IETF Logo Mail Archive

Re: [jose] POLL(s): header criticality

Mike Jones <Michael.Jones@microsoft.com> Thu, 07 February 2013 07:21 UTC

Return-Path: <Michael.Jones@microsoft.com>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A1BE621F868B for <jose@ietfa.amsl.com>; Wed, 6 Feb 2013 23:21:02 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id t7fw4wqi+9xq for <jose@ietfa.amsl.com>; Wed, 6 Feb 2013 23:21:01 -0800 (PST)
Received: from na01-bl2-obe.outbound.protection.outlook.com (na01-bl2-obe.ptr.protection.outlook.com [65.55.169.28]) by ietfa.amsl.com (Postfix) with ESMTP id 811DE21F8684 for <jose@ietf.org>; Wed, 6 Feb 2013 23:21:01 -0800 (PST)
Received: from BL2FFO11FD017.protection.gbl (10.173.161.200) by BL2FFO11HUB036.protection.gbl (10.173.161.116) with Microsoft SMTP Server (TLS) id 15.0.609.9; Thu, 7 Feb 2013 07:20:59 +0000
Received: from TK5EX14HUBC101.redmond.corp.microsoft.com (131.107.125.37) by BL2FFO11FD017.mail.protection.outlook.com (10.173.161.35) with Microsoft SMTP Server (TLS) id 15.0.609.9 via Frontend Transport; Thu, 7 Feb 2013 07:20:59 +0000
Received: from TK5EX14MBXC284.redmond.corp.microsoft.com ([169.254.1.132]) by TK5EX14HUBC101.redmond.corp.microsoft.com ([157.54.7.153]) with mapi id 14.02.0318.003; Thu, 7 Feb 2013 07:20:32 +0000
From: Mike Jones <Michael.Jones@microsoft.com>
To: Hannes Tschofenig <hannes.tschofenig@gmx.net>, "odonoghue@isoc.org" <odonoghue@isoc.org>
Thread-Topic: [jose] POLL(s): header criticality
Thread-Index: AQHOAua+D+q84ufpKkeM13mXQx76+5ht8+iAgAALImA=
Date: Thu, 07 Feb 2013 07:20:32 +0000
Message-ID: <4E1F6AAD24975D4BA5B1680429673943674194D4@TK5EX14MBXC284.redmond.corp.microsoft.com>
References: <510FCA42.5000704@isoc.org> <51134A69.5020704@gmx.net>
In-Reply-To: <51134A69.5020704@gmx.net>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [157.54.51.35]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-Forefront-Antispam-Report: CIP:131.107.125.37; CTRY:US; IPV:CAL; IPV:NLI; EFV:NLI; SFV:NSPM; SFS:(13464002)(377454001)(479174001)(189002)(199002)(164054002)(24454001)(51704002)(52604002)(54356001)(16406001)(56816002)(46102001)(51856001)(74662001)(65816001)(44976002)(31966008)(55846006)(33656001)(47976001)(50986001)(47736001)(76482001)(56776001)(46406002)(77982001)(54316002)(74502001)(47446002)(23726001)(59766001)(53806001)(5343655001)(50466001)(4396001)(20776003)(47776003)(63696002)(49866001)(80022001)(79102001)(66066001); DIR:OUT; SFP:; SCL:1; SRVR:BL2FFO11HUB036; H:TK5EX14HUBC101.redmond.corp.microsoft.com; RD:InfoDomainNonexistent; MX:1; A:1; LANG:en;
X-OriginatorOrg: microsoft.onmicrosoft.com
X-Forefront-PRVS: 0750463DC9
Cc: "jose@ietf.org" <jose@ietf.org>
Subject: Re: [jose] POLL(s): header criticality
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/jose>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 07 Feb 2013 07:21:02 -0000

Hi Hannes,

One tried-and-true method of enabling extensions is through discovery and/or negotiation.  (This fits into your (b) - there is another higher layer specification that says what is required.)  For instance, if two parties come to understand through discovery that both support an extension, then they are free to use it between themselves.

For instance, yes, in OpenID Connect, implementations can discover what algorithms and other features are supported and then use only those that are implemented by both communicating parties.  I can't imagine that this is the only JOSE use case that will employ discovery and/or negotiation.

When discovery and/or negotiation is used, implementations don't have to ignore not-understood features, because none would be used in the first place.

				Best wishes,
				-- Mike

P.S.  Yes, you're right that (a) - out-of-band agreement - could be used in some cases too.  For instance, OAuth deployments almost all employ out-of-band agreements.

-----Original Message-----
From: jose-bounces@ietf.org [mailto:jose-bounces@ietf.org] On Behalf Of Hannes Tschofenig
Sent: Wednesday, February 06, 2013 10:32 PM
To: odonoghue@isoc.org
Cc: hannes.tschofenig@gmx.net; jose@ietf.org
Subject: Re: [jose] POLL(s): header criticality

Hi Karen,

thanks for running this poll.

My problem with answering your questions is the following:

The question you are raising deals with how you want to handle extensions. While it is easy to say that all the features in specification X must be implemented it is not even clear which specifications you are actually referring to with question #1.

So, I am wondering how you plan to handle any extension when someone answers question #1 with YES. I see only the following ways:

a) there is an out-of-band agreement (for a specific system, such a
federation) that defines what values need to be present, or

b) there is another higher layer specification that says what is required.

I assume that many of the OAuth folks have answered the question with YES since they are thinking that they will just write that specification as part of OpenID Connect.

If that's the plan I think it should be clearly articulated to avoid raising wrong expectations of the level of interoperability this work provides.

If there is a different plan then please let me know.

Ciao
Hannes


On 02/04/2013 04:48 PM, Karen O'Donoghue wrote:
> Folks,
>
> I am wrestling with how to help drive consensus on the topic of 
> criticality of headers. For background, please review the current 
> specification text, the minutes to the Atlanta meeting (IETF85), and 
> the mailing list (especially the discussion in December with (Subj: 
> Whether implementations must understand all JOSE header fields)). We 
> need to come to closure on this issue in order to progress the specifications.
>
> As a tool to gather further information on determining a way forward, 
> the following polls have been created. Please respond before 11 
> February 2013.
>
> Thanks,
> Karen
>
> *******************
> FIRST POLL: Should all header fields be critical for implementations 
> to understand?
>
> YES - All header fields must continue to be understood by 
> implementations or the input must be rejected.
>
> NO - A means of listing that specific header fields may be safely 
> ignored should be defined.
>
> ********************
> SECOND POLL: Should the result of the first poll be "YES", should text 
> like the following be added? "Implementation Note: The requirement to 
> understand all header fields is a requirement on the system as a whole 
> - not on any particular level of library software. For instance, a 
> JOSE library could process the headers that it understands and then 
> leave the processing of the rest of them up to the application. For 
> those headers that the JOSE library didn't understand, the 
> responsibility for fulfilling the 'MUST understand' requirement for 
> the remaining headers would then fall to the application."
>
> YES - Add the text clarifying that the "MUST understand" requirement 
> is a requirement on the system as a whole - not specifically on JOSE 
> libraries.
>
> NO - Don't add the clarifying text.
>
> ************************
> THIRD POLL: Should the result of the first poll be "NO", which syntax 
> would you prefer for designating the header fields that may be ignored 
> if not understood?
>
> A - Define a header field that explicitly lists the fields that may be 
> safely ignored if not understood.
>
> B - Introduce a second header, where implementations must understand 
> all fields in the first but they may ignore not-understood fields in 
> the second.
>
> C - Other??? (Please specify in detail.) 
> _______________________________________________
> jose mailing list
> jose@ietf.org
> https://www.ietf.org/mailman/listinfo/jose

_______________________________________________
jose mailing list
jose@ietf.org
https://www.ietf.org/mailman/listinfo/jose

v2.23.0 | Report a Bug | By Email