Re: [jose] JWK defining format for OpenPGP type of keys
"Stefan Berger" <stefanb@us.ibm.com> Wed, 12 September 2018 18:55 UTC
Return-Path: <stefanb@us.ibm.com>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4C632130EAA for <jose@ietfa.amsl.com>; Wed, 12 Sep 2018 11:55:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=unavailable autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8xODhw_sZQho for <jose@ietfa.amsl.com>; Wed, 12 Sep 2018 11:55:23 -0700 (PDT)
Received: from mx0a-001b2d01.pphosted.com (mx0b-001b2d01.pphosted.com [148.163.158.5]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 36386130EA8 for <jose@ietf.org>; Wed, 12 Sep 2018 11:55:23 -0700 (PDT)
Received: from pps.filterd (m0098414.ppops.net [127.0.0.1]) by mx0b-001b2d01.pphosted.com (8.16.0.22/8.16.0.22) with SMTP id w8CIsW74064756 for <jose@ietf.org>; Wed, 12 Sep 2018 14:55:22 -0400
Received: from smtp.notes.na.collabserv.com (smtp.notes.na.collabserv.com [192.155.248.90]) by mx0b-001b2d01.pphosted.com with ESMTP id 2mf68edmkt-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for <jose@ietf.org>; Wed, 12 Sep 2018 14:55:22 -0400
Received: from localhost by smtp.notes.na.collabserv.com with smtp.notes.na.collabserv.com ESMTP for <jose@ietf.org> from <stefanb@us.ibm.com>; Wed, 12 Sep 2018 18:55:21 -0000
Received: from us1a3-smtp05.a3.dal06.isc4sb.com (10.146.71.159) by smtp.notes.na.collabserv.com (10.106.227.141) with smtp.notes.na.collabserv.com ESMTP; Wed, 12 Sep 2018 18:55:17 -0000
Received: from us1a3-mail155.a3.dal06.isc4sb.com ([10.146.38.88]) by us1a3-smtp05.a3.dal06.isc4sb.com with ESMTP id 2018091218551693-980293 ; Wed, 12 Sep 2018 18:55:16 +0000
In-Reply-To: <4074c5ca-c11d-4002-8e19-0f8520e8346e@connect2id.com>
To: Vladimir Dzhuvinov <vladimir@connect2id.com>
Cc: jose@ietf.org, jose <jose-bounces@ietf.org>
From: Stefan Berger <stefanb@us.ibm.com>
Date: Wed, 12 Sep 2018 14:55:23 -0400
References: <OFE886919E.A2DD2B80-ON00258306.005E64A7-00258306.005E7508@notes.na.collabserv.com> <4074c5ca-c11d-4002-8e19-0f8520e8346e@connect2id.com>
X-KeepSent: B7C5B789:54572A84-00258306:0066A370; type=4; name=$KeepSent
X-Mailer: IBM Notes Release 9.0.1FP10 SHF68 March 06, 2018
X-LLNOutbound: False
X-Disclaimed: 4955
X-TNEFEvaluated: 1
x-cbid: 18091218-9717-0000-0000-000009263A04
X-IBM-SpamModules-Scores: BY=0.26831; FL=0; FP=0; FZ=0; HX=0; KW=0; PH=0; SC=0.415652; ST=0; TS=0; UL=0; ISC=; MB=0.002901
X-IBM-SpamModules-Versions: BY=3.00009709; HX=3.00000242; KW=3.00000007; PH=3.00000004; SC=3.00000266; SDB=6.01087354; UDB=6.00561478; IPR=6.00867367; BA=6.00006098; NDR=6.00000001; ZLA=6.00000005; ZF=6.00000009; ZB=6.00000000; ZP=6.00000000; ZH=6.00000000; ZU=6.00000002; MB=3.00023256; XFM=3.00000015; UTC=2018-09-12 18:55:21
X-IBM-AV-DETECTION: SAVI=unsuspicious REMOTE=unsuspicious XFE=unused
X-IBM-AV-VERSION: SAVI=2018-09-12 14:57:27 - 6.00008957
x-cbparentid: 18091218-9718-0000-0000-0000FA3C5BF0
Message-Id: <OFB7C5B789.54572A84-ON00258306.0066A370-85258306.0067F2E2@notes.na.collabserv.com>
Content-type: multipart/alternative; boundary="0__=8FBB0995DFF525E08f9e8a93df938690918c8FBB0995DFF525E0"
Content-Disposition: inline
MIME-Version: 1.0
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:, , definitions=2018-09-12_10:, , signatures=0
X-Proofpoint-Spam-Reason: safe
Archived-At: <https://mailarchive.ietf.org/arch/msg/jose/PziOxQf6vJwzZXGSTTHvx-wuq4U>
Subject: Re: [jose] JWK defining format for OpenPGP type of keys
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/jose/>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 12 Sep 2018 18:55:27 -0000
"jose" <jose-bounces@ietf.org> wrote on 09/12/2018 02:37:45 PM: > > Hello Stefan, > The JWK format is a template / extensible, so what you suggest will > technically work. You just need to spec the required / optional > parameters for the key type. Right. And find all they ways a PGP key can be represented. I'll make this dependent on the requirements of a project I am working on, though. > > How would PGP benefit from a JWK format? It's not PGP benefitting from the JWK format, it's more JWE benefiting from it. OpenPGP is just be an example. Basically I would see JWK be *the* key format for all kinds of software and hardware (device) keys which would be capable of doing key unwrapping for JWE. So in the JWE one would encounter in the recipients part a list of JWK's, each one describing which type of device can do the key unwrapping along with some other metadata. Hardware devices could for example be TPMs, smartcards, and hardware security modules. Based on what device it is, a JWE implementation would invoke the driver for the unwrapping of a key and feed necessary parameters to it, such as for example URLs under which a device can be reached, or some persistent label that is to be used to do an operation with the key. There could be lots of vendor specific JWK descriptions along with drivers. The point is that JWK can carry all the metadata for the decryption process while I would say current key formats do not carry that along. Stefan > > Vladimir > On 12/09/18 20:11, Stefan Berger wrote: > Hello! > > I was wondering whether it would be possible to define a JWK format > for OpenPGP > (RFC 4480, https://tools.ietf.org/html/rfc4880) type of keys. > > In particular I would be interested in a JWK representation of > OpenPGP type of > keys representing an asymmetric key to which a session key was encrypted to. > This is following section "5.1. Public-Key Encrypted Session Key > Packets (Tag > 1)" (https://tools.ietf.org/html/rfc4880#page-17). In JWK format > this could look > like this: > > { > "kty": "OpenPGP" > "kid": "0x1234567890abcdef", > "ver": 3, > } > > Other representations of OpenPGP types of keys are those typical for > public and > private keys, though it's not clear whether RSA for example then > should be some > form of subtype of PGP. > > Regards, > Stefan Berger > > > _______________________________________________ > jose mailing list > jose@ietf.org > https://www.ietf.org/mailman/listinfo/jose > [attachment "smime.p7s" deleted by Stefan Berger/Watson/IBM] > _______________________________________________ > jose mailing list > jose@ietf.org > https://www.ietf.org/mailman/listinfo/jose
- [jose] JWK defining format for OpenPGP type of ke… Stefan Berger
- Re: [jose] JWK defining format for OpenPGP type o… Vladimir Dzhuvinov
- Re: [jose] JWK defining format for OpenPGP type o… Stefan Berger
- Re: [jose] JWK defining format for OpenPGP type o… Jim Schaad