Re: [jose] Proposal about the SPI proposal
Richard Barnes <rlb@ipv.sx> Wed, 27 February 2013 18:50 UTC
Return-Path: <rlb@ipv.sx>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8F93421F8A55 for <jose@ietfa.amsl.com>; Wed, 27 Feb 2013 10:50:07 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.734
X-Spam-Level:
X-Spam-Status: No, score=-2.734 tagged_above=-999 required=5 tests=[AWL=0.242, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2eZ8ii9XD9dS for <jose@ietfa.amsl.com>; Wed, 27 Feb 2013 10:50:04 -0800 (PST)
Received: from mail-oa0-f46.google.com (mail-oa0-f46.google.com [209.85.219.46]) by ietfa.amsl.com (Postfix) with ESMTP id 637B321F8A52 for <jose@ietf.org>; Wed, 27 Feb 2013 10:50:04 -0800 (PST)
Received: by mail-oa0-f46.google.com with SMTP id k1so1894066oag.5 for <jose@ietf.org>; Wed, 27 Feb 2013 10:50:04 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:x-received:x-originating-ip:in-reply-to:references :date:message-id:subject:from:to:cc:content-type:x-gm-message-state; bh=KoWLdcxt1mgApFOSXqVqlic3AAzaLQ/SxFL88tdkUhE=; b=E1VUqpaC6AHxYd2cHcoPrpWATg03djmWcz/Hw6YiYEKq+hnuEIAKWaMCQklKoWx2xX ZWyYdWNCTb+/QVRPZ/PoKVq+93MFXyjdUpazQotGRms4eG5L2k8gs95CTqWOYqlFHSgV 9wlBXd8BTY21JEayBdNJ2Vpv6OQTQBPe4H8sPx95Q9dakl4FmkK2zBm/RM03Hl7EPmaE 3QciygUcVavVUN93JDzWZIFvFWiQaCZOuy3kxG1f6J89M4a+ou0HOJCqF53JRbPeGFzY ZI8lQI2/nhyzwLnnUgd1KXyXNOaCLMoBjGVJ1UakwF3lzp7yIhxU4bx7oH67R2DD38MR TzjA==
MIME-Version: 1.0
X-Received: by 10.182.202.73 with SMTP id kg9mr3191870obc.95.1361991003886; Wed, 27 Feb 2013 10:50:03 -0800 (PST)
Received: by 10.60.60.98 with HTTP; Wed, 27 Feb 2013 10:50:03 -0800 (PST)
X-Originating-IP: [192.1.51.63]
In-Reply-To: <4E1F6AAD24975D4BA5B16804296739436747B244@TK5EX14MBXC284.redmond.corp.microsoft.com>
References: <CA+k3eCTo_=P_SQCG_ypiksVb-bfjuJ4Q9vt4r10wpuKPbFUWBg@mail.gmail.com> <1360628984.83146.YahooMailRC@web184403.mail.bf1.yahoo.com> <CABzCy2D9MVw2WTZCFn9PaQ8Mw1e2=Abguf2Q2QzuFshqJqUtZQ@mail.gmail.com> <CAL02cgRQ9nWwpUgLbx1yE_dj=kg9-L-+cJS6std53-W9Ac_CaQ@mail.gmail.com> <4E1F6AAD24975D4BA5B16804296739436747B244@TK5EX14MBXC284.redmond.corp.microsoft.com>
Date: Wed, 27 Feb 2013 13:50:03 -0500
Message-ID: <CAL02cgS63UrQVvKXi46Xk3yuba84izZA=TY6OWjEdqtfaqb06A@mail.gmail.com>
From: Richard Barnes <rlb@ipv.sx>
To: Mike Jones <Michael.Jones@microsoft.com>
Content-Type: multipart/alternative; boundary="e89a8f6436fcf9bffc04d6b93d33"
X-Gm-Message-State: ALoCoQlLT7oVngRAZLCdM56jr2TXBzumVh4hkxyp61GYKjrzCE4M6LZmMfMH8yMzsBDV81zGpYH1
Cc: Brian Campbell <bcampbell@pingidentity.com>, Nat Sakimura <sakimura@gmail.com>, "jose@ietf.org" <jose@ietf.org>, Edmund Jay <ejay@mgi1.com>
Subject: Re: [jose] Proposal about the SPI proposal
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/jose>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 27 Feb 2013 18:50:07 -0000
Ah, sorry I never got around to those. Responses inline. - What are the security implications of repeatedly reusing the same CMK > and IV and how can/should they be mitigated? > Good point. Re-using IVs is a terrible idea. SPI should represent some set of pre-negotiated parameters, where the set of parameters that are pre-set is part of the pre-negotiation. So one application might pre-negotiate algorithms, but pass keys in-band, but another might pre-negotiate algorithms and keys. (You could even envision agreeing on an IV generation procedure...) > **** > > - Is having the absence of an “alg” field, paired with the presence of > an “spi” field the best way to handle this? > "alg" is an indicator of key wrapping technique. So if this is one of the pre-negotiated parameters, then it should be absent. > **** > > - What are the complexity implications of having JWEs no longer contain > a fixed set of field? > Very little. SPI would add a little pre-processing to populate the missing fields in a JWE/JWS > **** > > - Would JWSs similarly have a different number of fields? > Yes. > **** > > - Indeed, is the proposal even applicable in the JWS case, or does it > only make sense for JWEs? > There's less of a need for JWS. You could say SPI "1234" indicates that I'm signing under a given 4096-bit RSA key, saving yourself hundreds of octets. So it would be like "jku", with fewer octets and without the implication that you could go fetch it over the Internet. > **** > > - What are the motivating use cases for this functionality? > As I said before, cases where there's some out-of-band mechanism to pre-negotiate certain parameters. For example, the OpenID Connect discovery process. < http://openid.net/specs/openid-connect-discovery-1_0.html#ProviderConfigurationRequest > > **** > > - What syntax would be used for the “spi” parameter? Unrestricted > Unicode strings? Base64url-encoded byte strings? UUIDs? … > Doesn't really matter. Make it the same as "kid" (i.e., string); they're both opaque identifiers. > **** > > ** ** > > I don’t think a number of them have been answered.**** > > ** ** > > Thanks,**** > > -- Mike**** > > ** ** > > *From:* jose-bounces@ietf.org [mailto:jose-bounces@ietf.org] *On Behalf > Of *Richard Barnes > *Sent:* Wednesday, February 20, 2013 10:04 AM > *To:* Nat Sakimura > *Cc:* Brian Campbell; jose@ietf.org; Edmund Jay > *Subject:* Re: [jose] Proposal about the SPI proposal**** > > ** ** > > Obviously, this will not be in a -00 draft for Orlando. So discussion > should continue based on the text proposed to the list.**** > > ** ** > > Does anyone have further technical comments?**** > > ** ** > > --Richard**** > > ** ** > > On Wed, Feb 20, 2013 at 11:25 AM, Nat Sakimura <sakimura@gmail.com> wrote: > **** > > ditto. **** > > 2013/2/11 Edmund Jay <ejay@mgi1.com>**** > > +1 for new I-D. > > **** > > ** ** > ------------------------------ > > *From:* Brian Campbell <bcampbell@pingidentity.com> > *To:* "jose@ietf.org" <jose@ietf.org> > *Sent:* Fri, February 8, 2013 3:01:51 PM > *Subject:* [jose] Proposal about the SPI proposal**** > > ** ** > > Maybe this was apparent from my comments/questions on the SPI proposal > over the last couple days[1] but I have concerns that run the gamut from > operational complexity and fragility to security problems. I believe > strongly that, without considerably more analysis and specification detail, > the current SPI work is much too risky to consider go in the current base > JOSE WG drafts.**** > > As an alternative I'd like to request/propose that the SPI stuff be > submitted as new I-D to help facilitate that additional discussion and > analysis that I think it needs.**** > > ** ** > > Thanks, > Brian**** > > > [1] http://www.ietf.org/mail-archive/web/jose/current/msg01500.html**** > > ** ** > > _______________________________________________ > jose mailing list > jose@ietf.org > https://www.ietf.org/mailman/listinfo/jose**** > > > > **** > > ** ** > > -- > Nat Sakimura (=nat)**** > > Chairman, OpenID Foundation > http://nat.sakimura.org/ > @_nat_en**** > > > _______________________________________________ > jose mailing list > jose@ietf.org > https://www.ietf.org/mailman/listinfo/jose**** > > ** ** >
- [jose] Proposal about the SPI proposal Brian Campbell
- Re: [jose] Proposal about the SPI proposal Richard Barnes
- Re: [jose] Proposal about the SPI proposal Anthony Nadalin
- Re: [jose] Proposal about the SPI proposal Hannes Tschofenig
- Re: [jose] Proposal about the SPI proposal John Bradley
- Re: [jose] Proposal about the SPI proposal Mike Jones
- Re: [jose] Proposal about the SPI proposal Edmund Jay
- Re: [jose] Proposal about the SPI proposal Nat Sakimura
- Re: [jose] Proposal about the SPI proposal Richard Barnes
- Re: [jose] Proposal about the SPI proposal Mike Jones
- Re: [jose] Proposal about the SPI proposal Richard Barnes
- Re: [jose] Proposal about the SPI proposal Richard Barnes
- Re: [jose] Proposal about the SPI proposal Richard Barnes