Re: [jose] I-D Action: draft-ietf-jose-fully-specified-algorithms-01.txt
Michael Jones <michael_b_jones@hotmail.com> Fri, 01 March 2024 21:07 UTC
Return-Path: <michael_b_jones@hotmail.com>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 51442C14F69B for <jose@ietfa.amsl.com>; Fri, 1 Mar 2024 13:07:28 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.233
X-Spam-Level:
X-Spam-Status: No, score=-6.233 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FORGED_HOTMAIL_RCVD2=0.874, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=hotmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tqwck1jFlMrw for <jose@ietfa.amsl.com>; Fri, 1 Mar 2024 13:07:24 -0800 (PST)
Received: from NAM12-DM6-obe.outbound.protection.outlook.com (mail-dm6nam12olkn2050.outbound.protection.outlook.com [40.92.22.50]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 06416C14F686 for <jose@ietf.org>; Fri, 1 Mar 2024 13:07:23 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=eKvTlqkDNR1gmGakSD+YDE20KdZrL62nD6XiJkAM1jgIYBcraeHTEvKPRyJWEI4b8MPFyylQi3+a8l31BSGpAN2bncb3K3ZnUT5DMw8P3DddWWwp38WhhinlCbqc86VnspkhDTqeJDqKK3oJhrxme590tEoImuiQA6joV2oJLC84RlQ9NYRmrvSnqU9t56idUgG9uA5QIbmMFblcc29Lla84MyXw0sHTW4xngppBzlbuuAkIYXq+d+J1NihdJTAm0sc27EOnFC2eXpjmWnvkj/2BhOCCrWX1I2OTPgb3JKB4msInaKXNCgD0rrGpzO0M3EXC57APX98Jy5RSWWXVOA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=Kab542CoJkRIo28CxV23xN/cKvbBgqovdNRISreJ+KQ=; b=YLyxy0/nXt1xEzPfoW1FOSA5AyxfxjUpIvQrG0BA3tRmMf2SOzFJgManjHPeEioiosPQkOyOKnzKDhobf+Z2ejvbe+UNNs5xxyCWarQW07lcKXcrBCCxE8+0XIuvORvYT/mJ4fXQAH41cL5UijLsZlfa3JLyvXMheOmYKxs7X3oLNiZDJn7vLNR5ac/t5/vEBu1wyvezsjz2AAO2OU0POCBKBRw9dqWuG7yLtp9fkXl+GcxUsqM6PEUPQtf8iWhnZdGdtbsUvv+2znelaIwX3YA7znT+cwnKhf0JRYvKrc6nPBvcjpCg7IREo+jpmK8DELTL+GhkEf7AfxcrMesXGA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none; dkim=none; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=hotmail.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Kab542CoJkRIo28CxV23xN/cKvbBgqovdNRISreJ+KQ=; b=JwMWMruvjywmiXJJmWi5JKZuFIWbNwSft/5AssFvj3cU96aZidcnS5SK1ixO8DH18VOAIZLj7NKqaFVAfN/3ez0Oe84M7sqJTz1HOExnfGcKML6OuqQ1lg+xuaaszx2i3FANTzKKrnespYIA08WKAATNhVtAnYTME3td04ZAgNy8esNv07UUIsbVSZ/zJiN8ddZ0dEepyHDlHHKthtQJQ3smWSgDehJc7jLNzHKsGM5ylvWPF2Lze0EW6TYpUu9s7KZQFAsJAewb0UpE1GZRzQjzIW1IrA66Blt6mgFHNz+WjgeUhO8rGuDShsBcc+NBlAcEVbhLijgWsEQpIwKOYg==
Received: from SJ0PR02MB7439.namprd02.prod.outlook.com (2603:10b6:a03:295::14) by BY5PR02MB7074.namprd02.prod.outlook.com (2603:10b6:a03:239::11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7339.34; Fri, 1 Mar 2024 21:07:22 +0000
Received: from SJ0PR02MB7439.namprd02.prod.outlook.com ([fe80::7c2c:4b2:7be3:4f66]) by SJ0PR02MB7439.namprd02.prod.outlook.com ([fe80::7c2c:4b2:7be3:4f66%4]) with mapi id 15.20.7316.039; Fri, 1 Mar 2024 21:07:22 +0000
From: Michael Jones <michael_b_jones@hotmail.com>
To: Ilari Liusvaara <ilariliusvaara@welho.com>, "jose@ietf.org" <jose@ietf.org>
Thread-Topic: [jose] I-D Action: draft-ietf-jose-fully-specified-algorithms-01.txt
Thread-Index: AQHaam252kJW8ynn0kSNpKUjtuQferEgMc2AgAAGggCAATPQgIAB9fvA
Date: Fri, 01 Mar 2024 21:07:21 +0000
Message-ID: <SJ0PR02MB74399E80DC38388CD56695BFB75E2@SJ0PR02MB7439.namprd02.prod.outlook.com>
References: <170914224026.56455.15183346032212380498@ietfa.amsl.com> <Zd-VJUMiAt4I8nBx@LK-Perkele-VII2.locald> <PH0PR02MB74304D9DFD11894C957AAB3EB7582@PH0PR02MB7430.namprd02.prod.outlook.com> <ZeCc0TVTMmHPCe9u@LK-Perkele-VII2.locald>
In-Reply-To: <ZeCc0TVTMmHPCe9u@LK-Perkele-VII2.locald>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-tmn: [0hDJ6s0/HOrAHKUtEv8eltZ22gnNRpld]
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: SJ0PR02MB7439:EE_|BY5PR02MB7074:EE_
x-ms-office365-filtering-correlation-id: 82b2c2f4-c5fa-49f2-880e-08dc3a33963e
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: LIVCCqI/VB7vNrhYeffIIq1yAePSsTSkIRZoS7u2TxSZ0Yjf0CNOpHFgwT5sWoffCnA8Vxpc7H/+9uF7lrN2+VRYie1e73syb7e59AnBL3Hct+uF5jUaf8UY31+9TXCxcpKgO8rkjGpe1ud0xfPdXm6fsCXe+zzB5dmV1d38X22flxitG9sarpAQYM2mif5DP3jgdCkcQ+OiYT+UDdI7D1spffbLsW3xL5DwJ1SicUblNhJeYLI+yB2dBAC9dpS3l8I7tsNk/GKYCvF6S53CpHUoSAIGhJWMI9ceshR/lHNGmfBjUtxun3QQrs2cxPtL8OAXXdXshZJ9H+c+DURSdc2JSdjYv6tq6nUIrovnZETLvMszO1h4q5kBNMle8Rn4+NunzND1dMazt4ImZ+kXv77+KcX+aDQVeLqTDpp4Fjv9E2V7BPMD2DYN6D9+C390c5h5lc0Le2rndlF+obwfu2V5Bc6SQKWcDGNfZXwZAzK7ktzWaBQc4wXEmXtjso54gtZ7Y353biAcVqK1caA+CIxgf7RpnrDWSgWYSPV8bslOgaEf+7lwuQIQ40oxSVyIRPkEYusMXn4EZGEKLxk3zzXdIRAaNwukfLgEZB7/EqmZsBedl8Clk/fWC7nVmxZu7vAEkFEjBH61NO31mEkaXe8SMQFBDnDMj0Anty15zSg=
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: 34Gfe6uj4cyNNVc5wxPtXkS5eVtbdx3Yr52jOZ3Ez025UoH63ACnXnhA2Y83KOJl3eraEnbZCMUzhXCkaS3CMG6+V64iN0p8+GEzZfuzf6QU/sszE9j5nHEh/t2W7fWHzmoFwPkTjF+sWnYj3Q5u8RbXVBVNFzVj9NP8ir0MJb2tolRoos6GWYs2g8Od7x2N4h/QZHqjUb5yr1JWop634QprrpnOWtO6WaBD5VOZFEpB39bbh6H/UKzAUb62fad3FuL7WTMbegrV1vJpHZfyz57cjDnmj7ce5oCclh6y7a3fI2j6rv41apCc8Do/osTsBMHE18GBOHQahGBK/K1k4WT0RbmuPrWplWAMN/5ulQ7EjLwNvUM4MhKHxAgRfj78/A8zifKcEbM0+Nh/W6QDyKAe2Bb1OH7sc7f+Z4fGsRWZXzBh3v1AMUZwtaBqDt0MzM/igMwEW4SGigVzSxMD00rmhMaJrv58fLGTLjOd13oU9AYA7FkG6O+wxK8Lo22JwA42SuIgnKC2Tiyw4+YHp5+Pc8YnPRJ/hFFj8NRpgRPq93Hy5ATXxqFPB83X5AMM7M+Zthq4NNORZkKwv+rHtc/wxesQKu+ja0Q8alR/dgXti6ZLj1e03mHWnD2m855iVNJ/RQTowPt3OFOv1ETmDzUSpYJLVC65Eb/gFnR/v1w9Og+xJk6yqpAIo6G1rAY41ICc9i4bA7qjIM1qLnTtQoFLFJBeqUSvS9n1ukYNrPl/ROJy0dw3dm+aBjfnmpqwfiLo7zwGvAQApoQMY5lmbZpBB5WCHD5YYALhvVUTqdtFjLxcbuEWrVTG2Ba/9Cyq4toUwZ/X0qjSAhMfsSxoE0Zy32Gz45w01ZaF0wVkInnoG4wmxXKxnfRIIbslgDUyMjUhEYRTXbKnU+8TYG/JdmU4ZYlZk+T6D6GmuoHXnbEBuXyIF5+SqxZqN07I5xZR7cyHXcUj8zI5ShNlewWGDQs8+3Q6OC5Ae1o6mqD9/3l+9NmZRxM19MPpGEy41x2L2JKv5YcBi4oQXaMuFMRf9FQDLCl9Db4X0ZjQFDyhZGUOfLaOV+H2rC/v39o6REJ/63fJSsvrycT/6YjmTXqPaTNUY3igRR9yq27IW4+h4QGSJ6YjejM4jVUISo2Apc1A6FH8Kj9vS6ws/RVn4gNWY0U+BpjZQQMIy6bywRMT7F/BJJmv3Q0IkRTeFhgQsvUG40BWmcN1qqAjPGtKmkcVqEQ0WbnsIxpI2P4qmyoeE1UYgbZuz2RYUARhlK2oH4BT
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: sct-15-20-4755-11-msonline-outlook-99c3d.templateTenant
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: SJ0PR02MB7439.namprd02.prod.outlook.com
X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 00000000-0000-0000-0000-000000000000
X-MS-Exchange-CrossTenant-Network-Message-Id: 82b2c2f4-c5fa-49f2-880e-08dc3a33963e
X-MS-Exchange-CrossTenant-rms-persistedconsumerorg: 00000000-0000-0000-0000-000000000000
X-MS-Exchange-CrossTenant-originalarrivaltime: 01 Mar 2024 21:07:21.8118 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BY5PR02MB7074
Archived-At: <https://mailarchive.ietf.org/arch/msg/jose/MOdtocc9KEGOqkwTsv_KD864jpk>
Subject: Re: [jose] I-D Action: draft-ietf-jose-fully-specified-algorithms-01.txt
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/jose/>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 01 Mar 2024 21:07:28 -0000
Thanks again for engaging on this topic, Ilari. I value your perspectives.
You wrote: "I think adding all the fully-specified algorithms for encryption is 12 new and 4 deprecated algorithms for JOSE, 24 new algorithms and 10 deprecated algorithms for COSE." I would appreciate it if you could list the algorithms that you have in mind. That could help inform future updates to the specification.
You may be right about KEMs. Right now the authors are erring on the side of providing guidance in areas that may benefit from it, but it's a working group decision whether to keep, modify, or delete the current KEM text.
Thanks again,
-- Mike
-----Original Message-----
From: jose <jose-bounces@ietf.org> On Behalf Of Ilari Liusvaara
Sent: Thursday, February 29, 2024 7:04 AM
To: jose@ietf.org
Subject: Re: [jose] I-D Action: draft-ietf-jose-fully-specified-algorithms-01.txt
On Wed, Feb 28, 2024 at 09:03:18PM +0000, Michael Jones wrote:
> Thanks for reading the new draft and commenting, Ilari. Replies inline below...
>
> -----Original Message-----
> From: jose <jose-bounces@ietf.org> On Behalf Of Ilari Liusvaara
> Sent: Wednesday, February 28, 2024 12:19 PM
> To: jose@ietf.org
> Subject: Re: [jose] I-D Action:
> draft-ietf-jose-fully-specified-algorithms-01.txt
>
> On Wed, Feb 28, 2024 at 09:44:00AM -0800, internet-drafts@ietf.org wrote:
> > Internet-Draft draft-ietf-jose-fully-specified-algorithms-01.txt is
> > now available. It is a work item of the Javascript Object Signing
> > and Encryption
> > (JOSE) WG of the IETF.
> >
> > Title: Fully-Specified Algorithms for JOSE and COSE
> > Authors: Michael B. Jones
> > Orie Steele
> > Name: draft-ietf-jose-fully-specified-algorithms-01.txt
> > Pages: 12
> > Dates: 2024-02-28
>
> Some comments that still look relevant:
>
> 1) The encryption case seems like it would be difficult and delay the
> document by a lot. There have been requests to get this done quick, so
> I think that should be punted on.
>
> Indeed, an open question called out in
> https://www.i/
> etf.org%2Farchive%2Fid%2Fdraft-ietf-jose-fully-specified-algorithms-01
> .html%23name-ecdh-es-and-its-ephemeral-k&data=05%7C02%7C%7C456f507a355
> 44371d11308dc3937ad98%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C638
> 448158544780474%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2
> luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C0%7C%7C%7C&sdata=eNPm2Nz3i2ekQG
> fcJRiDVwx8nGysX2QI3gOYWyUM2dU%3D&reserved=0
> is whether to introduce fully-specified algorithm identifiers for ECDH
> and possibly other encryption algorithms. I expect this to be one of
> the discussion topics in Brisbane.
I think if this applies to encryption, then new ECDH algorithms are required.
The RSA stuff looks fully specified, and I don't see anything else for asymmetric encryption than RSA and ECDH.
> 2) Abstract: I don't think the current encryption stuff is fully
> specified (the behavior of algorithms does depend on the key), so
> statements about new identifiers need to be qualified to only apply to
> signatures.
>
> You're right that (as called out by the cited text above) some of the
> current encryption algorithms aren't fully specified. This
> specification does two things.
> (a) It requires that all algorithms registered in the future be fully
> specified.
> (b) It creates fully-specified algorithm identifiers that can be used
> instead of polymorphic algorithm identifiers.
>
> (a) is still very valuable, both for signing and encryption, even if
> we tactically decide that we don't want to do (b) for all encryption
> algorithms at this time.
I think that solving one but not the other is the worst option. That is, one should solve neither or both.
Otherwise everything using JWE/COSE_Encrypt is left with having to support both. Which is obviously harder than having to support just one, whichever it might be.
I think adding all the fully-specified algorithms for encryption is 12 new and 4 deprecated algorithms for JOSE, 24 new algorithms and 10 deprecated algorithms for COSE.
> 4) Section 6.3: I don't think anything in COSE or JOSE currently uses
> KEMs. And the requirement for single KDF goes beyond what fully
> specified means.
>
> https://datatracker.ietf.org/doc/draft-ietf-cose-hpke/ uses KEMs.
> https://datatracker.ietf.org/doc/draft-rha-jose-hpke-encrypt/ uses KEMs.
No, those use HPKE. Internal details of HPKE are irrelevant, That is the entire point of HPKE.
> https://csrc.nist.gov/projects/post-quantum-cryptography uses KEMs.
> I agree with Orie that it's good to include a discussion of KEMs now,
> since they're clearly coming to both COSE and JOSE.
Isn't requiring fully specified algorithms going forward enough?
(And if not doing that, then one should not do anything with KEMs
either.)
-Ilari
_______________________________________________
jose mailing list
jose@ietf.org
https://www.ietf.org/mailman/listinfo/jose
- [jose] I-D Action: draft-ietf-jose-fully-specifie… internet-drafts
- Re: [jose] I-D Action: draft-ietf-jose-fully-spec… Ilari Liusvaara
- Re: [jose] I-D Action: draft-ietf-jose-fully-spec… Michael Jones
- Re: [jose] I-D Action: draft-ietf-jose-fully-spec… Ilari Liusvaara
- Re: [jose] I-D Action: draft-ietf-jose-fully-spec… Michael Jones
- Re: [jose] I-D Action: draft-ietf-jose-fully-spec… Brian Campbell
- Re: [jose] I-D Action: draft-ietf-jose-fully-spec… Ilari Liusvaara
- Re: [jose] I-D Action: draft-ietf-jose-fully-spec… Michael Jones