Re: [jose] TTL for JWK

John Bradley <ve7jtb@ve7jtb.com> Wed, 20 February 2013 15:09 UTC

Return-Path: <ve7jtb@ve7jtb.com>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8801521F8780 for <jose@ietfa.amsl.com>; Wed, 20 Feb 2013 07:09:00 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.77
X-Spam-Level:
X-Spam-Status: No, score=-2.77 tagged_above=-999 required=5 tests=[AWL=-0.568, BAYES_00=-2.599, HTML_MESSAGE=0.001, MIME_QP_LONG_LINE=1.396, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JmPBGMu7wSER for <jose@ietfa.amsl.com>; Wed, 20 Feb 2013 07:08:59 -0800 (PST)
Received: from mail-qa0-f47.google.com (mail-qa0-f47.google.com [209.85.216.47]) by ietfa.amsl.com (Postfix) with ESMTP id 3A25721F875F for <jose@ietf.org>; Wed, 20 Feb 2013 07:08:58 -0800 (PST)
Received: by mail-qa0-f47.google.com with SMTP id j8so2448314qah.20 for <jose@ietf.org>; Wed, 20 Feb 2013 07:08:58 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=x-received:content-type:mime-version:subject:from:in-reply-to:date :cc:message-id:references:to:x-mailer:x-gm-message-state; bh=v39lv7Pdxi4Gxc4idh0hKTt0isDBRYBnyUAIC3uJz28=; b=C8qlGO3IrSJclJOm+pjpW4K7CW3AgplTcqnI1cG83oItK+wMFHf4GnOMFUcvU4j99t RANO3xHrZp7nwDgz9zcTRaZk5yJMVRzmRWF+DPmi7jNtcbg79gan5LgKTX1GCwTuMrg2 1DhYzqr4deR5Hmo0exP6cfeWtPczVaxsXEkCYQjYzCbBahc0gCJcpVxRnTCcLCqW4M44 bWej/6tl6oxNg/vCT3u5MOaoYdgrNhUoT8GBKKgXF7HdOZDoXMwxs2fuAzWjkdEiw7CK o42lN3ExpqTZ4Mz8Ok9vm+UQTIycJfkXlkvbQ/CCWlH++87wSK81DYEit1gby1R8Dlvl Jj3w==
X-Received: by 10.49.130.167 with SMTP id of7mr9879544qeb.22.1361372938398; Wed, 20 Feb 2013 07:08:58 -0800 (PST)
Received: from [192.168.1.35] (190-20-41-134.baf.movistar.cl. [190.20.41.134]) by mx.google.com with ESMTPS id z9sm575152qae.5.2013.02.20.07.08.53 (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Wed, 20 Feb 2013 07:08:56 -0800 (PST)
Content-Type: multipart/signed; boundary="Apple-Mail=_0F0EF34F-784E-4ECF-A59A-9E669B19EDD0"; protocol="application/pkcs7-signature"; micalg=sha1
Mime-Version: 1.0 (Mac OS X Mail 6.2 \(1499\))
From: John Bradley <ve7jtb@ve7jtb.com>
In-Reply-To: <CA+k3eCR4eX7fk3ibra97hcJ9jpEMWxhJZhb4E2RFbSP8ogui9A@mail.gmail.com>
Date: Wed, 20 Feb 2013 12:08:21 -0300
Message-Id: <FA5226A1-C899-49D0-8472-6BF045ECEFF5@ve7jtb.com>
References: <CA+k3eCTZ4KeC7ZH41OWkjkLCp0RiRBkze=4NpFO7AG5zVq-bJQ@mail.gmail.com> <4E1F6AAD24975D4BA5B168042967394367477CB0@TK5EX14MBXC284.redmond.corp.microsoft.com> <CA+k3eCTbKzWaSr0cmSKTgfs2WMwfGjxatCMjFJekf+8E5SRjXQ@mail.gmail.com> <84EEBC7B-1C68-485E-998D-D01CAE884675@ve7jtb.com> <255B9BB34FB7D647A506DC292726F6E115076349DB@WSMSG3153V.srv.dir.telstra.com> <CA+k3eCR4eX7fk3ibra97hcJ9jpEMWxhJZhb4E2RFbSP8ogui9A@mail.gmail.com>
To: Brian Campbell <bcampbell@pingidentity.com>
X-Mailer: Apple Mail (2.1499)
X-Gm-Message-State: ALoCoQkWQIwmREFD/bW4AWafrau4jDXV2tV43ukjw6MRCdJk0n6XBKfqQ9+K7svpIgoKwp7/kNVV
Cc: "Manger, James H" <James.H.Manger@team.telstra.com>, "jose@ietf.org" <jose@ietf.org>
Subject: Re: [jose] TTL for JWK
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/jose>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 20 Feb 2013 15:09:00 -0000

I don't think that JWK itself  has a MUST understand.

If you are including a JWK in the header of a JWE for say ECDH-ES then that element (the JWK content of epk) needs to be understood by the recipient.   

I think the question of how MUST understand applies to elements of a top level claims probably needs more clarification once we get over the poll.

I don't know that ttl as part of epk is sensible,  perhaps exp might make sense but including ether of them in epk is probably mot helpful.

The limitation of the http caching approach is that it requires a pull,  but logically if the endpoint is going to do something to refresh the key it needs to have something to pull from.

Now what I don't know is if in Matt's work using xmpp if there is a need for a refresh mechanism to refresh encryption keys, that can't use http caching.

John B.





On 2013-02-20, at 11:37 AM, Brian Campbell <bcampbell@pingidentity.com> wrote:

> To Mike's comment on the ttl of an IP packet - I did extensive research on wikipedia that suggests a TTL can either be a counter or a time-stamp. The idea is the same - discard or stop using at such and such a point. TTL may not be right but it seemed closer than exp for what I was aiming for.
> 
> To James and John's comment on JWK Set and HTTP, I was thinking a per key usage but the way I was envisioning it does ultimately result in the whole JWK Set being refreshed (re-fetched?) and that would argue for it being at the JWK Set level. And yeah, at that point it'd make sense to just use HTTP cache control. I'd been trying to avoid that because of a suspicion that the HTTP headers would likely be set wrong or ignored by some. But using that as a justification to reinvent the concept at another layer sounds rather silly when I say (er type) it out loud. So, I dunno, maybe this isn't such a great idea after all and using HTTP level caching mechanisms to address my particular problem is a better approach.  
> 
> To James' other comment on "MUST-understand-everything" - I don't always answer rhetorical questions in a public forum but, what the heck, it'd be more than just awkward. It'd be darn near impossible for any deployments that had more than just single bilateral relationships. You're point is taken (though I already fall in the not-MUST-understand camp) but I don't believe the must-understand requirement applies to JWK as the drafts are currently written, does it?
> 
> 
> 
> 
> 
> 
> 
> On Wed, Feb 20, 2013 at 5:27 AM, Manger, James H <James.H.Manger@team.telstra.com> wrote:
> This feature sounds so close in function to an HTTP Cache-Control header. Surely we can just use this existing mechanism? Particularly as the real use case mentioned in getting a JWK from an HTTPS URI.
> 
>  
> 
>  
> 
> P.S. If we do defer specifying “TTL for JWK” now, but after a few years experience of rolling keys in OpenID Connect decide it would be good, then I wonder how awkward deploying it would be due to the MUST-understand-everything rule?
> 
>  
> 
> --
> 
> James Manger
> 
>  
> 
> On 2013-02-19, at 9:26 PM, Brian Campbell <bcampbell@pingidentity.com> wrote:
> 
>  
> 
> …this was more of a indicator about how long a key could be cached/used with a reasonable expectation that things would still work… 
> 
> From: jose-bounces@ietf.org [mailto:jose-bounces@ietf.org] On Behalf Of Brian Campbell
> Sent: Tuesday, February 19, 2013 3:43 PM
> To: jose@ietf.org
> Subject: [jose] TTL for JWK
> 
> I'd like to float the idea of introducing a time to live parameter to the base JWK document, which could probably fit in as a subsection of §4 that defines parameters common to all key types [1].
> 
> The motivation is that many uses of JWKs will involve caching of JWK data and a TTL parameter could be used to indicate how long a key could be safely cached and used without needing to recheck the JWK source. I don't want it to be a hard expiration date for the key but rather a hint to help facility efficient and error free caching.
> 
> OpenID Connect has a real use case for this where entities publish their keys via a JWK Set at an HTTPS URL. To support key rotation and encryption, there needs to be some way to indicate the TTL of a public key used to encrypt. Of course, this isn't the only way to skin that cat but it strikes me as a good way and one that might provide utility for JWK in other contexts.
> JSON Web Token [2] defines a data type that is "A JSON numeric value representing the number of seconds from 1970-01-01T0:0:0Z UTC until the specified UTC date/time" that seems like it could be co-opted to work well as the value for a "ttl" parameter.
> 
> [1] http://tools.ietf.org/html/draft-ietf-jose-json-web-key-08#section-4
> 
> [2] http://tools.ietf.org/html/draft-ietf-oauth-json-web-token-06#section-2
> 
>  
> 
> 
> _______________________________________________
> jose mailing list
> jose@ietf.org
> https://www.ietf.org/mailman/listinfo/jose