Re: [jose] SPI proposal
Richard Barnes <rlb@ipv.sx> Thu, 07 February 2013 14:52 UTC
Return-Path: <rlb@ipv.sx>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 99BC321F85CE for <jose@ietfa.amsl.com>; Thu, 7 Feb 2013 06:52:18 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.835
X-Spam-Level:
X-Spam-Status: No, score=-2.835 tagged_above=-999 required=5 tests=[AWL=2.141, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, GB_I_LETTER=-2, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id H1yQ2NJLaHJt for <jose@ietfa.amsl.com>; Thu, 7 Feb 2013 06:52:17 -0800 (PST)
Received: from mail-lb0-f194.google.com (mail-lb0-f194.google.com [209.85.217.194]) by ietfa.amsl.com (Postfix) with ESMTP id BEBA221F855D for <jose@ietf.org>; Thu, 7 Feb 2013 06:52:15 -0800 (PST)
Received: by mail-lb0-f194.google.com with SMTP id gg13so406740lbb.5 for <jose@ietf.org>; Thu, 07 Feb 2013 06:52:14 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:x-received:x-originating-ip:in-reply-to:references :date:message-id:subject:from:to:cc:content-type:x-gm-message-state; bh=PynaM0YikfSPkljvKNLMTWty2ttL2pUDgCzvWZFij4o=; b=WcgW5TL53YpgngnKaSXw5rb/fIp0p0M4MxKxfWdb7vnPlmmMUnYIwehspHxYwOMyNF FtK2U2P5xUNmJpaJCs7hRPFiImDZ9WI9BwdaEjpNYiaKdHtZChK6hXRLi2SMAgzR4AIS QUAP5YaSuM/qK+2GVRkAM+piw5QsIRCaEoZx21t6LUDMp73TRnQyiuVO0Gwc9cSkqj4o AyRml1J8hc8Hr2Xr5cu4k6O/32y8rQn8o1rPzC9mZ9FwffHmrbXOVl3iOo33490ItONr ziXdL8TeckJ+i50Gu6srLRygkuG2oFanQHv9ZAdsldTMzHzBc20/Pr+0HwkhwwfwpxzE nYMA==
MIME-Version: 1.0
X-Received: by 10.152.122.100 with SMTP id lr4mr1589518lab.28.1360248734538; Thu, 07 Feb 2013 06:52:14 -0800 (PST)
Received: by 10.112.147.164 with HTTP; Thu, 7 Feb 2013 06:52:14 -0800 (PST)
X-Originating-IP: [155.212.214.60]
In-Reply-To: <CA+k3eCQ_bsTxYq6u5BVe_Xk1ycOhAwWe=ebfAwk+66JavJJQfA@mail.gmail.com>
References: <CAL02cgSt7w5CrP+DXo7bz_+YsxKsVMoRbZLNWa6EHjnAyScWMg@mail.gmail.com> <CA+k3eCQ_bsTxYq6u5BVe_Xk1ycOhAwWe=ebfAwk+66JavJJQfA@mail.gmail.com>
Date: Thu, 07 Feb 2013 09:52:14 -0500
Message-ID: <CAL02cgRvUvf39RyDOStRXZ1Ne6p9gLrAxjtH8kfmdhE4kWG-3w@mail.gmail.com>
From: Richard Barnes <rlb@ipv.sx>
To: Brian Campbell <bcampbell@pingidentity.com>
Content-Type: multipart/alternative; boundary="f46d042ef661a0dc3104d52396cf"
X-Gm-Message-State: ALoCoQm8gRHdBLCHKMXRnUifSxLdg4RO1r983WUTdmSJQ4drWq0MSkRfg/udbUdbqgF6J8pwHZ5z
Cc: "jose@ietf.org" <jose@ietf.org>
Subject: Re: [jose] SPI proposal
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/jose>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 07 Feb 2013 14:52:21 -0000
The motivation here is not very deep. A lot of the current design (e.g., the three-letter names) is focused on reducing header size. The SPI proposal further compresses header size in cases where two entities will be exchanging many JOSE objects. I understood from some discussions with OpenID folks that this was often the case for their use cases. Obviously, you could build a whole management protocol around this stuff (cf. IKE for IPsec). Whatever application is using this would need to figure out how to deal with the issues you note, as well as things like what happens when an object shows up with an unknown SPI. (I don't think collision is an issue, if you can scope to sender; the sender just ensures uniqueness.) The idea of this basic proposal is to establish the basic behavior, around which you could then wrap more advanced management. --Richard On Thu, Feb 7, 2013 at 9:42 AM, Brian Campbell <bcampbell@pingidentity.com>wrote: > Admittedly I'm not really up on this spi issue or the motivation behind it > but a couple questions came to mind when I saw this. How does the receiver > protect against unbounded growth of the cache? And index collision? And for > distributed environments, it seems supporting this could be very cumbersome. > > > > > > > > > On Wed, Feb 6, 2013 at 3:11 PM, Richard Barnes <rlb@ipv.sx> wrote: > >> To move us toward closing Issue #9 [9], here is some proposed text for an >> SPI [1] field. To recall, SPI stands for "security parameters index", >> borrowing a term from IPsec. The idea is that in cases where the same >> crypto parameters are being used repeatedly, this would save the parties >> from having to re-send the same parameters. >> >> The below text is designed for the JWE spec, but could be adapted for JWS >> (just keep header, ignore part about key/iv). Similar text is probably >> needed for the encryption/decryption/signing/verification sections. >> >> Feedback welcome, >> --Richard >> >> -----BEGIN----- >> Section 4.1.X. "spi" Header Parameter >> >> The "spi" (Security Parameters Index) header parameter contains an opaque >> byte string that labels a set of security parameters. This index is >> designed to enable the use of smaller headers in cases where entities will >> be re-using the same security parameters for several messages. >> >> Entities supporting the use of the "spi" parameter MUST maintain a table >> of cached security parameters. When an entity receives an object whose >> header contains both "spi" and "alg" values, then it MUST cache the >> following values from the JWE, indexed by the "spi" value: >> -- Contents of the JWE header >> -- Encrypted Key >> -- Initialization Vector >> >> If an object containing an "spi" parameter but no "alg" parameter, then >> it MUST NOT contain an Encrypted Key or Initialization Vector. That is, it >> will have the form "header.ciphertext.integrity_value". When a recipient >> receives such an object, it uses the "spi" value to retrieve cached header, >> key, and initialization vector and reconstructs a full JWE. This full JWE >> can then be further processed according to the normal JWE processing rules. >> If the recipient has no cached parameters for the "spi" value, the process >> MUST fail. >> -----END----- >> >> >> [9] http://tools.ietf.org/wg/jose/trac/ticket/9 >> >> _______________________________________________ >> jose mailing list >> jose@ietf.org >> https://www.ietf.org/mailman/listinfo/jose >> >> >
- [jose] SPI proposal Richard Barnes
- Re: [jose] SPI proposal Mike Jones
- Re: [jose] SPI proposal Mike Jones
- Re: [jose] SPI proposal Richard Barnes
- Re: [jose] SPI proposal Richard Barnes
- [jose] SPI - KID conflict -- Re: SPI proposal Hannes Tschofenig
- Re: [jose] SPI - KID conflict -- Re: SPI proposal Richard Barnes
- Re: [jose] SPI proposal Brian Campbell
- Re: [jose] SPI proposal Richard Barnes
- Re: [jose] SPI - KID conflict -- Re: SPI proposal Mike Jones
- Re: [jose] SPI - KID conflict -- Re: SPI proposal Hannes Tschofenig
- Re: [jose] SPI proposal Hannes Tschofenig
- Re: [jose] SPI proposal Brian Campbell
- Re: [jose] SPI proposal Richard Barnes
- Re: [jose] SPI proposal Anthony Nadalin
- Re: [jose] SPI proposal Hannes Tschofenig
- Re: [jose] SPI proposal Brian Campbell
- Re: [jose] SPI proposal John Bradley