IETF Logo Mail Archive

Re: [jose] Whether implementations must understand all JOSE header fields

Mike Jones <Michael.Jones@microsoft.com> Wed, 19 December 2012 19:49 UTC

Return-Path: <Michael.Jones@microsoft.com>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 05A0421F8742 for <jose@ietfa.amsl.com>; Wed, 19 Dec 2012 11:49:04 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.798
X-Spam-Level:
X-Spam-Status: No, score=-2.798 tagged_above=-999 required=5 tests=[AWL=-0.200, BAYES_00=-2.599, HTML_MESSAGE=0.001]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BgVnSyqMRHrX for <jose@ietfa.amsl.com>; Wed, 19 Dec 2012 11:49:03 -0800 (PST)
Received: from NA01-BL2-obe.outbound.protection.outlook.com (na01-bl2-obe.ptr.protection.outlook.com [65.55.169.29]) by ietfa.amsl.com (Postfix) with ESMTP id 9085421F85FC for <jose@ietf.org>; Wed, 19 Dec 2012 11:49:02 -0800 (PST)
Received: from BY2FFO11FD008.protection.gbl (10.1.15.201) by BY2FFO11HUB019.protection.gbl (10.1.14.178) with Microsoft SMTP Server (TLS) id 15.0.586.12; Wed, 19 Dec 2012 19:48:53 +0000
Received: from TK5EX14HUBC103.redmond.corp.microsoft.com (131.107.125.37) by BY2FFO11FD008.mail.protection.outlook.com (10.1.14.159) with Microsoft SMTP Server (TLS) id 15.0.586.12 via Frontend Transport; Wed, 19 Dec 2012 19:48:52 +0000
Received: from TK5EX14MBXC283.redmond.corp.microsoft.com ([169.254.2.50]) by TK5EX14HUBC103.redmond.corp.microsoft.com ([157.54.86.9]) with mapi id 14.02.0318.003; Wed, 19 Dec 2012 19:48:24 +0000
From: Mike Jones <Michael.Jones@microsoft.com>
To: "Manger, James H" <James.H.Manger@team.telstra.com>, "jose@ietf.org" <jose@ietf.org>
Thread-Topic: [jose] Whether implementations must understand all JOSE header fields
Thread-Index: Ac3da4u39ZRiYSLMQBShe+M/5UR54QAALdFQAAH0xRAAByH0sAAkEbRA
Date: Wed, 19 Dec 2012 19:48:23 +0000
Message-ID: <4E1F6AAD24975D4BA5B168042967394366977627@TK5EX14MBXC283.redmond.corp.microsoft.com>
References: <4E1F6AAD24975D4BA5B168042967394366968592@TK5EX14MBXC283.redmond.corp.microsoft.com> <255B9BB34FB7D647A506DC292726F6E115040898B5@WSMSG3153V.srv.dir.telstra.com> <4E1F6AAD24975D4BA5B16804296739436696ABC0@TK5EX14MBXC283.redmond.corp.microsoft.com> <255B9BB34FB7D647A506DC292726F6E115041F5FFC@WSMSG3153V.srv.dir.telstra.com>
In-Reply-To: <255B9BB34FB7D647A506DC292726F6E115041F5FFC@WSMSG3153V.srv.dir.telstra.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [157.54.51.74]
Content-Type: multipart/alternative; boundary="_000_4E1F6AAD24975D4BA5B168042967394366977627TK5EX14MBXC283r_"
MIME-Version: 1.0
X-Forefront-Antispam-Report: CIP:131.107.125.37; CTRY:US; IPV:CAL; IPV:NLI; EFV:NLI; SFV:NSPM; SFS:(377454001)(512874001)(46102001)(77982001)(54316002)(59766001)(56776001)(47736001)(47976001)(55846006)(74502001)(15202345001)(53806001)(4396001)(56816002)(33656001)(51856001)(47446002)(76482001)(49866001)(5343635001)(5343655001)(16236675001)(44976002)(16406001)(50986001)(54356001)(74662001)(31966008); DIR:OUT; SFP:; SCL:1; SRVR:BY2FFO11HUB019; LANG:en;
X-OriginatorOrg: microsoft.onmicrosoft.com
X-Forefront-PRVS: 070092A9D3
Subject: Re: [jose] Whether implementations must understand all JOSE header fields
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/jose>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 19 Dec 2012 19:49:04 -0000

“zip” is a perfect example of indicating a change of semantics with the presence of a new field.  The processing of a JWE without a “zip” field is different than the processing of it with one.  An implementation must understand the field to use the resulting JWE.  The same would be true of any JWS that used a “zip” extension.

It would never be safe to ignore this field, whether defined as part of the base spec, or defined as an extension later.

                                                                -- Mike

P.S.  On a related topic, see the thread “Reducing the size of JWS payloads” for a discussion on why compression won’t work for JWS payloads that are JWEs.

From: Manger, James H [mailto:James.H.Manger@team.telstra.com]
Sent: Tuesday, December 18, 2012 9:12 PM
To: Mike Jones; jose@ietf.org
Subject: RE: [jose] Whether implementations must understand all JOSE header fields

James said:
>> I would also appreciate your thoughts on whether someone can extend JWS by specifying: when the “zip” field is present in a JWS the content is compressed.
That looks legitimate with the current “MUST understand or reject” rule. I think it is likely, however, that such an extension will cause security problems. Some implementations will confirm that “zip” is on the list of known standard fields, but will ignore it in the JWS processing code.

Mike said:
> One would define “zip” in a JWS in the normal way that extensions are made to IETF specs – you’d write a spec defining the meaning for it and register the “zip” value in the IANA JSON Web Signature and Encryption Header Parameters registry for JWS usage.


Lets ignore the process for now (IETF, IANA…), the issue is whether this style of extension is sensible: an extension that indicates a change of semantics by the presence of a new field. A style that the “MUST understand everything” rule encourages.
My argument is that this style is too dangerous a way to indicate new semantics. When changing semantics (as “zip” does) it would be much better to change a field we are confident implementations will be looking at, as opposed to relying on them to notice a new field.

--
James Manger

v2.23.0 | Report a Bug | By Email