Re: [jose] Proposed resolution of header criticality issue
Tim Bray <tbray@textuality.com> Tue, 12 March 2013 01:42 UTC
Return-Path: <tbray@textuality.com>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 16F0B21F8935 for <jose@ietfa.amsl.com>; Mon, 11 Mar 2013 18:42:39 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.976
X-Spam-Level:
X-Spam-Status: No, score=-1.976 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Jr98aej6eqp5 for <jose@ietfa.amsl.com>; Mon, 11 Mar 2013 18:42:38 -0700 (PDT)
Received: from mail-la0-x232.google.com (mail-la0-x232.google.com [IPv6:2a00:1450:4010:c03::232]) by ietfa.amsl.com (Postfix) with ESMTP id AD9AA21F88EF for <jose@ietf.org>; Mon, 11 Mar 2013 18:42:37 -0700 (PDT)
Received: by mail-la0-f50.google.com with SMTP id ec20so4637628lab.37 for <jose@ietf.org>; Mon, 11 Mar 2013 18:42:36 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:x-received:x-originating-ip:in-reply-to:references :date:message-id:subject:from:to:cc:content-type:x-gm-message-state; bh=q06PoW06gSd7v0rLKx9KdX+mmaaPCQBgqE+84AFXkQc=; b=R7rzLkx7JxFlpuqX5qco3lymiL/NYw5FaojBdXNfg3+ez5V8EdU2pwT/JnQsOrCLzJ AcRwcPdXUtcgd6yRalHq6tiovGlnEogTs6DfCpEuVuSzReokm1OvDuDGcEye/MBMxVqy Muf9foXH7O1er9uMrLK5EsyNnOO4cU4qhwaGTp/feQcg3A9M+SYJF33GUlVjUA69j0EZ /Y4nHebS6Qr7eOl8hrI3+2qMH7wSdUFmOTNDQQcJXwsBAr/5sfJ7yCbdj+I7SwN5NZQn Ab4NOGG2mrb5pz+RtRYrRErEahm5IOZ4fPuYV6nxv2/r+3fTmQ3c75rwv6mXSwuJvqJy l7ZA==
MIME-Version: 1.0
X-Received: by 10.152.110.6 with SMTP id hw6mr12227436lab.43.1363052556526; Mon, 11 Mar 2013 18:42:36 -0700 (PDT)
Received: by 10.114.37.228 with HTTP; Mon, 11 Mar 2013 18:42:36 -0700 (PDT)
X-Originating-IP: [172.26.50.12]
In-Reply-To: <513E774C.6090605@isoc.org>
References: <513E6A73.1090403@isoc.org> <513E774C.6090605@isoc.org>
Date: Mon, 11 Mar 2013 18:42:36 -0700
Message-ID: <CAHBU6ivLV+D3g-gLgBNXkkj3cSPLXkh1KXcN83ewR0Hd6a4YtA@mail.gmail.com>
From: Tim Bray <tbray@textuality.com>
To: Karen ODonoghue <odonoghue@isoc.org>
Content-Type: multipart/alternative; boundary="bcaec54b48d071445804d7b06703"
X-Gm-Message-State: ALoCoQniJzAl/RvxhRH1EgQu/bHYn8uQnGFU5BLFOEO9f/8pmSNX1ii+QLMez8Fxhje4rKYQ2pkS
Cc: jose <jose@ietf.org>
Subject: Re: [jose] Proposed resolution of header criticality issue
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/jose>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 12 Mar 2013 01:42:39 -0000
Cue wild cheers from the peanut gallery where non-cryptographers sit. MustIgnore is infinitely more robust and open-ended than MustUnderstand. -T On Mon, Mar 11, 2013 at 5:31 PM, Karen O'Donoghue <odonoghue@isoc.org>wrote: > > Folks, > > A side meeting was held Sunday with a number of jose working group > participants to try to resolve the open issue related to header > criticality. The following are the proposed resolutions from the meeting. > Point 5 of the proposed resolution below is actually independent of the > other 4 points, and could be considered separately. This will all be > discussed in Wednesday's meeting. > > In addition to the text below, there was some agreement to replace the > "understand" text with something a bit more explicit like "must process". > However, that text has not been rolled into the summary text below yet. > > Thank you to Jim Schaad, Mike Jones, John Bradley, Nat Sakimura, Martin > Thomas, Eric Rescorla, Matt Miller, and Richard Barnes for your efforts > (and my apologies if I missed someone). > > Regards, > Karen > > 1: Change the language “Additional members MAY be present in the JWK. If > present, they MUST be understood by implementations using them.” to > “Additional members MAY be present in the JWK. If not understood by > implementations encountering them, they MUST be ignored.” (And make the > same change for JWK Set as well.)******** > > 2: Characterize all existing JWS and JWE header fields as either must be > understood or may be ignored. “alg”, “enc”, and “zip” must be understood. > “kid”, “x5u”, “x5c”, “x5t”, “jwk”, “jku”, “typ”, and “cty” can be ignored > because while not using them may result in the inability to process some > signatures or encrypted content, this will not result in a security > violation – just degraded functionality. Other fields such as “epk”, > “apu”, “apv”, “epu”, and “epv” must be understood and used when “alg” or > “enc” values requiring them are used, and otherwise they may be ignored.** > ** > **** > 3. Define a new header field that lists which additional fields not > defined in the base specifications must be understood and acted upon when > present. For instance, an expiration-time extension field could be marked > as must-be-understood-and-acted-upon. One possible name for this would be > “crit” (critical). An example use, along with a hypothetical “exp” > (expiration-time) field is:**** > > {"alg":"ES256",**** > "crit":["exp"],**** > "exp”:1363284000**** > }**** > **** > 4. All additional header fields not defined in the base specifications > and not contained in the “crit” list MUST be ignored if not understood.*** > ***** > > 5. Define a new header field “asd” (application-specific data) whose > value is a JSON structure whose contents are opaque to and ignored by JWS > and JWE implementations but for which its contents MUST be provided to > applications using JWS or JWE, provided that the signature/MAC validation > or decryption operation succeeds. The intended use of this field is to > have a standard place to provide application-specific metadata about the > payload or plaintext.**** > **** > > > > _______________________________________________ > jose mailing list > jose@ietf.org > https://www.ietf.org/mailman/listinfo/jose > >
- [jose] Proposed resolution of header criticality … Karen O'Donoghue
- Re: [jose] Proposed resolution of header critical… Tim Bray
- Re: [jose] Proposed resolution of header critical… Manger, James H
- Re: [jose] Proposed resolution of header critical… John Bradley
- Re: [jose] Proposed resolution of header critical… Richard Barnes
- Re: [jose] Proposed resolution of header critical… Dick Hardt
- Re: [jose] Proposed resolution of header critical… Manger, James H
- Re: [jose] Proposed resolution of header critical… Dick Hardt
- Re: [jose] Proposed resolution of header critical… Vladimir Dzhuvinov / NimbusDS
- Re: [jose] Proposed resolution of header critical… Dirkjan Ochtman
- Re: [jose] Proposed resolution of header critical… Richard Barnes
- Re: [jose] Proposed resolution of header critical… Manger, James H
- Re: [jose] Proposed resolution of header critical… Vladimir Dzhuvinov / NimbusDS
- Re: [jose] Proposed resolution of header critical… Richard Barnes
- Re: [jose] Proposed resolution of header critical… Mike Jones
- Re: [jose] Proposed resolution of header critical… Mike Jones
- Re: [jose] Proposed resolution of header critical… Brian Campbell
- Re: [jose] Proposed resolution of header critical… John Bradley
- Re: [jose] Proposed resolution of header critical… Richard Barnes
- Re: [jose] Proposed resolution of header critical… Richard Barnes
- Re: [jose] Proposed resolution of header critical… Matt Miller (mamille2)
- Re: [jose] Proposed resolution of header critical… Jim Schaad
- Re: [jose] Proposed resolution of header critical… Richard Barnes
- Re: [jose] Proposed resolution of header critical… Anthony Nadalin
- Re: [jose] Proposed resolution of header critical… Mike Jones
- Re: [jose] Proposed resolution of header critical… Anthony Nadalin
- Re: [jose] Proposed resolution of header critical… Dick Hardt
- Re: [jose] Proposed resolution of header critical… Richard Barnes
- Re: [jose] Proposed resolution of header critical… Dick Hardt
- Re: [jose] Proposed resolution of header critical… John Bradley
- Re: [jose] Proposed resolution of header critical… Dick Hardt
- Re: [jose] Proposed resolution of header critical… John Bradley
- Re: [jose] Proposed resolution of header critical… Dick Hardt
- Re: [jose] Proposed resolution of header critical… Brian Campbell
- [jose] "crit" strings don't have to be field names Manger, James H
- Re: [jose] "crit" strings don't have to be field … Richard Barnes
- Re: [jose] "crit" strings don't have to be field … Manger, James H
- Re: [jose] "crit" strings don't have to be field … Manger, James H
- Re: [jose] Proposed resolution of header critical… Jim Schaad
- Re: [jose] Proposed resolution of header critical… Richard Barnes
- Re: [jose] Proposed resolution of header critical… John Bradley