Re: [jose] Comments on draft-barnes-jose-spi-00

[Richard Barnes <rlb@ipv.sx>]

On Tue, Apr 2, 2013 at 2:20 PM, Hannes Tschofenig <hannes.tschofenig@gmx.net
> wrote:

> Just to give you two examples:
>
> http://tools.ietf.org/html/**draft-ietf-oauth-v2-http-mac-**03<http://tools.ietf.org/html/draft-ietf-oauth-v2-http-mac-03>
> uses a JWE protected JWT.
>
> The key used to encrypt the JWT needs to be pre-configured between the
> authorization server and the resource server. This would be a long-term
> secret.
>
> http://datatracker.ietf.org/**doc/draft-tschofenig-oauth-**hotk/<http://datatracker.ietf.org/doc/draft-tschofenig-oauth-hotk/>
> uses an alternative design (a bit outdated already; needs to be refreshed)
> that uses the JOSE work for communication between the client and the
> resource server. The symmetric key used between these two parties would be
> short lived but we still use the JOSE work here.
>
> http://tools.ietf.org/html/**draft-tschofenig-oauth-hotk-02<http://tools.ietf.org/html/draft-tschofenig-oauth-hotk-02>
>
> Whether algorithm information is included in the JWS/JWE structure is a
> matter of what you agree with the other party and how.
>
> A requirement for the current documents, however, would be to ensure that
> the parameters are not mandatory because in certain situations you may have
> configured them out of band already.
>
> Reading through the JWS/JWE documents I am not sure whether this is
> allowed or not.
>

This is exactly my point.  These pre-negotiation cases prevent us from
having clear requirements levels.

The goal of SPI is to explicitly say "SPI indicates that pre-negotiated
parameters are being used, so some things that are otherwise REQUIRED might
be missing."  That way, you can still have fields that MUST be included in
general, but if you include an SPI, you can omit them.

--Richard




>
> Ciao
> Hannes
>
>
>
>
> On 04/02/2013 09:00 PM, Richard Barnes wrote:
>
>> "kid" identifies a key.  "spi" identifies anything/everything.
>>
>> Think of it this way:
>> "spi" --> { "alg", "enc", "zip", "kid", ... }
>>
>>
>> On Tue, Apr 2, 2013 at 1:41 PM, Hannes Tschofenig
>> <hannes.tschofenig@gmx.net <mailto:hannes.tschofenig@gmx.**net<hannes.tschofenig@gmx.net>>>
>> wrote:
>>
>>     I don't understand why you need an additional spi parameter when
>>     there is already a kid parameter, which serves the same purpose.
>>
>>     Here is the kid parameter in the JWE:
>>     http://tools.ietf.org/html/__**draft-ietf-jose-json-web-__**
>> encryption-08#section-4.1.10<http://tools.ietf.org/html/__draft-ietf-jose-json-web-__encryption-08#section-4.1.10>
>>
>>     <http://tools.ietf.org/html/**draft-ietf-jose-json-web-**
>> encryption-08#section-4.1.10<http://tools.ietf.org/html/draft-ietf-jose-json-web-encryption-08#section-4.1.10>
>> >
>>
>>     Here is the kid parameter in the JWS:
>>     http://tools.ietf.org/html/__**draft-ietf-jose-json-web-__**
>> signature-08#section-4.1.7<http://tools.ietf.org/html/__draft-ietf-jose-json-web-__signature-08#section-4.1.7>
>>
>>     <http://tools.ietf.org/html/**draft-ietf-jose-json-web-**
>> signature-08#section-4.1.7<http://tools.ietf.org/html/draft-ietf-jose-json-web-signature-08#section-4.1.7>
>> >
>>
>>     Ciao
>>     Hannes
>>
>>
>>     On 04/02/2013 06:58 PM, Jim Schaad wrote:
>>
>>         Richard,
>>
>>         There is not yet sufficient detail in this document for me to do a
>>         proper evaluation of how things are going to work.  Example
>>         questions
>>         that I have.
>>
>>         1. What headers are required and which can  be implicit – for
>>         example
>>         can the algorithm fields be implicit in the SPI?
>>
>>         2.Are the integrity value computed across the fully populated
>>         header or
>>         the SPI header?
>>
>>         3.Is there a way to forward a message from person A which knows
>>         the SPI
>>
>>         values and person B which does not?
>>
>>         4.What is the correct algorithm for determining the JWS vs JWE
>>         in the
>>
>>         event that all of the algorithms are implicit
>>
>>         5.What happens if you have implicit parameters and explicit
>>         parameters
>>
>>         and they do not match?
>>
>>         6.Is there a recommended way to determine what the SPI
>>         parameters are
>>
>>         going to be?  Does the application need to pre-parse the message
>>         to get
>>         the SPI value or is there a recommendation that some type of
>>         callback be
>>         included
>>
>>         7.Can you make things like the IV be implicit?  Thus agree on a
>>         starting
>>
>>         value and an increment and compute the new IV for each new message
>>
>>         8.If you are requiring that the values be populated by the
>>         application –
>>
>>         does this require that you have a canonical encoding of how
>>         those values
>>         are placed into the header for the purposes of the integrity
>> check?
>>
>>         Jim
>>
>>
>>
>>         ______________________________**___________________
>>         jose mailing list
>>         jose@ietf.org <mailto:jose@ietf.org>
>>         https://www.ietf.org/mailman/_**_listinfo/jose<https://www.ietf.org/mailman/__listinfo/jose>
>>         <https://www.ietf.org/mailman/**listinfo/jose<https://www.ietf.org/mailman/listinfo/jose>
>> >
>>
>>
>>     ______________________________**___________________
>>     jose mailing list
>>     jose@ietf.org <mailto:jose@ietf.org>
>>     https://www.ietf.org/mailman/_**_listinfo/jose<https://www.ietf.org/mailman/__listinfo/jose>
>>     <https://www.ietf.org/mailman/**listinfo/jose<https://www.ietf.org/mailman/listinfo/jose>
>> >
>>
>>
>>
>