IETF Logo Mail Archive

Re: [jose] DISCUSS: Nonce/Timestamp parameter

Daniel Holth <dholth@gmail.com> Fri, 05 October 2012 01:01 UTC

Return-Path: <dholth@gmail.com>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6A1C61F0C44 for <jose@ietfa.amsl.com>; Thu, 4 Oct 2012 18:01:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.901
X-Spam-Level:
X-Spam-Status: No, score=-2.901 tagged_above=-999 required=5 tests=[AWL=-0.699, BAYES_00=-2.599, HTML_MESSAGE=0.001, MIME_QP_LONG_LINE=1.396, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id euzoecsWyZ5v for <jose@ietfa.amsl.com>; Thu, 4 Oct 2012 18:00:59 -0700 (PDT)
Received: from mail-ob0-f172.google.com (mail-ob0-f172.google.com [209.85.214.172]) by ietfa.amsl.com (Postfix) with ESMTP id 590141F041F for <jose@ietf.org>; Thu, 4 Oct 2012 18:00:59 -0700 (PDT)
Received: by mail-ob0-f172.google.com with SMTP id v19so1417766obq.31 for <jose@ietf.org>; Thu, 04 Oct 2012 18:00:59 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=references:mime-version:in-reply-to:content-type :content-transfer-encoding:message-id:cc:x-mailer:from:subject:date :to; bh=uUjhpREkotqc8fZYXA+R3J/PdJ6Bnbaw+jF5aWi9U8s=; b=MPkLDJe2keYdzkGtmQHdzcciZ8/zCKvxJObwXo2B4IJyhBqdt+LLMIJVmYvClJavPB TQYcQ3qZGz2vVx3ao345ZGrLphjYe6vXG1WYjXq71Nb1a/RGptYbMgDD2FSS/1riGqE+ hOMRA4DVN3TApgb1pkc6IQcfE6iWxlkkSyf3i6o+oD8nN1RzKWHbJUsXdd4Ni+PaBEaW AKswz6LdVEyL2BDusF4yCM+iwNv+ukReJJFdO2CZ/DvNOqszdJCPGzbZD8XTw7uFfWeZ 02g8mxAXg42xxH7ZSoEacKHYgaAkR59SJs3Xnpq1eJVWQlwyIJhTBPRJV6RPUPVjrOf1 HIqQ==
Received: by 10.60.11.1 with SMTP id m1mr5784476oeb.47.1349398858896; Thu, 04 Oct 2012 18:00:58 -0700 (PDT)
Received: from ?IPv6:2001:470:8:e7c:908a:6c87:73c6:e647? ([2001:470:8:e7c:908a:6c87:73c6:e647]) by mx.google.com with ESMTPS id hz6sm8116891obb.1.2012.10.04.18.00.56 (version=SSLv3 cipher=OTHER); Thu, 04 Oct 2012 18:00:57 -0700 (PDT)
References: <CE8995AB5D178F44A2154F5C9A97CAF402517E00B8B5@HE111541.emea1.cds.t-internal.com> <CE8995AB5D178F44A2154F5C9A97CAF402517E00C0E7@HE111541.emea1.cds.t-internal.com> <8777DAED-4ADA-4691-B5CD-0E5CF308BC1C@gmail.com> <CALT9B_Tnz+9=a-NPuUTeSb31fFMi1cJMB-SeM7QJmSh=XrhHTA@mail.gmail.com> <6C5B4E61-C18F-470A-955C-B099A2208788@gmail.com> <CE8995AB5D178F44A2154F5C9A97CAF402517E00C107@HE111541.emea1.cds.t-internal.com> <97A7AE3F-E3AE-4F8A-9A34-8DCD780B3C05@gmail.com> <05f101cd8597$cff358c0$6fda0a40$@augustcellars.com> <4E1F6AAD24975D4BA5B1680429673943668025FD@TK5EX14MBXC284.redmond.corp.microsoft.com>
Mime-Version: 1.0 (1.0)
In-Reply-To: <4E1F6AAD24975D4BA5B1680429673943668025FD@TK5EX14MBXC284.redmond.corp.microsoft.com>
Content-Type: multipart/alternative; boundary="Apple-Mail-1DED3AF9-CCE8-466B-9B16-FAAA575CF88C"
Content-Transfer-Encoding: 7bit
Message-Id: <FCC99C9A-6650-4A60-AA50-30ADE106637B@gmail.com>
X-Mailer: iPad Mail (10A403)
From: Daniel Holth <dholth@gmail.com>
Date: Thu, 04 Oct 2012 21:00:53 -0400
To: Mike Jones <Michael.Jones@microsoft.com>
Cc: Karen O'Donoghue <odonoghue@isoc.org>, "jose@ietf.org" <jose@ietf.org>
Subject: Re: [jose] DISCUSS: Nonce/Timestamp parameter
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/jose>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 05 Oct 2012 01:01:00 -0000

Would it be too confusing to ask for a sat "signed at" field for the header? In my application this makes more sense (with the multiple signatures serialization specification jws-js) than a payload time stamp.

Daniel Holth

On Oct 4, 2012, at 8:15 PM, Mike Jones <Michael.Jones@microsoft.com> wrote:

> As editor, I’m going to make the observation this is the one poll question where the results are not clear enough for it to be obvious what I should do.  There were many people who made comments about the question being unclear and the intended use and meaning of the potential field or fields unclear.
>  
> Unless you feel differently, Karen and Jim, I believe that the best course at this point is for me to add nothing to the specs as a result of this poll question, but for the working group to try to make decisions on much less ambiguous proposals (should any be made) than the one in the poll question.
>  
>                                                             -- Mike
>  
> From: jose-bounces@ietf.org [mailto:jose-bounces@ietf.org] On Behalf Of Jim Schaad
> Sent: Tuesday, August 28, 2012 8:38 PM
> To: 'Dick Hardt'; Axel.Nennker@telekom.de
> Cc: beaton@google.com; jose@ietf.org
> Subject: Re: [jose] DISCUSS: Nonce/Timestamp parameter
>  
> The question from my point of view is that common fields from many structures should potentially be supported in the base specification so that they can be common rather than having each structure define them separately.  This is only an issue if one wishes them to be placed in the header structure and not in the data structure. 
>  
> If one is looking at signing an unstructured data object – such as a file – then it becomes difficult to have the fields such as a time that it was signed be part of the file itself, especially if one is applying multiple signatures at different times.  This is not an issue for the token specification but could be for other uses of the signature or encryption specifications.
>  
> I would agree that “iat” is a timestamp for the purposes of this conversation.  If one wanted a formalized timestamp from a third party authority then a totally different way of going about it would be required.  I chose the term nonce or timestamp because both had been discussed in the past without any specific resolution about what is needed.
>  
> Jim
>  
>  
> From: Dick Hardt [mailto:dick.hardt@gmail.com] 
> Sent: Monday, August 27, 2012 2:55 PM
> To: Axel.Nennker@telekom.de
> Cc: dick.hardt@gmail.com; beaton@google.com; ietf@augustcellars.com; jose@ietf.org
> Subject: Re: [jose] DISCUSS: Nonce/Timestamp parameter
>  
> I was considering "iat" to be the timestamp. I was not thinking there would be an additional timestamp.
>  
> On Aug 27, 2012, at 2:13 PM, <Axel.Nennker@telekom.de> wrote:
>  
> 
> We have exp
>                 https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-03#section-4.1.1
> and iat
>                 https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-03#section-4.1.3
> in JWT. Why do we need a timestamp?
>  
> Replay attacks of the same jwt can be mitigated through the jti claim
> https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-03#section-4.1.7
>  
> What do timestamp and nonce add to these?
>  
> Axel
>  
>  
>  
> From: Dick Hardt [mailto:dick.hardt@gmail.com] 
> Sent: Monday, August 27, 2012 10:23 PM
> To: Brian Eaton
> Cc: Nennker, Axel; Jim Schaad; jose@ietf.org
> Subject: Re: [jose] DISCUSS: Nonce/Timestamp parameter
>  
>  
> On Aug 27, 2012, at 1:06 PM, Brian Eaton wrote:
> 
> 
> 
> On Mon, Aug 27, 2012 at 12:11 PM, Dick Hardt <dick.hardt@gmail.com> wrote:
> I have an application for JWT that is not OAuth2.
>  
> Should nonce and timestamp logic go in the application level protocol?
>  
> I prefer to NOT have the application level deal with token validity.
> 
> 
> 
>  
> Having said that, nonce's are difficult to implement at scale and I have heard of many sites that don't implement them fully.
>  
> Nonce alone can't be implemented efficiently.  You have to have time stamps as well, otherwise you are stuck storing ever nonce you've ever seen, forever.
>  
> Even nonce + time stamp is challenging in distributed systems.  It adds a lot of complexity.  That complexity is sometimes merited, but not always.
>  
> Thanks for confirming my statement.
>  
> I have stopped using nonce and only use time stamps lately and have made the system relatively stateless so that a second submission of the token is ok. That may not work for everyone, but I have found that architecture to be easier to implement and scale.
>  
> _______________________________________________
> jose mailing list
> jose@ietf.org
> https://www.ietf.org/mailman/listinfo/jose

v2.40.3 | Report a Bug | By Email | System Status