[jose] Signing and encryption order JWS / JWE security consideration

"Vladimir Dzhuvinov" <vladimir@connect2id.com> Mon, 15 September 2014 08:42 UTC

Return-Path: <vladimir@connect2id.com>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com []) by ietfa.amsl.com (Postfix) with ESMTP id 0B5461A027C for <jose@ietfa.amsl.com>; Mon, 15 Sep 2014 01:42:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.8
X-Spam-Status: No, score=0.8 tagged_above=-999 required=5 tests=[BAYES_50=0.8, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=ham
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id RpQGYl9nVYSI for <jose@ietfa.amsl.com>; Mon, 15 Sep 2014 01:42:46 -0700 (PDT)
Received: from n1plwbeout07-04.prod.ams1.secureserver.net (n1plsmtp07-04-02.prod.ams1.secureserver.net []) by ietfa.amsl.com (Postfix) with ESMTP id 463061A01E1 for <jose@ietf.org>; Mon, 15 Sep 2014 01:42:46 -0700 (PDT)
Received: from localhost ([]) by n1plwbeout07-04.prod.ams1.secureserver.net with bizsmtp id rLii1o0015JjJNs01LiiXf; Mon, 15 Sep 2014 01:42:42 -0700
X-SID: rLii1o0015JjJNs01
Received: (qmail 28829 invoked by uid 99); 15 Sep 2014 08:42:42 -0000
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"
User-Agent: Workspace Webmail 5.7.2
Message-Id: <20140915014241.3c376e9e86469f12ae2f88da05bfa671.802e7181b1.wbe@email07.europe.secureserver.net>
From: Vladimir Dzhuvinov <vladimir@connect2id.com>
To: jose@ietf.org
Date: Mon, 15 Sep 2014 01:42:41 -0700
Mime-Version: 1.0
Archived-At: http://mailarchive.ietf.org/arch/msg/jose/WFA2oY98KatSOMkiEPXQzg4zmw4
Subject: [jose] Signing and encryption order JWS / JWE security consideration
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/jose/>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 15 Sep 2014 08:42:48 -0000

Hi guys,

I recently found out there are users of the Nimbus JOSE+JWT library who
occasionally nest JWS/JWE objects in the wrong order, thinking they are

Interestingly, so far this was only observed with developers of non-JWT
apps. I suggest the JWS and JWE specs get a section in the security
considerations similar to JWT's