IETF Logo Mail Archive

Re: [jose] Comments on draft-barnes-jose-spi-00

Hannes Tschofenig <hannes.tschofenig@gmx.net> Tue, 02 April 2013 18:20 UTC

Return-Path: <hannes.tschofenig@gmx.net>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 57CC421F8BBB for <jose@ietfa.amsl.com>; Tue, 2 Apr 2013 11:20:33 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -103.277
X-Spam-Level:
X-Spam-Status: No, score=-103.277 tagged_above=-999 required=5 tests=[AWL=0.322, BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ot7ZxB85VK9p for <jose@ietfa.amsl.com>; Tue, 2 Apr 2013 11:20:32 -0700 (PDT)
Received: from mout.gmx.net (mout.gmx.net [212.227.15.15]) by ietfa.amsl.com (Postfix) with ESMTP id 2C0F221F8BC5 for <jose@ietf.org>; Tue, 2 Apr 2013 11:20:32 -0700 (PDT)
Received: from mailout-de.gmx.net ([10.1.76.4]) by mrigmx.server.lan (mrigmx002) with ESMTP (Nemesis) id 0MP3Jh-1UIzUB48nv-006Rk9 for <jose@ietf.org>; Tue, 02 Apr 2013 20:20:21 +0200
Received: (qmail invoked by alias); 02 Apr 2013 18:20:20 -0000
Received: from a88-115-219-140.elisa-laajakaista.fi (EHLO [192.168.100.200]) [88.115.219.140] by mail.gmx.net (mp004) with SMTP; 02 Apr 2013 20:20:20 +0200
X-Authenticated: #29516787
X-Provags-ID: V01U2FsdGVkX1/MahZ1kzPMZuj1N3/IoBKPiB5Lc9EhEXfdk6bhZ2 6LObqALHsMAt5F
Message-ID: <515B215B.1000104@gmx.net>
Date: Tue, 02 Apr 2013 21:20:11 +0300
From: Hannes Tschofenig <hannes.tschofenig@gmx.net>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130308 Thunderbird/17.0.4
MIME-Version: 1.0
To: Richard Barnes <rlb@ipv.sx>
References: <005301ce2fba$e4c68100$ae538300$@augustcellars.com> <515B1862.2020204@gmx.net> <CAL02cgSLFeh_wzaC0nb7=Xg74_3S2irg9bHxA6cvPF3vbwvTRw@mail.gmail.com>
In-Reply-To: <CAL02cgSLFeh_wzaC0nb7=Xg74_3S2irg9bHxA6cvPF3vbwvTRw@mail.gmail.com>
Content-Type: text/plain; charset="windows-1252"; format="flowed"
Content-Transfer-Encoding: 8bit
X-Y-GMX-Trusted: 0
Cc: Jim Schaad <ietf@augustcellars.com>, Hannes Tschofenig <hannes.tschofenig@gmx.net>, jose@ietf.org, draft-barnes-jose-spi@tools.ietf.org
Subject: Re: [jose] Comments on draft-barnes-jose-spi-00
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/jose>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 02 Apr 2013 18:20:33 -0000

Just to give you two examples:

http://tools.ietf.org/html/draft-ietf-oauth-v2-http-mac-03
uses a JWE protected JWT.

The key used to encrypt the JWT needs to be pre-configured between the 
authorization server and the resource server. This would be a long-term 
secret.

http://datatracker.ietf.org/doc/draft-tschofenig-oauth-hotk/
uses an alternative design (a bit outdated already; needs to be 
refreshed) that uses the JOSE work for communication between the client 
and the resource server. The symmetric key used between these two 
parties would be short lived but we still use the JOSE work here.

http://tools.ietf.org/html/draft-tschofenig-oauth-hotk-02

Whether algorithm information is included in the JWS/JWE structure is a 
matter of what you agree with the other party and how.

A requirement for the current documents, however, would be to ensure 
that the parameters are not mandatory because in certain situations you 
may have configured them out of band already.

Reading through the JWS/JWE documents I am not sure whether this is 
allowed or not.

Ciao
Hannes



On 04/02/2013 09:00 PM, Richard Barnes wrote:
> "kid" identifies a key.  "spi" identifies anything/everything.
>
> Think of it this way:
> "spi" --> { "alg", "enc", "zip", "kid", ... }
>
>
> On Tue, Apr 2, 2013 at 1:41 PM, Hannes Tschofenig
> <hannes.tschofenig@gmx.net <mailto:hannes.tschofenig@gmx.net>> wrote:
>
>     I don't understand why you need an additional spi parameter when
>     there is already a kid parameter, which serves the same purpose.
>
>     Here is the kid parameter in the JWE:
>     http://tools.ietf.org/html/__draft-ietf-jose-json-web-__encryption-08#section-4.1.10
>     <http://tools.ietf.org/html/draft-ietf-jose-json-web-encryption-08#section-4.1.10>
>
>     Here is the kid parameter in the JWS:
>     http://tools.ietf.org/html/__draft-ietf-jose-json-web-__signature-08#section-4.1.7
>     <http://tools.ietf.org/html/draft-ietf-jose-json-web-signature-08#section-4.1.7>
>
>     Ciao
>     Hannes
>
>
>     On 04/02/2013 06:58 PM, Jim Schaad wrote:
>
>         Richard,
>
>         There is not yet sufficient detail in this document for me to do a
>         proper evaluation of how things are going to work.  Example
>         questions
>         that I have.
>
>         1. What headers are required and which can  be implicit – for
>         example
>         can the algorithm fields be implicit in the SPI?
>
>         2.Are the integrity value computed across the fully populated
>         header or
>         the SPI header?
>
>         3.Is there a way to forward a message from person A which knows
>         the SPI
>
>         values and person B which does not?
>
>         4.What is the correct algorithm for determining the JWS vs JWE
>         in the
>
>         event that all of the algorithms are implicit
>
>         5.What happens if you have implicit parameters and explicit
>         parameters
>
>         and they do not match?
>
>         6.Is there a recommended way to determine what the SPI
>         parameters are
>
>         going to be?  Does the application need to pre-parse the message
>         to get
>         the SPI value or is there a recommendation that some type of
>         callback be
>         included
>
>         7.Can you make things like the IV be implicit?  Thus agree on a
>         starting
>
>         value and an increment and compute the new IV for each new message
>
>         8.If you are requiring that the values be populated by the
>         application –
>
>         does this require that you have a canonical encoding of how
>         those values
>         are placed into the header for the purposes of the integrity check?
>
>         Jim
>
>
>
>         _________________________________________________
>         jose mailing list
>         jose@ietf.org <mailto:jose@ietf.org>
>         https://www.ietf.org/mailman/__listinfo/jose
>         <https://www.ietf.org/mailman/listinfo/jose>
>
>
>     _________________________________________________
>     jose mailing list
>     jose@ietf.org <mailto:jose@ietf.org>
>     https://www.ietf.org/mailman/__listinfo/jose
>     <https://www.ietf.org/mailman/listinfo/jose>
>
>

v2.23.0 | Report a Bug | By Email