Re: [jose] POLL(s): header criticality

"Hannes Tschofenig" <Hannes.Tschofenig@gmx.net> Thu, 07 February 2013 08:51 UTC

Return-Path: <hannes.tschofenig@gmx.net>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 74F3D21F8635 for <jose@ietfa.amsl.com>; Thu, 7 Feb 2013 00:51:00 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.03
X-Spam-Level:
X-Spam-Status: No, score=-102.03 tagged_above=-999 required=5 tests=[AWL=0.569, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id t-qXug8O9Go6 for <jose@ietfa.amsl.com>; Thu, 7 Feb 2013 00:50:58 -0800 (PST)
Received: from mout.gmx.net (mout.gmx.net [212.227.15.18]) by ietfa.amsl.com (Postfix) with ESMTP id 4DD9921F8578 for <jose@ietf.org>; Thu, 7 Feb 2013 00:50:57 -0800 (PST)
Received: from mailout-de.gmx.net ([10.1.76.10]) by mrigmx.server.lan (mrigmx001) with ESMTP (Nemesis) id 0LcmGP-1UlkcZ10NT-00kC1y for <jose@ietf.org>; Thu, 07 Feb 2013 09:50:56 +0100
Received: (qmail 16061 invoked by uid 0); 7 Feb 2013 08:50:56 -0000
Received: from 194.251.119.197 by www038.gmx.net with HTTP; Thu, 07 Feb 2013 09:50:54 +0100 (CET)
Content-Type: text/plain; charset="utf-8"
Date: Thu, 07 Feb 2013 09:50:54 +0100
From: "Hannes Tschofenig" <Hannes.Tschofenig@gmx.net>
In-Reply-To: <4E1F6AAD24975D4BA5B1680429673943674194D4@TK5EX14MBXC284.redmond.corp.microsoft.com>
Message-ID: <20130207085054.180050@gmx.net>
MIME-Version: 1.0
References: <510FCA42.5000704@isoc.org> <51134A69.5020704@gmx.net> <4E1F6AAD24975D4BA5B1680429673943674194D4@TK5EX14MBXC284.redmond.corp.microsoft.com>
To: Mike Jones <Michael.Jones@microsoft.com>, odonoghue@isoc.org, hannes.tschofenig@gmx.net
X-Authenticated: #29516787
X-Flags: 0001
X-Mailer: WWW-Mail 6100 (Global Message Exchange)
X-Priority: 3
X-Provags-ID: V01U2FsdGVkX197CtceJYp7cidOfnU70KTkwWg+BU5KeypPSjVC2T McTLQq0oifn6tHgAFscguv6DGa4B18fEkh0w==
Content-Transfer-Encoding: 8bit
X-GMX-UID: uQ9hcTEneSEqZJIAqXUh+Ft+IGRvb8AQ
Cc: jose@ietf.org
Subject: Re: [jose] POLL(s): header criticality
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/jose>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 07 Feb 2013 08:51:02 -0000

Hi Mike, 

whatever story the group comes up with I believe it would be important to describe this in the document since other specifications have followed a different approach. 

Knowing you guys I had already expected that you try to solve this extensibility issue using additional OpenID Connect specifications. 

I am wondering what approach other specifications have used in the past. My understanding is that XML, CMS, and PSKC follow a model where the mandatory to implement functionality is defined in the specification and additional specifications indicate what additional extensions have to be used. Is my understanding correct? 

Ciao
Hannes

-------- Original-Nachricht --------
> Datum: Thu, 7 Feb 2013 07:20:32 +0000
> Von: Mike Jones <Michael.Jones@microsoft.com>
> An: Hannes Tschofenig <hannes.tschofenig@gmx.net>et>, "odonoghue@isoc.org" <odonoghue@isoc.org>
> CC: "jose@ietf.org" <jose@ietf.org>
> Betreff: RE: [jose] POLL(s): header criticality

> Hi Hannes,
> 
> One tried-and-true method of enabling extensions is through discovery
> and/or negotiation.  (This fits into your (b) - there is another higher layer
> specification that says what is required.)  For instance, if two parties
> come to understand through discovery that both support an extension, then they
> are free to use it between themselves.
> 
> For instance, yes, in OpenID Connect, implementations can discover what
> algorithms and other features are supported and then use only those that are
> implemented by both communicating parties.  I can't imagine that this is
> the only JOSE use case that will employ discovery and/or negotiation.
> 
> When discovery and/or negotiation is used, implementations don't have to
> ignore not-understood features, because none would be used in the first
> place.
> 
> 				Best wishes,
> 				-- Mike
> 
> P.S.  Yes, you're right that (a) - out-of-band agreement - could be used
> in some cases too.  For instance, OAuth deployments almost all employ
> out-of-band agreements.
> 
> -----Original Message-----
> From: jose-bounces@ietf.org [mailto:jose-bounces@ietf.org] On Behalf Of
> Hannes Tschofenig
> Sent: Wednesday, February 06, 2013 10:32 PM
> To: odonoghue@isoc.org
> Cc: hannes.tschofenig@gmx.net; jose@ietf.org
> Subject: Re: [jose] POLL(s): header criticality
> 
> Hi Karen,
> 
> thanks for running this poll.
> 
> My problem with answering your questions is the following:
> 
> The question you are raising deals with how you want to handle extensions.
> While it is easy to say that all the features in specification X must be
> implemented it is not even clear which specifications you are actually
> referring to with question #1.
> 
> So, I am wondering how you plan to handle any extension when someone
> answers question #1 with YES. I see only the following ways:
> 
> a) there is an out-of-band agreement (for a specific system, such a
> federation) that defines what values need to be present, or
> 
> b) there is another higher layer specification that says what is required.
> 
> I assume that many of the OAuth folks have answered the question with YES
> since they are thinking that they will just write that specification as
> part of OpenID Connect.
> 
> If that's the plan I think it should be clearly articulated to avoid
> raising wrong expectations of the level of interoperability this work provides.
> 
> If there is a different plan then please let me know.
> 
> Ciao
> Hannes
> 
> 
> On 02/04/2013 04:48 PM, Karen O'Donoghue wrote:
> > Folks,
> >
> > I am wrestling with how to help drive consensus on the topic of 
> > criticality of headers. For background, please review the current 
> > specification text, the minutes to the Atlanta meeting (IETF85), and 
> > the mailing list (especially the discussion in December with (Subj: 
> > Whether implementations must understand all JOSE header fields)). We 
> > need to come to closure on this issue in order to progress the
> specifications.
> >
> > As a tool to gather further information on determining a way forward, 
> > the following polls have been created. Please respond before 11 
> > February 2013.
> >
> > Thanks,
> > Karen
> >
> > *******************
> > FIRST POLL: Should all header fields be critical for implementations 
> > to understand?
> >
> > YES - All header fields must continue to be understood by 
> > implementations or the input must be rejected.
> >
> > NO - A means of listing that specific header fields may be safely 
> > ignored should be defined.
> >
> > ********************
> > SECOND POLL: Should the result of the first poll be "YES", should text 
> > like the following be added? "Implementation Note: The requirement to 
> > understand all header fields is a requirement on the system as a whole 
> > - not on any particular level of library software. For instance, a 
> > JOSE library could process the headers that it understands and then 
> > leave the processing of the rest of them up to the application. For 
> > those headers that the JOSE library didn't understand, the 
> > responsibility for fulfilling the 'MUST understand' requirement for 
> > the remaining headers would then fall to the application."
> >
> > YES - Add the text clarifying that the "MUST understand" requirement 
> > is a requirement on the system as a whole - not specifically on JOSE 
> > libraries.
> >
> > NO - Don't add the clarifying text.
> >
> > ************************
> > THIRD POLL: Should the result of the first poll be "NO", which syntax 
> > would you prefer for designating the header fields that may be ignored 
> > if not understood?
> >
> > A - Define a header field that explicitly lists the fields that may be 
> > safely ignored if not understood.
> >
> > B - Introduce a second header, where implementations must understand 
> > all fields in the first but they may ignore not-understood fields in 
> > the second.
> >
> > C - Other??? (Please specify in detail.) 
> > _______________________________________________
> > jose mailing list
> > jose@ietf.org
> > https://www.ietf.org/mailman/listinfo/jose
> 
> _______________________________________________
> jose mailing list
> jose@ietf.org
> https://www.ietf.org/mailman/listinfo/jose