Re: [jose] issues with x5c in JWE
"Matt Miller (mamille2)" <mamille2@cisco.com> Thu, 31 January 2013 16:42 UTC
Return-Path: <mamille2@cisco.com>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5C10F21F8428 for <jose@ietfa.amsl.com>; Thu, 31 Jan 2013 08:42:23 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.099
X-Spam-Level:
X-Spam-Status: No, score=-10.099 tagged_above=-999 required=5 tests=[AWL=-0.500, BAYES_00=-2.599, J_BACKHAIR_12=1, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EylfYfBx1vFp for <jose@ietfa.amsl.com>; Thu, 31 Jan 2013 08:42:22 -0800 (PST)
Received: from rcdn-iport-5.cisco.com (rcdn-iport-5.cisco.com [173.37.86.76]) by ietfa.amsl.com (Postfix) with ESMTP id 8602C21F841A for <jose@ietf.org>; Thu, 31 Jan 2013 08:42:22 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=7000; q=dns/txt; s=iport; t=1359650542; x=1360860142; h=from:to:cc:subject:date:message-id:references: in-reply-to:mime-version; bh=ZRqDcSIKPgJCpaYe7ccZ6t0aPhMKtUXB1/PVyr9NkZY=; b=B6C9+w9ZJRlkNZqI8/e4dSSd+kna9W3jPH4otdjum6mjnB6Dkc4okXZo xPkeaPBjk0RMGedJOEZVqXlMOVcNuBWjBsByX5tQshIS1cJ2fPCyzNBDu ZIXAPzYFG1q0I/u4sh4nsNXc1eg6ByEpQO2J73QbayjZC0dwC5LaxtBH5 0=;
X-Files: smime.p7s : 2283
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AgAFAIqeClGtJV2b/2dsb2JhbAA7Cr8fFnOCHgEBAQMBAQEBawsFCwIBCA4KCiQCJQslAgQOBQgBBYd9BgzCGo0XCoMKYQOPDYEihn+PMIJ3gWgHFwYY
X-IronPort-AV: E=Sophos; i="4.84,577,1355097600"; d="p7s'?scan'208"; a="171202653"
Received: from rcdn-core-4.cisco.com ([173.37.93.155]) by rcdn-iport-5.cisco.com with ESMTP; 31 Jan 2013 16:42:22 +0000
Received: from xhc-rcd-x05.cisco.com (xhc-rcd-x05.cisco.com [173.37.183.79]) by rcdn-core-4.cisco.com (8.14.5/8.14.5) with ESMTP id r0VGgMMr025624 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Thu, 31 Jan 2013 16:42:22 GMT
Received: from xmb-aln-x11.cisco.com ([169.254.6.138]) by xhc-rcd-x05.cisco.com ([173.37.183.79]) with mapi id 14.02.0318.004; Thu, 31 Jan 2013 10:42:21 -0600
From: "Matt Miller (mamille2)" <mamille2@cisco.com>
To: Brian Campbell <bcampbell@pingidentity.com>
Thread-Topic: [jose] issues with x5c in JWE
Thread-Index: AQHN/o7Jo51opOXv7E2fqwl6m1IyXZhhlGmAgAJw0YCAAAYdAA==
Date: Thu, 31 Jan 2013 16:42:20 +0000
Message-ID: <BF7E36B9C495A6468E8EC573603ED94115109840@xmb-aln-x11.cisco.com>
References: <CA+k3eCRbkefo3M+7QK_anM+H-VQLj2b+Jvw+8EXKPnSuc4Y_7Q@mail.gmail.com> <DAD9D0F9-1889-41B8-8F87-2FC689E9397B@ve7jtb.com> <CA+k3eCQqTpiTdDwdkqFNU9UApM8H4TjjkKq+XupSQuhLkbjRsg@mail.gmail.com>
In-Reply-To: <CA+k3eCQqTpiTdDwdkqFNU9UApM8H4TjjkKq+XupSQuhLkbjRsg@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
x-originating-ip: [10.129.24.46]
Content-Type: multipart/signed; boundary="Apple-Mail=_5B3532D5-29FA-47C8-B9D8-3050592AFE63"; protocol="application/pkcs7-signature"; micalg="sha1"
MIME-Version: 1.0
Cc: John Bradley <ve7jtb@ve7jtb.com>, "jose@ietf.org" <jose@ietf.org>
Subject: Re: [jose] issues with x5c in JWE
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/jose>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 31 Jan 2013 16:42:23 -0000
On Jan 31, 2013, at 9:20 AM, Brian Campbell <bcampbell@pingidentity.com> wrote: > Seems to me that something like x5c would be a lot more meaningful and > useful for a possible future ECDH-SS algorithm for JWE. But it would be > about the encrypting party or sender's certs in that case, right? Which > would be different than how it's currently being used. And that might be > another argument for not having it in JWE right now. > > Of course that starts to beg the "must understand headers" question but I > digress... I was starting to come to similar conclusions. This probably sounds crazy, but maybe we can pretend x.509 certs can be wrapped into a JSON Web Key? { "kty":"X509", "x5c": [....] } - m&m Matt Miller < mamille2@cisco.com > Cisco Systems, Inc. > On Tue, Jan 29, 2013 at 8:04 PM, John Bradley <ve7jtb@ve7jtb.com> wrote: > >> Yes for encryption (Leaving ECDH-SS aside ) the recipoient decrypts with a >> secret. I would expect a kid in the header. >> >> I suppose they if the recipient published a x5c that the sender used to >> encrypt with then you could include the x5c as a reference though a >> thumbprint would be simpler as the recipient is probably keeping its >> private keys in a key-store of some sort. >> >> In any event we would minimally want to change that to >> >> "The certificate containing the public key of the entity that is to >> decrypt the JWE MUST be the first certificate." >> >> >> Thanks Brian >> >> John B. >> >> >> On 2013-01-29, at 11:08 PM, Brian Campbell <bcampbell@pingidentity.com> >> wrote: >> >> I just noticed a couple of things in the JWE's x5c definition that struck >> me as maybe not right. >> >> From >> http://tools.ietf.org/html/draft-ietf-jose-json-web-encryption-08#section-4.1.9 >> >> "The certificate containing the public key of the entity that encrypted >> the JWE MUST be the first certificate." - but it's not the public key of >> the entity that encrypted, is it? It's the public key of the entity that >> will decrypt. The other entity. >> >> "The recipient MUST verify the certificate chain according to [RFC5280] >> and reject the JWE if any validation failure occurs." - maybe I'm missing >> something but why would the recipient verify it's own certificate chain? >> >> And the first hyperlink in "See Appendix B<http://tools.ietf.org/html/draft-ietf-jose-json-web-encryption-08#appendix-B>of [ >> JWS<http://tools.ietf.org/html/draft-ietf-jose-json-web-encryption-08#ref-JWS>] >> for an example "x5c" value" takes you to Appendix B of JWE, which is >> Acknowledgements, rather than JWS as the text would suggest. >> >> So all those little nits could be fixed. But maybe it'd be better to just >> remove x5c from JWE all together? As Richard pointed out previously, >> http://www.ietf.org/mail-archive/web/jose/current/msg01434.html, there's >> really no point in sending a whole chain to help the recipient identify its >> own key. >> >> >> >> >> >> >> _______________________________________________ >> jose mailing list >> jose@ietf.org >> https://www.ietf.org/mailman/listinfo/jose >> >> >> > _______________________________________________ > jose mailing list > jose@ietf.org > https://www.ietf.org/mailman/listinfo/jose
- [jose] issues with x5c in JWE Brian Campbell
- Re: [jose] issues with x5c in JWE John Bradley
- Re: [jose] issues with x5c in JWE Brian Campbell
- Re: [jose] issues with x5c in JWE Matt Miller (mamille2)
- Re: [jose] issues with x5c in JWE Mike Jones
- Re: [jose] issues with x5c in JWE John Bradley
- Re: [jose] issues with x5c in JWE Brian Campbell
- Re: [jose] issues with x5c in JWE Matt Miller (mamille2)
- [jose] Adding a X509/PKIX JWK type? [WAS: issues … Matt Miller (mamille2)
- Re: [jose] Adding a X509/PKIX JWK type? [WAS: iss… John Bradley
- Re: [jose] Adding a X509/PKIX JWK type? [WAS: iss… Brian Campbell
- Re: [jose] Adding a X509/PKIX JWK type? [WAS: iss… Salvatore D'Agostino
- Re: [jose] Adding a X509/PKIX JWK type? [WAS: iss… Peter Saint-Andre
- Re: [jose] Adding a X509/PKIX JWK type? [WAS: iss… Brian Campbell
- Re: [jose] Adding a X509/PKIX JWK type? [WAS: iss… Richard Barnes
- Re: [jose] Adding a X509/PKIX JWK type? [WAS: iss… John Bradley
- Re: [jose] Adding a X509/PKIX JWK type? [WAS: iss… Richard Barnes
- Re: [jose] Adding a X509/PKIX JWK type? [WAS: iss… Matt Miller (mamille2)
- Re: [jose] Adding a X509/PKIX JWK type? [WAS: iss… Brian Campbell