[jose] Re: 2nd WGLC for draft-ietf-jose-fully-specified-algorithms (Fully Specified Algorithms)

Michael Jones <michael_b_jones@hotmail.com> Fri, 13 September 2024 16:09 UTC

Return-Path: <michael_b_jones@hotmail.com>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F01D2C151063; Fri, 13 Sep 2024 09:09:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.132
X-Spam-Level:
X-Spam-Status: No, score=-1.132 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FORGED_HOTMAIL_RCVD2=0.874, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, HTTPS_HTTP_MISMATCH=0.1, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=hotmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cUbSjebG5oV6; Fri, 13 Sep 2024 09:09:13 -0700 (PDT)
Received: from NAM10-MW2-obe.outbound.protection.outlook.com (mail-mw2nam10olkn2030.outbound.protection.outlook.com [40.92.42.30]) (using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2A7A7C151062; Fri, 13 Sep 2024 09:09:13 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=uk1dd9FmcKdkvy8a8bOnHxr67Kl+3KECqSbfsS5kTzWN1WhpSvu3v6FKNXITRu2Otfl3wOJfNvWX3yxburfJFtg9D66NdYP4f6kEmBDZR8bUVjC1sZ3QJr3xOpunHNUCde/OlLub+GFePWO+ChKWrzPIe5MISRuxKIN4WOPJHvZ2n3tCLP00kDmcXXBvGG+0Gk7wsaVBWKMco03aCHODvb+igth3sB2h3ScSEFt45N5ixBaZsJpgKNVwfl2ft5TT7tB3XW3/SX6DcyRPvKpLC2eZ9OjxrYWLcXbmW/XhpO6kFL4OOIQA2W6CXGfcx+6lXxFjbPUaKD+CeDknis2W4w==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=eLVFoNtWg01A0xzfaKA79nro8m2uhyUUN4lsiDzg5T0=; b=Tde/Vyx/zuhP7prWavV/I+2USq7WVbS7LJowYOGakYvkJfNsYYtUl7//c7E6oVWUiRIqSocuGW8Wvm7ASG0gm84RpJNiQS2iGPKwWiaZ6vRfoEVMmwCE/wL/7i7mGm82u2wOPMxak4mcwoD08j1VFVLZn9+Ick3nDJds60T+Ny3wmPH80U90x2tStkMoG0hKkEAkjswZ9fGFbiPBTZIE7nTls0TN2JgAmHRh1Pc8LcScd9Of9k0IqzMSICN+pFGtVfIs4TFt8a/a52CNpRR4X9Q2ns6SsEaMaTOfBvx6h17TE4i4ygQO8JW72N5f3ZUNUh82IlRguv+P9TiMG9PEKQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none; dkim=none; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=hotmail.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=eLVFoNtWg01A0xzfaKA79nro8m2uhyUUN4lsiDzg5T0=; b=sCNagAwDydccuzXmq4WZsTpQFYb4VyGpCHJrj80z5fQyGmn18mpDghz/uCMf7XrTiC4xuLXqkXxSYTpujrGOIeQzG723MyZdvD4F55gLst+lTHbHo0bCaTnxzM41Ix7r8xBVDNNdvUvxyW73Q4sOSTlpCAz0trThgBaG/WH/Jmg4cue5Rlo3PKOhIJlqjHUjuOB0cW7fR+kI/HkgXRW1Ag0jnlHV7ruW7hd0a/Ted1Ta8fOYeJkHADNteQQIUaNA7bA+/SRKjwKhvlwRJsAC4RHuCcAxnNZEwvVClfNNk/UcT/57mti/71s5phGN6rE1e6gzbMFtEz3S2N/33YexlA==
Received: from SJ0PR02MB7439.namprd02.prod.outlook.com (2603:10b6:a03:295::14) by CO6PR02MB7715.namprd02.prod.outlook.com (2603:10b6:303:b3::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7962.19; Fri, 13 Sep 2024 16:09:10 +0000
Received: from SJ0PR02MB7439.namprd02.prod.outlook.com ([fe80::6394:e79c:c32a:4c6a]) by SJ0PR02MB7439.namprd02.prod.outlook.com ([fe80::6394:e79c:c32a:4c6a%3]) with mapi id 15.20.7962.018; Fri, 13 Sep 2024 16:09:10 +0000
From: Michael Jones <michael_b_jones@hotmail.com>
To: John Mattsson <john.mattsson=40ericsson.com@dmarc.ietf.org>, JOSE WG <jose@ietf.org>, "cose@ietf.org" <cose@ietf.org>
Thread-Topic: [jose] Re: 2nd WGLC for draft-ietf-jose-fully-specified-algorithms (Fully Specified Algorithms)
Thread-Index: AQHbBTOQ7qWJlsojBUqTv9B5g2Gk2bJVP3+AgAATloCAAJCZAA==
Date: Fri, 13 Sep 2024 16:09:10 +0000
Message-ID: <SJ0PR02MB74397B27FD8A56DAF504E4AEB7652@SJ0PR02MB7439.namprd02.prod.outlook.com>
References: <CA+mgmiOqZqu1fNjEK69zTbx3ndsum5jrLg06bzYTjtH+VQyWtA@mail.gmail.com> <5233A37F-2EA1-40CB-A3DA-EAEF885E52B0@gmail.com> <GVXPR07MB9678668C56EB63D7453F5E6989652@GVXPR07MB9678.eurprd07.prod.outlook.com>
In-Reply-To: <GVXPR07MB9678668C56EB63D7453F5E6989652@GVXPR07MB9678.eurprd07.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: SJ0PR02MB7439:EE_|CO6PR02MB7715:EE_
x-ms-office365-filtering-correlation-id: 3dcfa278-775c-4796-dc0a-08dcd40e66f3
x-microsoft-antispam: BCL:0;ARA:14566002|6072599003|12050799009|7092599003|461199028|9400799024|15080799006|19110799003|8060799006|56899033|1602099012|102099032|3412199025|4302099013|440099028;
x-microsoft-antispam-message-info: lkSi2QaP6UX/d5ZxTW/CZdK5QKV1m1kBN1kA1b8j/RrzgLjo5t0TJRwttr3oDp+Oz1VT3FAaZk453J8/R1/TQ6VHyo9pN0KK7BIC0pMMksgehcZSl9CCqTkU9l2jql4CE+12pKVRJ1JiEThaZccisR+tjkkeZ5FGvK5SRWbYtlxqevf8lUAK7sIYk6syp6S1aay0wg0pDsAauNxCP1CyTuP/OXNKucL6JsbgTXLoCjeUXbdyWSl6uBsCyDWlltEncCPh2G5Ta+OUFJZSdgRgaCVhsYwHayzsnrNHgcntJAwVH+wDlRme5OrKXZnq4UYq6E8ovGbKYLEjPvXUClyK5sBiyh7CFrDdUVtDpIYgYAlgIZRZiW0IZ/dXUxxeqzZyvryDqj6ngVj/ZIxsd9wRLJmdeI36/IfX1S4ejH9+aiKDR0iG/nSWj7gKm4PtfevRRRPpa5SsCDiMSqWhosYU2XD7xHvegAYalmPUvNtfwZ3T/8dwDKkz9UXt+VWCCTYPGOQ4So4+u+mgOIABipsGO5uiMaz03eDFu8ZcOXIHFbC32rh9uMTQhjPvuQVKa5iE2H7+NMAUzYADq0kOu24iVDfnKQynm76lLfhanOpU4YfVLblWNEM6SPEfV7+XXex8I79yx7ucXatthk5N+xJjEZ5CZOhy4pBrdzNrXHauNxV9/lW0ofWkICMhqNpjvOyMpE+BQUpIyPDg8W+hKNbj1dg13u12P231U0cKCZp5imFKs2P8h0ZTQyYVsuTyjtXV3igVgY2FXzVgWD6EMbvS9UUgU78u00o2HovsQNtDtU/iaqIusumkNri2G6XAlVGja5i+DB3LjA/LGIPpjq2h355JJTKiXIPN2mcPwSXzjkYSfCXhm3XglWxY75OWddwaRe5mvhPIzQunZDNiodxt1PUIEp5cqYoYUcIDMhkRjV50v3BWfUaOnlZPPs4xxdJtNz9tHThJC0F5HA7ru5V5Jw==
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: uq2QLK7UEbrBj+X9eBN8+9VsugEN+UmEtnLRgp8KnhIfLetfOBpjnlY2bTqBc0cTmw184+ZpGuk3YBjxhVFCcntys+xUHtUPygZUP21BwEFBOpg2uEmhvz5Qc/fQlCFYGn4LCKTdUy+2VAzWD0On+jxCHIJ0MIgB0qf2G44YM8S7pLUZCDBI++0sJNwOSR8yUqrV3UQFWm/ZtwXQ/vieHmFMgAdFV/ZvTm0Lke3Je/7qOA9rXwkMpjY53Pjb2bTG6UN7t0z4zlSArPGsi85uOwTwPfpnWl80swHVG9I09wgQ8Luv3bhjDbIvZGuLEtffJ59YsIO+1V7BLNWoBPoQEVfocsSdIM3lnxUY8qRt3mtLP9v/HQ4ZxnpbgMLw3FdBh8m3C+hdF92S0hn8LkQ1Mq+kmY6AYyzoAG7OSi5SNGzP+sjNlU5sMUo87cx9qZLyX+HkPckLUnltygnTnXM9EV4Pg9QLrwFxTkZOT6IZdk6yuEjIKgo2WXGgfgeud4hADsk1fTFjzI8DY2oGlnsM9nrc7Ryp2fJqEpXmjdtBmmwAdy4zelqc6xfuQYaSuvqfJzVQceL0LYJL3x/b/98cq69xVsafs7AsSX/4UKVSDkA3lsO+lZMuRBE6nFF7jvkbBWguo9X94SfAG1sl2jmbO7pBT8zENOdDZCLLZfsst+HPW6gj9OdftkIxCXykRPRBqdXkgduz+MEjYAUVDsBgmay3PiTv68sysKWwR2ODeQd5lklEZ7dSDQXNSjPzD09pS134V1V2cF4Oj4VgIfEfc/PeYwBZYtAGQ+mPN53PYyGiquDtlSMmSjAopbS6i3znaNqBItrHV2W96cRXjX8PyA4jthOJnO5w4MiQ7yi4f4rTCaNOo1WDvB2zvEhLnFjRxc/6wqbmCmvSdzgI+JcXYyQHookm3JdrZdRtAXG+yHq95ISpTaxgpMo/gmMFiaZsXXD+NNMQ31/QYynX8NrbJCeJ6mTy93wDXQyAZgzyngOUXxpZYIZX5xTjaF68DVujdDxVe9DwlgBY+ybKVQ8oI5jE0yusshTcJz8jI+XoWZgpmX/7cOzAV5ZIRl3tqZj0vLfcqnXWIOBLyFwnUbxDpRkCtaoddwpkElunF7bHpUvJpBWKruBN9HdlMGdQ663uMpAlysCdLvUeeJLKLLx1jybcV42BMc8XpDWofaR4WOUmJB+8pHDiE6d0MW+fe30Oof6JEXVug+V9J1uLCXsWNHT2dzePg+StdAePgibbQeg=
Content-Type: multipart/alternative; boundary="_000_SJ0PR02MB74397B27FD8A56DAF504E4AEB7652SJ0PR02MB7439namp_"
MIME-Version: 1.0
X-OriginatorOrg: sct-15-20-4755-11-msonline-outlook-3d941.templateTenant
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: SJ0PR02MB7439.namprd02.prod.outlook.com
X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 00000000-0000-0000-0000-000000000000
X-MS-Exchange-CrossTenant-Network-Message-Id: 3dcfa278-775c-4796-dc0a-08dcd40e66f3
X-MS-Exchange-CrossTenant-originalarrivaltime: 13 Sep 2024 16:09:10.1185 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa
X-MS-Exchange-CrossTenant-rms-persistedconsumerorg: 00000000-0000-0000-0000-000000000000
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CO6PR02MB7715
Message-ID-Hash: AQ3WCPSOZGTFP4PP5I36SWOYNUDCGZ6I
X-Message-ID-Hash: AQ3WCPSOZGTFP4PP5I36SWOYNUDCGZ6I
X-MailFrom: michael_b_jones@hotmail.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-jose.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: Neil Madden <neil.e.madden@gmail.com>
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [jose] Re: 2nd WGLC for draft-ietf-jose-fully-specified-algorithms (Fully Specified Algorithms)
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/jose/gXJVGyMX2gb_J835W6ETey2HZFE>
List-Archive: <https://mailarchive.ietf.org/arch/browse/jose>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Owner: <mailto:jose-owner@ietf.org>
List-Post: <mailto:jose@ietf.org>
List-Subscribe: <mailto:jose-join@ietf.org>
List-Unsubscribe: <mailto:jose-leave@ietf.org>

Hi John,

As I just replied to Neil, we will certainly address these inconsistencies in the next draft.  I appreciate people giving the draft a detailed read and pointing out things that need to be corrected.

                                                                Cheers,
                                                                -- Mike

From: John Mattsson <john.mattsson=40ericsson.com@dmarc.ietf.org>
Sent: Friday, September 13, 2024 12:30 AM
To: JOSE WG <jose@ietf.org>; cose@ietf.org
Cc: Neil Madden <neil.e.madden@gmail.com>
Subject: [jose] Re: 2nd WGLC for draft-ietf-jose-fully-specified-algorithms (Fully Specified Algorithms)

Hi,
As an individual, I agree with Neil’s comments.
https://mailarchive.ietf.org/arch/msg/jose/JSlZI6oeyYHXFkG2PgHbG4YzghA/

I have also pointed out in a separate mail that the following sentence in not true:

”This is not a problem in practice, because RSA libraries accommodate keys of different sizes without having to use different code.”

In addition to limitations on key length nlen, it is not uncommon that RSA implementations have limitations on the exponent e.
I have a hard time seeing why RSA domain parameters (nlen, e) and ECC domain parameters (p, a, b, G, n, h) are treated completely differently. You can definitely not expect RSA to work without considering the domain parameters in the key.

As Neil states:

“the definition of “fully-specified” that this draft proposed is arbitrary and inconsistent”

This is a major problem as the draft formally updates the COSE and JOSE IANA registries with

”Only fully-specified algorithm identifiers may be registered.”

I therefore do not think the document is ready to proceed in its current state.

Cheers,
John (as an individual)
From: Neil Madden <neil.e.madden@gmail.com<mailto:neil.e.madden@gmail.com>>
Date: Friday, 13 September 2024 at 08:20
To: Karen ODonoghue <kodonog@pobox.com<mailto:kodonog@pobox.com>>
Cc: JOSE WG <jose@ietf.org<mailto:jose@ietf.org>>, cose@ietf.org<mailto:cose@ietf.org> <cose@ietf.org<mailto:cose@ietf.org>>
Subject: [jose] Re: 2nd WGLC for draft-ietf-jose-fully-specified-algorithms (Fully Specified Algorithms)
As myself and Filip Skokan have pointed out, the wording of section 3.1 currently (I believe accidentally) outlaws all of the ECDH-ES encryption algorithms, and any future KEM-based algorithms. So no, even if you support the idea, the document is not ready.

— Neil

> On 12 Sep 2024, at 17:48, Karen ODonoghue <kodonog@pobox.com<mailto:kodonog@pobox.com>> wrote:
> JOSE and COSE working group members,
>
> This WGLC is currently scheduled to conclude on 13 September
> (tomorrow). I am not currently comfortable with the number and clarity
> of responses received. Please respond clearly indicating whether or
> not you think this document is ready to proceed (pending the comments
> raised in your response). To give you all a bit more time, I'm
> extending the WGLC one week to next Friday (20 September 2024).
>
> Please take a few minutes and review the updated draft!
>
> Thanks,
> Karen
>
> On Wed, Aug 21, 2024 at 11:10 AM Karen ODonoghue <kodonog@pobox.com<mailto:kodonog@pobox.com>> wrote:
>>
>> JOSE working group members,
>>
>> This email initiates a second working group last call for the Fully
>> Specified Algorithms document:
>> https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdatatracker.ietf.org%2Fdoc%2Fdraft-ietf-jose-fully-specified-algorithms%2F&data=05%7C02%7Cjohn.mattsson%40ericsson.com%7Caed730693567405a8acf08dcd3bc2ca0%7C92e84cebfbfd47abbe52080c6b87953f%7C0%7C0%7C638618052367868814%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C0%7C%7C%7C&sdata=UXGs%2Fm4hrVoHQo2ToGNDV0LhOgIV1OTqoZJ62NwlQJ0%3D&reserved=0<https://datatracker.ietf.org/doc/draft-ietf-jose-fully-specified-algorithms/>
>>
>> The authors have updated the draft based on WGLC comments and
>> discussions at IETF 120, and the chairs have polled the working group
>> about the readiness for WGLC. Seeing no opposition, we've decided to
>> proceed with a second WGLC.
>>
>> Please review the document in detail and reply to this message
>> (keeping the subject line intact) with your opinion on the readiness
>> of this document for publication and any additional comments that you
>> have.
>>
>> This will be a three week WGLC. Please submit your responses by 13
>> September 2024.
>>
>> Thank you,
>> Karen (for the JOSE WG chairs)
>
> _______________________________________________
> jose mailing list -- jose@ietf.org<mailto:jose@ietf.org>
> To unsubscribe send an email to jose-leave@ietf.org<mailto:jose-leave@ietf.org>

_______________________________________________
jose mailing list -- jose@ietf.org<mailto:jose@ietf.org>
To unsubscribe send an email to jose-leave@ietf.org<mailto:jose-leave@ietf.org>