Re: [jose] Payment Perspective on draft-jones-jose-jws-signing-input-options 00
Anders Rundgren <anders.rundgren.net@gmail.com> Tue, 11 August 2015 10:18 UTC
Return-Path: <anders.rundgren.net@gmail.com>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5C2FA1A7000 for <jose@ietfa.amsl.com>; Tue, 11 Aug 2015 03:18:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4
X-Spam-Level:
X-Spam-Status: No, score=-4 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, GB_I_INVITATION=-2, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2Iw3CYE8JPVS for <jose@ietfa.amsl.com>; Tue, 11 Aug 2015 03:18:09 -0700 (PDT)
Received: from mail-wi0-x22b.google.com (mail-wi0-x22b.google.com [IPv6:2a00:1450:400c:c05::22b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5022B1A6FFC for <jose@ietf.org>; Tue, 11 Aug 2015 03:18:09 -0700 (PDT)
Received: by wibhh20 with SMTP id hh20so188243567wib.0 for <jose@ietf.org>; Tue, 11 Aug 2015 03:18:08 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=subject:to:references:from:message-id:date:user-agent:mime-version :in-reply-to:content-type:content-transfer-encoding; bh=o0NhI0KPC55y1K2/Foag5IZ5hwKBXYPed8Eb61bPocc=; b=urdHYELcJMgxWaqcjmUWxi1mHASkUhlZTWfGe4e48Cmul1BXvhTDHc3CaCKCOUkKJy e458gilNobZtfCC5M9/yiv7ttm1puqO9x9Ewe7/QxCseP298GaiqMda7u9qWSOOqGmlP mjeEFIk8PDAj16Cq2AV1fPaMS6t5Eb89mQfh+6Chf8xGWvF4RoHDLyzeXA0MMbA03tkV 0Eog8URkA7Gyh+lIUnA0pTwdbpdFxbGDHsu/hTXo7+TAs2Je9hxWOO6VRmso3VyordJ1 YgDvLCv9oTh9O7Xr58l1Bz/Bu7vIw0HdZ1pxoBHvnwadC3GJ2zUfbxAaiBUPidolynms h2iA==
X-Received: by 10.194.171.9 with SMTP id aq9mr58105797wjc.30.1439288288045; Tue, 11 Aug 2015 03:18:08 -0700 (PDT)
Received: from [192.168.1.79] (27.195.130.77.rev.sfr.net. [77.130.195.27]) by smtp.googlemail.com with ESMTPSA id yz10sm2297614wjc.0.2015.08.11.03.18.06 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 11 Aug 2015 03:18:07 -0700 (PDT)
To: Sergey Beryozkin <sberyozkin@gmail.com>, Mike Jones <Michael.Jones@microsoft.com>, Jim Schaad <ietf@augustcellars.com>, "jose@ietf.org" <jose@ietf.org>, Nat Sakimura <n-sakimura@nri.co.jp>
References: <55C632B0.9060304@gmail.com> <BY2PR03MB4426293ACF249D70D18B800F5700@BY2PR03MB442.namprd03.prod.outlook.com> <55C83258.5050405@gmail.com> <002e01d0d339$711eb9a0$535c2ce0$@augustcellars.com> <55C85C90.8010605@gmail.com> <018101d0d3a2$8fc1a660$af44f320$@augustcellars.com> <55C90F20.2090508@gmail.com> <01a601d0d3af$9af01ff0$d0d05fd0$@augustcellars.com> <55C98306.8000308@gmail.com> <BY2PR03MB442FF08617228C104684638F57F0@BY2PR03MB442.namprd03.prod.outlook.com> <55C99BA8.9040106@gmail.com> <55C9C701.6060307@gmail.com>
From: Anders Rundgren <anders.rundgren.net@gmail.com>
Message-ID: <55C9CBD8.3070006@gmail.com>
Date: Tue, 11 Aug 2015 12:18:00 +0200
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:38.0) Gecko/20100101 Thunderbird/38.1.0
MIME-Version: 1.0
In-Reply-To: <55C9C701.6060307@gmail.com>
Content-Type: text/plain; charset="windows-1252"; format="flowed"
Content-Transfer-Encoding: 7bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/jose/cUCLe4MMzExTTnmjzZSwNt86pWE>
Subject: Re: [jose] Payment Perspective on draft-jones-jose-jws-signing-input-options 00
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/jose/>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 11 Aug 2015 10:18:11 -0000
On 2015-08-11 11:57, Sergey Beryozkin wrote: > Hi Anders > Not sure if it makes sense, but can the ordering requirement be relaxed > and instead JSON keys are sorted first (natural string sorting) before > the signature is created or validated ? Though it is probably not > effective as it can block streaming... Hi Sergey, The point I have tried to make (and failed with) is that "Predictable Serialization" is a generic usable JSON feature. http://docs.oracle.com/javase/8/docs/api/java/util/LinkedHashMap.html "This technique is particularly useful if a module takes a map on input, copies it, and later returns results whose order is determined by that of the copy. (Clients generally appreciate having things returned in the same order they were presented.)" Clients = Users. Sorting would defeat the readability requirement and also depend on external signature processing code. In my take on this topic, the parser/serializer does all signature processing except for the core cryptographic operations. Anders > Cheers, Sergey > On 11/08/15 07:52, Anders Rundgren wrote: >> On 2015-08-11 07:41, Mike Jones wrote: >>> I would think that the financial community would want a reliable >>> signature method, >> >> Indeed. >> >> >>> without the interop problems that relying on canonicalization creates, >>> as so >> > thoroughly demonstrated in practice by XML Canonicalization. >> >> Absolutely! >> >> >>> For starters, there isn't actually a JSON canonicalization standard in >>> the first place. >> >> True. As I have shown in specifications, code, etc. there's no need for >> such a thing either. >> >> >>> And relying on intermediaries not modifying the JSON in any way is >>> also fraught with >> > danger and an invitation to attacks. >> >> It is possible that my analysis is flawed, but as far as I can tell, the >> only thing >> an adversary (or poorly working intermediary), could succeed with by a >> substitution >> attack on JCS [1], is invalidating signatures which I (FWIW) wouldn't >> characterize >> as a security problem but as a nuisance and interoperability issue. >> >> >>> Would using JWS with detached payloads really be that onerous for this >>> community, >> > provided they actually have a way to preserve the payload exactly? >> >> If nothing else helps they would go for that but as shown there are (at >> least) >> a couple of efforts out there pointing to more "JSONesque" schemes. >> >> My guess is that there are many other JSON signature schemes in the >> workings we >> don't know of, since financial communities tend to be rather >> tight-lipped :-) >> >> It is important to realize that I'm in _no way_ "dissing" the JOSE work, >> I only >> see it as less suitable for the target market I mentioned. >> >> Best regards, >> Anders >> >> 1] >> https://cyberphone.github.io/openkeystore/resources/docs/jcs.html#Sample_Signature >> >> >>> >>> -- Mike >>> >>> -----Original Message----- >>> From: jose [mailto:jose-bounces@ietf.org] On Behalf Of Anders Rundgren >>> Sent: Monday, August 10, 2015 10:07 PM >>> To: Jim Schaad; jose@ietf.org >>> Subject: Re: [jose] Payment Perspective on >>> draft-jones-jose-jws-signing-input-options 00 >>> >>> On 2015-08-10 23:00, Jim Schaad wrote: >>>> I am just not interested in this I guess. >>> >>> Yes, the JOSE WG have more or less unanimously decided to ignore the >>> needs of the financial community who wants to sign JSON objects [1] >>> rather than signing arbitrary data using JSON-based signature containers. >>> >>> Anders >>> >>> 1] Although entirely different with respect to JSON normalization, the >>> following independently developed schemes proposals seem to support >>> this statement: >>> >>> https://web-payments.org/specs/source/vocabs/security.html#GraphSignature2012 >>> >>> https://cyberphone.github.io/openkeystore/resources/docs/jcs.html#Sample_Signature >>> >>> >>> _______________________________________________ >>> jose mailing list >>> jose@ietf.org >>> https://www.ietf.org/mailman/listinfo/jose >>> >> >> _______________________________________________ >> jose mailing list >> jose@ietf.org >> https://www.ietf.org/mailman/listinfo/jose >
- Re: [jose] Payment Perspective on draft-jones-jos… Anders Rundgren
- [jose] Payment Perspective on draft-jones-jose-jw… Anders Rundgren
- Re: [jose] Payment Perspective on draft-jones-jos… Mike Jones
- Re: [jose] Payment Perspective on draft-jones-jos… Anders Rundgren
- Re: [jose] Payment Perspective on draft-jones-jos… Jim Schaad
- Re: [jose] Payment Perspective on draft-jones-jos… Anders Rundgren
- Re: [jose] Payment Perspective on draft-jones-jos… Mike Jones
- Re: [jose] Payment Perspective on draft-jones-jos… Jim Schaad
- Re: [jose] Payment Perspective on draft-jones-jos… Jim Schaad
- Re: [jose] Payment Perspective on draft-jones-jos… Anders Rundgren
- Re: [jose] Payment Perspective on draft-jones-jos… Mike Jones
- Re: [jose] Payment Perspective on draft-jones-jos… Nat Sakimura
- Re: [jose] Payment Perspective on draft-jones-jos… Anders Rundgren
- Re: [jose] Payment Perspective on draft-jones-jos… Sergey Beryozkin
- Re: [jose] Payment Perspective on draft-jones-jos… Anders Rundgren
- Re: [jose] Payment Perspective on draft-jones-jos… Sergey Beryozkin
- Re: [jose] Payment Perspective on draft-jones-jos… Sergey Beryozkin
- Re: [jose] Payment Perspective on draft-jones-jos… Anders Rundgren
- Re: [jose] Payment Perspective on draft-jones-jos… Anders Rundgren