Re: [jose] #23: Make crypto independent of binary encoding (base64)
Tim Bray <tbray@textuality.com> Wed, 12 June 2013 04:20 UTC
Return-Path: <tbray@textuality.com>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2017121F9BB4 for <jose@ietfa.amsl.com>; Tue, 11 Jun 2013 21:20:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.464
X-Spam-Level:
X-Spam-Status: No, score=0.464 tagged_above=-999 required=5 tests=[AWL=-0.893, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_DUL=0.877, RDNS_NONE=0.1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Qk1y4wDCMCJb for <jose@ietfa.amsl.com>; Tue, 11 Jun 2013 21:20:48 -0700 (PDT)
Received: from mail-vb0-x236.google.com (mail-vb0-x236.google.com [IPv6:2607:f8b0:400c:c02::236]) by ietfa.amsl.com (Postfix) with ESMTP id C823C21F9B9E for <jose@ietf.org>; Tue, 11 Jun 2013 21:20:47 -0700 (PDT)
Received: by mail-vb0-f54.google.com with SMTP id q12so2827613vbe.13 for <jose@ietf.org>; Tue, 11 Jun 2013 21:20:47 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:x-originating-ip:in-reply-to:references:date :message-id:subject:from:to:cc:content-type:x-gm-message-state; bh=ym5Gy/rxAqkdku2KLEtz9ektpfmC9FeB8ihi9WsTAlY=; b=mAOiPWIzz7CY3cJlo6c3nfZG7GZimkk36WeDtnWIA/VgtWzMopLwgVyIyHCYN5Wc9g /vq6dylw5JVdb8Wrda6t0qo23SMhsZCr7q3IAu/4eXxUB5TnepWP4jbPTT98+g9KH6h2 1dacWnG1wJ5ypANGaxfymOeenqJVx1hfsh73yNUpZxS0V9yPSl65j0wFWT9Mb5Z6JXaV O4YHCNOPNsBVqH7eOuWPOC1TgDYSou+ednG91wwUk83T1pPuJIBlRL7ApL9tqwpeb/eD xjjeW/rq/oaCPM09sAmW8IS9z6RecsQg/dhtiMzlG+ce0thftXntu8PHdSciuFlAxWkS gVrw==
MIME-Version: 1.0
X-Received: by 10.58.40.42 with SMTP id u10mr4388603vek.39.1371010846940; Tue, 11 Jun 2013 21:20:46 -0700 (PDT)
Received: by 10.220.25.199 with HTTP; Tue, 11 Jun 2013 21:20:46 -0700 (PDT)
X-Originating-IP: [24.84.235.32]
In-Reply-To: <049.69ffc5ebf959c6eac7990651822fadf9@trac.tools.ietf.org>
References: <049.69ffc5ebf959c6eac7990651822fadf9@trac.tools.ietf.org>
Date: Tue, 11 Jun 2013 21:20:46 -0700
Message-ID: <CAHBU6isGzV1ZM1xczwK3v-rcusDwv6LHkag3KwX2QH+UFWGzpQ@mail.gmail.com>
From: Tim Bray <tbray@textuality.com>
To: jose issue tracker <trac+jose@trac.tools.ietf.org>
Content-Type: multipart/alternative; boundary="089e0129420c83f47404deed5691"
X-Gm-Message-State: ALoCoQlAvNtlnSji+Lz+1IY1xGRp2XsF9nriaWahrZ3qTXpH8icxtEGgojrzdz7m8Ss0iCMn+ivC
Cc: Richard Barnes <rlb@ipv.sx>, draft-barnes-jose-use-cases@tools.ietf.org, jose <jose@ietf.org>
Subject: Re: [jose] #23: Make crypto independent of binary encoding (base64)
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/jose>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 12 Jun 2013 04:20:57 -0000
I haven’t been following this closely, but someone who uses JWTs (there are a lot of them out there) asked me “Wouldn’t this break all the existing JWT libraries and software deployed in production?” I’m not 100% sure, but it looks to me like the answer is yes. Since i observe empirically that JWTs work very well in production for federated login and many other applications, and offer a level of security that is acceptable to some of the most paranoid security organizations in the world, I think this proposal is not remotely close to being cost-effective. Forgive me if I’m wrong and this wouldn’t actually break JWTs. -T On Tue, Jun 11, 2013 at 10:58 AM, jose issue tracker < trac+jose@trac.tools.ietf.org> wrote: > #23: Make crypto independent of binary encoding (base64) > > The cryptographic operations that JOSE performs should not depend on the > transfer encoding used for binary components. The operations should work > directly on the encoded byte strings, not on the encoded form. > > This is already true for content, IV, ciphertext, encrypted key, and > authentication tag. The only thing that needs fixing is the protected > header value. That's a little tricky, since the protected header value is > JSON, which doesn't have a standard encoding. But it's not that onerous > just to convert it to UTF-8 -- in fact, senders are already required to > convert the protected header to UTF-8. > > So the only change is to require recipients to convert the protected > header to UTF-8 before using it. This can be accomplished with two minor > changes: > > <http://tools.ietf.org/html/draft-ietf-jose-json-web- > signature-11#section-5.2> > OLD: "The resulting JWS Protected Header MUST be a completely valid JSON > object conforming to RFC 4627 [RFC4627]." > NEW: "The resulting JWS Protected Header MUST be a completely valid JSON > object conforming to RFC 4627 [RFC4627]. If the JWE Protected Header is > valid, convert it to the UTF-8 encoding. Otherwise, reject the JWE." > > <http://tools.ietf.org/html/draft-ietf-jose-json-web- > encryption-11#section-5.2> > OLD: "The resulting JWE Protected Header MUST be a completely valid JSON > object conforming to RFC 4627 [RFC4627]." > NEW: "The resulting JWE Protected Header MUST be a completely valid JSON > object conforming to RFC 4627 [RFC4627]. If the JWE Protected Header is > valid, convert it to the UTF-8 encoding. Otherwise, reject the JWE." > > -- > -------------------------------------+------------------------------------- > Reporter: rlb@ipv.sx | Owner: draft-barnes-jose-use- > Type: defect | cases@tools.ietf.org > Priority: major | Status: new > Component: draft-barnes-jose-use- | Milestone: > cases | Version: > Severity: - | Keywords: > -------------------------------------+------------------------------------- > > Ticket URL: <http://trac.tools.ietf.org/wg/jose/trac/ticket/23> > jose <http://tools.ietf.org/jose/> > > _______________________________________________ > jose mailing list > jose@ietf.org > https://www.ietf.org/mailman/listinfo/jose >
- [jose] #23: Make crypto independent of binary enc… jose issue tracker
- Re: [jose] #23: Make crypto independent of binary… jose issue tracker
- Re: [jose] #23: Make crypto independent of binary… jose issue tracker
- Re: [jose] #23: Make crypto independent of binary… Dick Hardt
- Re: [jose] #23: Make crypto independent of binary… Tim Bray
- Re: [jose] #23: Make crypto independent of binary… John Bradley
- Re: [jose] #23: Make crypto independent of binary… Roland Hedberg
- Re: [jose] #23: Make crypto independent of binary… Justin Richer
- Re: [jose] #23: Make crypto independent of binary… Matt Miller (mamille2)
- Re: [jose] #23: Make crypto independent of binary… Richard Barnes
- Re: [jose] #23: Make crypto independent of binary… Breno de Medeiros
- Re: [jose] #23: Make crypto independent of binary… Mike Jones
- Re: [jose] #23: Make crypto independent of binary… Tim Bray
- Re: [jose] #23: Make crypto independent of binary… Dick Hardt
- Re: [jose] #23: Make crypto independent of binary… Richard Barnes
- Re: [jose] #23: Make crypto independent of binary… Dick Hardt
- Re: [jose] #23: Make crypto independent of binary… John Bradley
- Re: [jose] #23: Make crypto independent of binary… Naveen Agarwal
- Re: [jose] #23: Make crypto independent of binary… Phillip Hallam-Baker
- Re: [jose] #23: Make crypto independent of binary… Ludwig Seitz
- Re: [jose] #23: Make crypto independent of binary… John Bradley
- Re: [jose] #23: Make crypto independent of binary… Brian Campbell
- Re: [jose] #23: Make crypto independent of binary… Mike Jones
- Re: [jose] #23: Make crypto independent of binary… George Fletcher
- Re: [jose] #23: Make crypto independent of binary… jose issue tracker