IETF Logo Mail Archive

Re: [jose] #15: Broken examples in JWE / JWS

"Jim Schaad" <ietf@augustcellars.com> Mon, 25 March 2013 22:00 UTC

Return-Path: <ietf@augustcellars.com>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D401021F8640 for <jose@ietfa.amsl.com>; Mon, 25 Mar 2013 15:00:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.598
X-Spam-Level:
X-Spam-Status: No, score=-3.598 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yHG4vr-O7Q4J for <jose@ietfa.amsl.com>; Mon, 25 Mar 2013 15:00:00 -0700 (PDT)
Received: from smtp2.pacifier.net (smtp2.pacifier.net [64.255.237.172]) by ietfa.amsl.com (Postfix) with ESMTP id 6FE1F21F8610 for <jose@ietf.org>; Mon, 25 Mar 2013 15:00:00 -0700 (PDT)
Received: from Philemon (mail.augustcellars.com [50.34.17.238]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) (Authenticated sender: jimsch@nwlink.com) by smtp2.pacifier.net (Postfix) with ESMTPSA id D2E532CA08; Mon, 25 Mar 2013 14:59:59 -0700 (PDT)
From: Jim Schaad <ietf@augustcellars.com>
To: 'Richard Barnes' <rlb@ipv.sx>, 'Brian Campbell' <bcampbell@pingidentity.com>
References: <049.dec2e6a11006261f47529bfcdfa8c51d@trac.tools.ietf.org> <064.854734170572ce8e0ba10611390025ce@trac.tools.ietf.org> <012701ce274a$8e17ca30$aa475e90$@augustcellars.com> <CAL02cgQ00JWPph9irvkcyqHi=gOMVt4W9J47e_UMWxdr=1_=MQ@mail.gmail.com> <013c01ce2763$ef72d950$ce588bf0$@augustcellars.com> <CAL02cgRZA8vvXcUjpnPMzjzZYLbNFTbceZ9JyjQwBt5bpuy5Aw@mail.gmail.com> <CA+k3eCR+GGRA_CSRXktGzGqV-8aZuvpYBDAR8UUFeZ0=NiEMAw@mail.gmail.com> <CAL02cgRQF18RPmCOAs-ObF=prVpcTO3q9YpRKE7hUwKPxzROKw@mail.gmail.com>
In-Reply-To: <CAL02cgRQF18RPmCOAs-ObF=prVpcTO3q9YpRKE7hUwKPxzROKw@mail.gmail.com>
Date: Mon, 25 Mar 2013 14:59:24 -0700
Message-ID: <025e01ce29a4$039f7400$0ade5c00$@augustcellars.com>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----=_NextPart_000_025F_01CE2969.5745F330"
X-Mailer: Microsoft Outlook 14.0
Thread-Index: AQF2cmojIl9Hs38WmUYs74iwLrRDCgIF6v1oAm/xY+kByW55fwH282dKArcIyZEB7CexKAJP1D4JmO0Yu3A=
Content-Language: en-us
Cc: draft-ietf-jose-json-web-encryption@tools.ietf.org, jose@ietf.org
Subject: Re: [jose] #15: Broken examples in JWE / JWS
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/jose>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 25 Mar 2013 22:00:02 -0000

It may need to be noted that doing /* special magic */ is not something that
a library would ever be able to do.  This implies that the application needs
to know that this is going to be the case and know how to pass in all of the
relevant keys as part of the signature/mac verification process or the
decryption process.

 

Jim

 

 

From: Richard Barnes [mailto:rlb@ipv.sx] 
Sent: Monday, March 25, 2013 2:31 PM
To: Brian Campbell
Cc: Jim Schaad; draft-ietf-jose-json-web-encryption@tools.ietf.org;
jose@ietf.org
Subject: Re: [jose] #15: Broken examples in JWE / JWS

 

I realize that's the common case.  But the spec doesn't say that.  

 

All I'm saying is, the spec should REQUIRE that a sender include either a
key indicator, or an indication that something is going on out of band.

 

--Richard

 

 

On Mon, Mar 25, 2013 at 8:15 AM, Brian Campbell <bcampbell@pingidentity.com>
wrote:

/* special magic */ is just some out of band agreement on the key to use or
how to infer it. Which isn't really special or magic. But probably pretty
common.

 

On Fri, Mar 22, 2013 at 7:37 PM, Richard Barnes <rlb@ipv.sx> wrote:

I've renamed the issue to try to clarify.

 

You're right that there are alternative ways to locate a key.  But a JOSE
object needs to contain at least one of them, or else the /* special magic
*/ clause applies.  

 

--Richard

 

On Fri, Mar 22, 2013 at 9:15 PM, Jim Schaad <ietf@augustcellars.com> wrote:

This may or may not be a flaw in the specification.  However the item you
created in the tracker does not reflect what you have put here.  I think you
would be better served by saying that there is a flaw in the specifications
in that there should be a MUST that some type of key or key reference is
required in a JWS or JWE.

 

I would note that your example code should be more complex in that it does
not deal with jku or any of the x* methods of referencing keys.

 

Jim

 

 

From: Richard Barnes [mailto:rlb@ipv.sx] 
Sent: Friday, March 22, 2013 4:09 PM
To: Jim Schaad
Cc: draft-ietf-jose-json-web-encryption@tools.ietf.org; jose@ietf.org


Subject: Re: [jose] #15: Broken examples in JWE / JWS

 

I admit that they are not broken according to the current spec.  However, I
have a lot of trouble figuring out how I would write code to process them.

 

If "kid" or "jwk" MUST be present to indicate what key I should use, then I
can have deterministic code:

if (/* recognized "kid" or "jwk" value */) { 

    /* use it */

} else {

    /* FAIL.  can't process this object */

}

 

As the spec stands, I have no idea what to put in that "else" clause.  I'm
clearly not supposed to fail, because the parameters are optional.  But what
else?

if (/* recognized "kid" or "jwk" value */) { 

    /* use it */

} else {

    /* insert special magic here */

}

 

This is actually what SPI is supposed to clear up.  SPI would provide an
explicit third branch for the special magic to live in.

if (/* recognized "kid" or "jwk" value */) { 

    /* use it */

} else if (/* recognized SPI value */) {

    /* process using stored parameters */

} else {

    /* FAIL.  can't process this object */

}

 

But without the concept of SPI, the spec is broken because of the
non-determinism noted above.

 

--Richard

 

 

 

On Fri, Mar 22, 2013 at 6:13 PM, Jim Schaad <ietf@augustcellars.com> wrote:

My inclination is that this response is correct.

What make you think that the key or key reference is required and cannot be
implied?

Jim



> -----Original Message-----
> From: jose-bounces@ietf.org [mailto:jose-bounces@ietf.org] On Behalf Of
> jose issue tracker
> Sent: Friday, March 22, 2013 2:37 PM
> To: draft-ietf-jose-json-web-encryption@tools.ietf.org;
ignisvulpis@gmail.com
> Cc: jose@ietf.org
> Subject: Re: [jose] #15: Broken examples in JWE / JWS
>
> #15: Broken examples in JWE / JWS
>
>
> Comment (by ignisvulpis@gmail.com):
>
>  I think this is not an issue. The examples are NOT broken and they do not
> need a fix.
>  I suggest to close this ticket.
>  The draft should definitely not make these illegal. These objects are
perfect
> examples for a valid JWS/JWE.
>
> --
> -------------------------+----------------------------------------------

> -------------------------+---

>  Reporter:  rlb@ipv.sx   |       Owner:  draft-ietf-jose-json-web-
>      Type:  defect       |  encryption@tools.ietf.org
>  Priority:  minor        |      Status:  new
> Component:  json-web-    |   Milestone:
>   encryption             |     Version:
>  Severity:  -            |  Resolution:
>  Keywords:               |
> -------------------------+----------------------------------------------

> -------------------------+---

>
> Ticket URL: <http://trac.tools.ietf.org/wg/jose/trac/ticket/15#comment:1>
> jose <http://tools.ietf.org/jose/>
>
> _______________________________________________
> jose mailing list
> jose@ietf.org
> https://www.ietf.org/mailman/listinfo/jose

 

 


_______________________________________________
jose mailing list
jose@ietf.org
https://www.ietf.org/mailman/listinfo/jose

v2.23.0 | Report a Bug | By Email