[jose] Signing and encryption order JWS / JWE security consideration
"Vladimir Dzhuvinov" <vladimir@connect2id.com> Mon, 15 September 2014 08:42 UTC
Return-Path: <vladimir@connect2id.com>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0B5461A027C for <jose@ietfa.amsl.com>; Mon, 15 Sep 2014 01:42:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.8
X-Spam-Level:
X-Spam-Status: No, score=0.8 tagged_above=-999 required=5 tests=[BAYES_50=0.8, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RpQGYl9nVYSI for <jose@ietfa.amsl.com>; Mon, 15 Sep 2014 01:42:46 -0700 (PDT)
Received: from n1plwbeout07-04.prod.ams1.secureserver.net (n1plsmtp07-04-02.prod.ams1.secureserver.net [188.121.52.8]) by ietfa.amsl.com (Postfix) with ESMTP id 463061A01E1 for <jose@ietf.org>; Mon, 15 Sep 2014 01:42:46 -0700 (PDT)
Received: from localhost ([188.121.52.246]) by n1plwbeout07-04.prod.ams1.secureserver.net with bizsmtp id rLii1o0015JjJNs01LiiXf; Mon, 15 Sep 2014 01:42:42 -0700
X-SID: rLii1o0015JjJNs01
Received: (qmail 28829 invoked by uid 99); 15 Sep 2014 08:42:42 -0000
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"
X-Originating-IP: 77.77.164.12
User-Agent: Workspace Webmail 5.7.2
Message-Id: <20140915014241.3c376e9e86469f12ae2f88da05bfa671.802e7181b1.wbe@email07.europe.secureserver.net>
From: Vladimir Dzhuvinov <vladimir@connect2id.com>
To: jose@ietf.org
Date: Mon, 15 Sep 2014 01:42:41 -0700
Mime-Version: 1.0
Archived-At: http://mailarchive.ietf.org/arch/msg/jose/WFA2oY98KatSOMkiEPXQzg4zmw4
Subject: [jose] Signing and encryption order JWS / JWE security consideration
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/jose/>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 15 Sep 2014 08:42:48 -0000
Hi guys, I recently found out there are users of the Nimbus JOSE+JWT library who occasionally nest JWS/JWE objects in the wrong order, thinking they are equivalent. Interestingly, so far this was only observed with developers of non-JWT apps. I suggest the JWS and JWE specs get a section in the security considerations similar to JWT's http://tools.ietf.org/html/draft-ietf-oauth-json-web-token-25#section-11.2 Cheers, Vladimir
- [jose] Signing and encryption order JWS / JWE sec… Vladimir Dzhuvinov