd” (application-specific data) whose > value is a JSON structure whose contents are opaque to and ignored by JWS > and JWE implementations but for which its contents MUST be provided to > applications using JWS or JWE, provided that the signature/MAC validation > or decryption operation succeeds. The intended use of this field is to > have a standard place to provide application-specific metadata about the > payload or plaintext. > > > > _______________________________________________ > jose mailing list > jose@ietf.org<mailto:jose@ietf.org> > https://www.ietf.org/mailman/listinfo/jose > > _______________________________________________ > jose mailing list > jose@ietf.org<mailto:jose@ietf.org> > https://www.ietf.org/mailman/listinfo/jose > > > _______________________________________________ > jose mailing list > jose@ietf.org<mailto:jose@ietf.org> > https://www.ietf.org/mailman/listinfo/jose > > >
- Re: [jose] Proposed resolution of header critical… Manger, James H
- Re: [jose] Proposed resolution of header critical… Mike Jones
- Re: [jose] Proposed resolution of header critical… Richard Barnes