Re: [jose] preventing confusion of one kind of JWT for another in JWT BCP
Brian Campbell <bcampbell@pingidentity.com> Thu, 27 July 2017 21:59 UTC
Return-Path: <bcampbell@pingidentity.com>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 557171321D7 for <jose@ietfa.amsl.com>; Thu, 27 Jul 2017 14:59:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=pingidentity.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ymfkNUdaLvm4 for <jose@ietfa.amsl.com>; Thu, 27 Jul 2017 14:59:56 -0700 (PDT)
Received: from mail-pf0-x233.google.com (mail-pf0-x233.google.com [IPv6:2607:f8b0:400e:c00::233]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CFF4C1321D0 for <jose@ietf.org>; Thu, 27 Jul 2017 14:59:56 -0700 (PDT)
Received: by mail-pf0-x233.google.com with SMTP id e75so10087224pfj.2 for <jose@ietf.org>; Thu, 27 Jul 2017 14:59:56 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=pingidentity.com; s=gmail; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=5+8ihVdfpE82C+K9989j7igeQWSH9Y49ZkzM6qwHd6E=; b=i0BcDjDjEIuJrzjv+Ynp0nK46UO66NdNzgV+IspqDxjrUJ72ut60mL1sUZOtbLD/K3 13FlVWDtxx/VILXYBVnwOVQwD5Y51dy4e3XJRnqdYEvpKLprPA9fxpFGQduQayAolXX3 MNOFLSrNNxMkUf6YHzuqovB7J8RiAWouu6ZmQ=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=5+8ihVdfpE82C+K9989j7igeQWSH9Y49ZkzM6qwHd6E=; b=qgU/ZLQKX+znD3fuMjtzyd9ohqTHNGriCthLCwMtG0vjIGvD4O/uycwbOOVp2EZmqF 9LcfRgZwRYoOAdANjIw5C1Uf7cZr382NglP1Ia15LK2pqwUZrzfIHVeJUBa7b3eUbIcD ++KsIU6jynJAl9HHAO9aJAFaxnVYG8SyI8xAjg8ITME0JBurXLEkDvqrCcZOCqTC3AVy sY0yLfGVahXT4XW/q6C8Lx2nkdF8hmTFNNMN7AIaKoTL1J4gnHkQb37WfrrjsJHsyXG3 BHrVWcTossHdyTPWr6/7sbIwgSq4jeYJqUhmFdrQO7wPwuKLBHYujREpNejz5zD4Vpk3 3CWg==
X-Gm-Message-State: AIVw111qPT9i2IARYeIoYvCm+k5h4HRxDOOeZUGKaLUhO2MtKD3d2dqw fOL7gjqvV5pcxChT1uf2XLplLvjk4LciNRsaIVPemnsu/YWt+p+HydVHDz8cUTbWVKvrXd6b3A4 pI1c=
X-Received: by 10.84.167.230 with SMTP id i35mr5817268plg.181.1501192796316; Thu, 27 Jul 2017 14:59:56 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.100.145.87 with HTTP; Thu, 27 Jul 2017 14:59:25 -0700 (PDT)
In-Reply-To: <CAD9ie-sM-FrVxZKrNLk91Nfr8kWzZgZ6_o=yLhyOYx=GLB34fw@mail.gmail.com>
References: <CA+k3eCRT_iuLHYrLxz+tf1MT9L9XG2jV0D0anC0h5w7A_ujEdQ@mail.gmail.com> <CAD9ie-sM-FrVxZKrNLk91Nfr8kWzZgZ6_o=yLhyOYx=GLB34fw@mail.gmail.com>
From: Brian Campbell <bcampbell@pingidentity.com>
Date: Thu, 27 Jul 2017 15:59:25 -0600
Message-ID: <CA+k3eCQz3eG8vNoueQTVnVjfMV0DfZGiK-iSrApmEMaGxkqz6w@mail.gmail.com>
To: Dick Hardt <dick.hardt@gmail.com>
Cc: oauth <oauth@ietf.org>, "jose@ietf.org" <jose@ietf.org>
Content-Type: multipart/alternative; boundary="94eb2c145cd65d468a055553af8b"
Archived-At: <https://mailarchive.ietf.org/arch/msg/jose/ZUfZcXs5Y7_faF778Wx4-GTS_qk>
Subject: Re: [jose] preventing confusion of one kind of JWT for another in JWT BCP
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/jose/>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 27 Jul 2017 21:59:59 -0000
What other JWTs are there? All JWTs use JWS and/or JWE. So a JWT is a JOSE JWT by definition. JWT requires 'crit' processing by virtue of using JWS and JWE for signing and encryption. The extent to which that processing is actually implemented is a different and fair question but it's normative requirement per spec and implementations that don't would be non-compliant. The byte usage actually is pretty similar depending on the the values used (admittedly because I chose very compact names/values). Compare to secevent, for example, "crit":["p"],"p":1 "typ":"secevent+jwt" On Thu, Jul 27, 2017 at 3:29 PM, Dick Hardt <dick.hardt@gmail.com> wrote: > Brian: I did not think that 'crit' processing is required in JWT > https://tools.ietf.org/html/rfc7519 > > We have two goals: > > Preventing new JWT profiles from being confused with older JWTs, which > 'typ' solves (as does your proposal of 'crit' and 'p', but requires more > bytes) > > Preventing existing JWT implementations from being confused with new JWT > profiles. 'crit' can solve that for JOSE JWTs, but not other JWTs. > > > > On Thu, Jul 27, 2017 at 7:49 PM, Brian Campbell < > bcampbell@pingidentity.com> wrote: > >> During the first WG meeting last week >> <https://datatracker.ietf.org/doc/minutes-99-oauth/> I asked if use of >> the JOSE "crit" (Critical) Header Parameter had been considered as a >> recommendation for preventing confusion of one kind of JWT for another. >> Time was running short in the meeting so there wasn't much discussion and >> it was requested that I take the question to the list. And so here on the >> list is that. >> >> Section 3.9 >> <https://tools.ietf.org/html/draft-sheffer-oauth-jwt-bcp-01#section-3.9> >> of the JWT BCP draft now recommends explicit typing using the "typ" JWS/JWE >> header parameter but does concede that 'the use of explicit typing may not >> achieve disambiguation from existing kinds of JWTs, as the validation rules >> for existing kinds JWTs often do not use the "typ" header parameter >> value.' And the recommendations for how to use the Type Header >> Parameter in JWT <https://tools.ietf.org/html/rfc7519#section-5.1> >> strongly suggest that it's not currently being used for any validation. >> >> Alternatively using the JWS/JWE "crit" (Critical) Header Parameter >> <https://tools.ietf.org/html/rfc7515#section-4.1.11> to signal the >> type/intent/profile/application of a JWT could achieve disambiguation >> even in validation of existing kinds of JWTs. The critical header lists >> other headers which must be understood and processed by the receiver and >> that the JWS/JWE is invalid if those listed aren't understood. So a new >> type/profile of JWT that uses the "crit" header would produce JWTs that >> would be rejected even by existing applications of JWT validation (that >> actually implement "crit" properly anyway). >> >> The JWT BCP could suggest the use of "crit" in conjunction with a >> profile/application/type specific header. Or it could provide a bit more of >> a framework like defining a registering a new JOSE header "p" (strawman of >> p as a very short name for profile) and create a registry for its values. A >> JWT header using that approach might look like the following where the >> value 1 is registered as some cool new JWT profile/application. The >> consumer of such a JWT would have to understand and process the "p" header, >> which would mean checking that it had the value expected. >> >> { >> "alg":"ES256", >> "crit":["p"], >> "p":1 >> } >> >> A JOSE compliant JWT validator would reject such a JWT even for an OAuth >> access token or OIDC id_token because the "p" header isn't known or >> understood but is marked as critical. >> >> To me, that seems like an approach to preventing confusion that has more >> teeth than the "typ" header. Which is why I asked about it last week and am >> now bringing it to the list. >> >> >> >> >> >> >> >> >> >> >> *CONFIDENTIALITY NOTICE: This email may contain confidential and >> privileged material for the sole use of the intended recipient(s). Any >> review, use, distribution or disclosure by others is strictly prohibited. >> If you have received this communication in error, please notify the sender >> immediately by e-mail and delete the message and any file attachments from >> your computer. Thank you.* >> _______________________________________________ >> jose mailing list >> jose@ietf.org >> https://www.ietf.org/mailman/listinfo/jose >> >> > > > -- > Subscribe to the HARDTWARE <http://hardtware.com/> mail list to learn > about projects I am working on! > -- *CONFIDENTIALITY NOTICE: This email may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited. If you have received this communication in error, please notify the sender immediately by e-mail and delete the message and any file attachments from your computer. Thank you.*
- [jose] preventing confusion of one kind of JWT fo… Brian Campbell
- Re: [jose] preventing confusion of one kind of JW… Nathaniel McCallum
- Re: [jose] preventing confusion of one kind of JW… Brian Campbell
- Re: [jose] preventing confusion of one kind of JW… Nathaniel McCallum
- Re: [jose] [OAUTH-WG] preventing confusion of one… Dick Hardt
- Re: [jose] preventing confusion of one kind of JW… Phil Hunt
- Re: [jose] preventing confusion of one kind of JW… Dick Hardt
- Re: [jose] [OAUTH-WG] preventing confusion of one… John Bradley
- Re: [jose] preventing confusion of one kind of JW… Nathaniel McCallum
- Re: [jose] preventing confusion of one kind of JW… Brian Campbell
- Re: [jose] [OAUTH-WG] preventing confusion of one… Brian Campbell
- Re: [jose] [OAUTH-WG] preventing confusion of one… John Bradley
- Re: [jose] [OAUTH-WG] preventing confusion of one… Jim Schaad
- Re: [jose] [OAUTH-WG] preventing confusion of one… Brian Campbell
- Re: [jose] preventing confusion of one kind of JW… Justin Richer