IETF Logo Mail Archive

Re: [jose] Signature algorithm "none"

Mike Jones <Michael.Jones@microsoft.com> Wed, 31 July 2013 12:48 UTC

Return-Path: <Michael.Jones@microsoft.com>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 55B7911E8176 for <jose@ietfa.amsl.com>; Wed, 31 Jul 2013 05:48:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.565
X-Spam-Level:
X-Spam-Status: No, score=-3.565 tagged_above=-999 required=5 tests=[AWL=0.033, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QVU9aKLpXdDR for <jose@ietfa.amsl.com>; Wed, 31 Jul 2013 05:48:47 -0700 (PDT)
Received: from am1outboundpool.messaging.microsoft.com (am1ehsobe005.messaging.microsoft.com [213.199.154.208]) by ietfa.amsl.com (Postfix) with ESMTP id 1B57C11E8171 for <jose@ietf.org>; Wed, 31 Jul 2013 05:48:46 -0700 (PDT)
Received: from mail70-am1-R.bigfish.com (10.3.201.246) by AM1EHSOBE014.bigfish.com (10.3.207.136) with Microsoft SMTP Server id 14.1.225.22; Wed, 31 Jul 2013 12:48:45 +0000
Received: from mail70-am1 (localhost [127.0.0.1]) by mail70-am1-R.bigfish.com (Postfix) with ESMTP id E7AD02C00E2; Wed, 31 Jul 2013 12:48:44 +0000 (UTC)
X-Forefront-Antispam-Report: CIP:131.107.125.8; KIP:(null); UIP:(null); IPV:NLI; H:TK5EX14MLTC102.redmond.corp.microsoft.com; RD:autodiscover.service.exchange.microsoft.com; EFVD:NLI
X-SpamScore: -21
X-BigFish: VS-21(zz9371Ic85fhzz1f42h208ch1ee6h1de0h1fdah2073h1202h1e76h1d1ah1d2ah1fc6hzz1d7338h1de098h1033IL17326ah18c673h1de096h8275bh8275dh1de097hz2fh2a8h668h839hd25hf0ah1288h12a5h12bdh137ah1441h1504h1537h153bh15d0h162dh1631h1758h18e1h1946h19b5h19ceh1b0ah1bceh1d0ch1d2eh1d3fh1dfeh1dffh1e1dh1155h)
Received-SPF: pass (mail70-am1: domain of microsoft.com designates 131.107.125.8 as permitted sender) client-ip=131.107.125.8; envelope-from=Michael.Jones@microsoft.com; helo=TK5EX14MLTC102.redmond.corp.microsoft.com ; icrosoft.com ;
Received: from mail70-am1 (localhost.localdomain [127.0.0.1]) by mail70-am1 (MessageSwitch) id 1375274922544217_24084; Wed, 31 Jul 2013 12:48:42 +0000 (UTC)
Received: from AM1EHSMHS012.bigfish.com (unknown [10.3.201.227]) by mail70-am1.bigfish.com (Postfix) with ESMTP id 8052160041; Wed, 31 Jul 2013 12:48:42 +0000 (UTC)
Received: from TK5EX14MLTC102.redmond.corp.microsoft.com (131.107.125.8) by AM1EHSMHS012.bigfish.com (10.3.207.112) with Microsoft SMTP Server (TLS) id 14.16.227.3; Wed, 31 Jul 2013 12:48:41 +0000
Received: from TK5EX14MBXC284.redmond.corp.microsoft.com ([169.254.1.38]) by TK5EX14MLTC102.redmond.corp.microsoft.com ([157.54.79.180]) with mapi id 14.03.0136.001; Wed, 31 Jul 2013 12:48:14 +0000
From: Mike Jones <Michael.Jones@microsoft.com>
To: Richard Barnes <rlb@ipv.sx>, "jose@ietf.org" <jose@ietf.org>
Thread-Topic: [jose] Signature algorithm "none"
Thread-Index: AQHOjewCRmxia5sVykulK439HA4iNZl+vFPQ
Date: Wed, 31 Jul 2013 12:48:12 +0000
Message-ID: <4E1F6AAD24975D4BA5B16804296739436B734340@TK5EX14MBXC284.redmond.corp.microsoft.com>
References: <CAL02cgQUmNqq62S553muLz3L8Xk9tT1W_jR7j3fHXEhH4wvoVA@mail.gmail.com>
In-Reply-To: <CAL02cgQUmNqq62S553muLz3L8Xk9tT1W_jR7j3fHXEhH4wvoVA@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [157.54.51.35]
Content-Type: multipart/alternative; boundary="_000_4E1F6AAD24975D4BA5B16804296739436B734340TK5EX14MBXC284r_"
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
X-FOPE-CONNECTOR: Id%0$Dn%*$RO%0$TLS%0$FQDN%$TlsDn%
Subject: Re: [jose] Signature algorithm "none"
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/jose>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 31 Jul 2013 12:48:54 -0000

It's optional to sign lots of content.  For instance, OpenID Connect requests can be signed or unsigned, depending upon the security properties desired.  "alg":"none" is used for such unsigned requests.

                                                            -- Mike

From: jose-bounces@ietf.org [mailto:jose-bounces@ietf.org] On Behalf Of Richard Barnes
Sent: Wednesday, July 31, 2013 5:46 AM
To: jose@ietf.org
Subject: [jose] Signature algorithm "none"

What's the use case for this?  Can we delete it?

v2.23.0 | Report a Bug | By Email