IETF Logo Mail Archive

Re: [jose] #26: Allow for signature payload to not be base64 encoded

"Jim Schaad" <ietf@augustcellars.com> Thu, 27 June 2013 03:19 UTC

Return-Path: <ietf@augustcellars.com>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EAF3F21F9649 for <jose@ietfa.amsl.com>; Wed, 26 Jun 2013 20:19:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.079
X-Spam-Level:
X-Spam-Status: No, score=-3.079 tagged_above=-999 required=5 tests=[AWL=0.520, BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OhK6lKpFK1qU for <jose@ietfa.amsl.com>; Wed, 26 Jun 2013 20:19:32 -0700 (PDT)
Received: from smtp2.pacifier.net (smtp2.pacifier.net [64.255.237.172]) by ietfa.amsl.com (Postfix) with ESMTP id D266821F957B for <jose@ietf.org>; Wed, 26 Jun 2013 20:19:29 -0700 (PDT)
Received: from Philemon (ip-64-134-233-240.public.wayport.net [64.134.233.240]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) (Authenticated sender: jimsch@nwlink.com) by smtp2.pacifier.net (Postfix) with ESMTPSA id AD60C2C9F5; Wed, 26 Jun 2013 20:19:29 -0700 (PDT)
From: Jim Schaad <ietf@augustcellars.com>
To: 'Mike Jones' <Michael.Jones@microsoft.com>
References: <061.c2fcfec0a75d48eb8b194991ce56157e@trac.tools.ietf.org> <076.3f5d1244c042cd87bfb07814924fcbc9@trac.tools.ietf.org> <033a01ce729b$26bc3910$7434ab30$@augustcellars.com> <4E1F6AAD24975D4BA5B16804296739436789B3BC@TK5EX14MBXC283.redmond.corp.microsoft.com>
In-Reply-To: <4E1F6AAD24975D4BA5B16804296739436789B3BC@TK5EX14MBXC283.redmond.corp.microsoft.com>
Date: Wed, 26 Jun 2013 20:18:29 -0700
Message-ID: <03c101ce72e5$01bffe40$053ffac0$@augustcellars.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Outlook 14.0
Thread-Index: AQFbtMM0AVMbmndwUUG6vntocHGkoALWvDclApUnp/sBskfd3Jn1Pj6Q
Content-Language: en-us
Cc: jose@ietf.org
Subject: Re: [jose] #26: Allow for signature payload to not be base64 encoded
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/jose>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 27 Jun 2013 03:19:38 -0000

What I am proposing is that it is an option to "harden" the content, but is
not required.  What is signed and what is transported are the same, but what
is signed may or may not be suitable for the compact encoding.

One would always be able to switch from the compact to the JSON
serialization, however the reverse transformation may not always be
possible.  This would be one more reason why it would not be possible, but
there are many others.

What I originally described would by how I would approach it from a library
basis.  However, there are many things that applications can do that are not
doable by a library and a library would only give some additional options to
what was doable.  This means that while I said that the application would be
required to base64url encode the content, it could do this by passing an
indicator to the library that this was the desired behavior (for example by
calling the SignForCompactEncoding function).

The primary purpose of base64 encoding is not to harden the content to
protect from changes, it is to allow you to do the compact encoding and
transport it in a URL.   If you are worried about things which are going to
muck with the content, they are going to be happy to parse it up, unbase64
encode it, muck with it and write it back out.  This does not prevent a
determined entity from doing the mucking.   If I pass the content as a
string field in a JSON encoded object, then nobody is going to much with it
by default.  They are going to need to know that the need to muck with it
before they start.

> -----Original Message-----
> From: Mike Jones [mailto:Michael.Jones@microsoft.com]
> Sent: Wednesday, June 26, 2013 12:10 PM
> To: Jim Schaad
> Cc: jose@ietf.org
> Subject: RE: [jose] #26: Allow for signature payload to not be base64
encoded
> 
> Maybe I'm confused about what you were proposing.  These are the two ways
> of doing something that I thought you were describing:
> 
> 1.  Have the signature payload be base64url encoded (the status quo) 2.
Have
> the signature payload be unencoded in the JSON Serialization if a flag is
set in
> the header
> 
> If you're proposing that the default be unencoded for the JSON
Serialization,
> that has the pitfall that a simple syntactic transformation is no longer
possible
> between the Compact Serialization and the JSON Serialization.  The two
would
> have unnecessarily diverged.
> 
> If I misunderstood your proposal, maybe you could describe it in closer to
> normative language - for instance, defining the flag you propose to say
that
> the payload is not base64url encoded and saying what its semantics would
be
> for the JSON Serialization and the Compact Serialization.
> 
> BTW, your response didn't address the point that a primary purpose of the
> base64url encoding is to harden the payload against changes that might
> otherwise occur during transmission.  Not hardening the payload will
almost
> certainly lead to hard-to-debug interop problems in practice.
> 
> 				-- Mike
> 
> -----Original Message-----
> From: jose-bounces@ietf.org [mailto:jose-bounces@ietf.org] On Behalf Of
Jim
> Schaad
> Sent: Wednesday, June 26, 2013 11:30 AM
> To: draft-ietf-jose-json-web-signature@tools.ietf.org; Mike Jones
> Cc: jose@ietf.org
> Subject: Re: [jose] #26: Allow for signature payload to not be base64
encoded
> 
> Having multiple ways to do something can frequently buy you a great deal
of
> benefit.  However, in this case it is my library that is doing this and
not the
> standard.
> 
> The client gives the library an 8-bit string.  The library signs that
string.  The
> library puts that string into the payload field.
> 
> The client needs to make the 8-bit string URL safe if it wants to use
compact
> encoding.
> 
> Where is there two ways of doing something?
> 
> Jim
> 
> 
> > -----Original Message-----
> > From: jose-bounces@ietf.org [mailto:jose-bounces@ietf.org] On Behalf
> > Of jose issue tracker
> > Sent: Tuesday, June 25, 2013 5:23 PM
> > To: draft-ietf-jose-json-web-signature@tools.ietf.org;
> > michael.jones@microsoft.com
> > Cc: jose@ietf.org
> > Subject: Re: [jose] #26: Allow for signature payload to not be base64
> > encoded
> >
> > #26: Allow for signature payload to not be base64 encoded
> >
> >
> > Comment (by michael.jones@microsoft.com)
> >
> >  Having multiple ways to do something is one of the classic pitfalls
> > to  avoid in standards.  They tend to generate interop problems
> > because  developers will often only build the way that they think they
need,
> never
> >  getting around to the others.   I don t think the potential benefits of
> >  having multiple ways to encode the payload outweigh this cost.
> >
> >  Next, this feature would only work with the JSON serialization; it
> > would  not work for the Compact Serialization because the payload must
be
> URL  safe.
> > The base64url encoding accomplishes that, and so is a necessary  part
> > of the encoding.  Having the two serializations diverge in this manner
> > seems suboptimal.
> >
> >  Third, I am concerned that the payload will sometimes change during
> > transmission if not encoded in some manner.  Tabs can change to spaces.
> >  LFs can change to CRLFs.  HTML is notorious for adding a blank at the
> > end  of each line.  Two spaces can change to a space and a non-breaking
> space.
> >  Etc.  Not encoding the payload would open us up to all of these
potential
> > modification-during-transmission problems   all of which would render
the
> > JWS useless by breaking the signature.
> >
> >  Finally, this feature seems to be motivated by detached signatures,
> > which  per my comment on Ticket #25, can be accomplished at the
> > application layer without adding general-purpose support for detached
> > signatures.  Thus, I  don t think this related feature is needed either.
> >
> >  For all these reasons, I believe that this issue should be closed as
won t fix .
> >
> > --
> > -------------------------+--------------------------------------------
> > -------------------------+--
> > -------------------------+---
> >  Reporter:               |       Owner:  draft-ietf-jose-json-web-
> >   ietf@augustcellars.com |  signature@tools.ietf.org
> >      Type:  defect       |      Status:  new
> >  Priority:  major        |   Milestone:
> > Component:  json-web-    |     Version:
> >   signature              |  Resolution:
> >  Severity:  -            |
> >  Keywords:               |
> > -------------------------+--------------------------------------------
> > -------------------------+--
> > -------------------------+---
> >
> > Ticket URL:
> > <http://trac.tools.ietf.org/wg/jose/trac/ticket/26#comment:1>
> > jose <http://tools.ietf.org/jose/>
> >
> > _______________________________________________
> > jose mailing list
> > jose@ietf.org
> > https://www.ietf.org/mailman/listinfo/jose
> 
> _______________________________________________
> jose mailing list
> jose@ietf.org
> https://www.ietf.org/mailman/listinfo/jose

v2.39.1 | Report a Bug | By Email | System Status