Re: [jose] Propsoed Signing Procedure
Richard Barnes <rlb@ipv.sx> Mon, 01 July 2013 15:23 UTC
Return-Path: <rlb@ipv.sx>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 94C4511E81AF for <jose@ietfa.amsl.com>; Mon, 1 Jul 2013 08:23:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.976
X-Spam-Level:
X-Spam-Status: No, score=-2.976 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9Lez7tVBGF+S for <jose@ietfa.amsl.com>; Mon, 1 Jul 2013 08:23:16 -0700 (PDT)
Received: from mail-oa0-f44.google.com (mail-oa0-f44.google.com [209.85.219.44]) by ietfa.amsl.com (Postfix) with ESMTP id 89D0811E8186 for <jose@ietf.org>; Mon, 1 Jul 2013 08:23:16 -0700 (PDT)
Received: by mail-oa0-f44.google.com with SMTP id l10so5110006oag.3 for <jose@ietf.org>; Mon, 01 Jul 2013 08:23:09 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:x-originating-ip:in-reply-to:references:date :message-id:subject:from:to:cc:content-type:x-gm-message-state; bh=liVaCK0ejfsIBUcQqVcYP0BI8fZCtaCCHnVJS71qboA=; b=BrLQ0GEmbptcEihCVTwY+T28q7VcyGxnDmbgEN84XjgSKSxdlORY2V2gcFLZ+tSQjx CuKCfC+t+UKNot+1j/tUwyUblumW8ZLAswpWxpCzFnbRMHvHRxDHvtSBkdRoYdejncaS ziRs6QjgJsybvukF5JYbf2Ia4AYQw74RVU8VdZD8g9WLG+XP4NGimFAFfflfCYgclAsz jeeAmwLgdXz3j+YF4WUi72jxu3MZHEJQ8hfO2nUgv1uFyVkgmo7lFBa0aoWdH3MugXlr Dzx9u6Ao6htTxmoYpUQxsZaRJSHFXr+tQ3wXTf6VIubrcEhhnl7sP8YcDrjYnhQmmZ1H iUaA==
MIME-Version: 1.0
X-Received: by 10.60.97.74 with SMTP id dy10mr9810138oeb.27.1372692189721; Mon, 01 Jul 2013 08:23:09 -0700 (PDT)
Received: by 10.60.26.135 with HTTP; Mon, 1 Jul 2013 08:23:09 -0700 (PDT)
X-Originating-IP: [192.1.255.192]
In-Reply-To: <063101ce747e$425dd4f0$c7197ed0$@augustcellars.com>
References: <063101ce747e$425dd4f0$c7197ed0$@augustcellars.com>
Date: Mon, 01 Jul 2013 11:23:09 -0400
Message-ID: <CAL02cgTFm3z7VC=oQ7JV74dm4kxf_YQxdegFjs5duT4U9sUCAw@mail.gmail.com>
From: Richard Barnes <rlb@ipv.sx>
To: Jim Schaad <ietf@augustcellars.com>
Content-Type: multipart/alternative; boundary="089e0115e9fa5ac1c104e074cea1"
X-Gm-Message-State: ALoCoQndUyUsuBC8AisSnYzQmhJFJYT1izl1fGXn2HLEqhwuGTQGsB3V9v1AFJ4azc5739Mqj1gx
Cc: Mike Jones <Michael.Jones@microsoft.com>, "jose@ietf.org" <jose@ietf.org>
Subject: Re: [jose] Propsoed Signing Procedure
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/jose>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 01 Jul 2013 15:23:35 -0000
I actually think this goes the wrong way in a different direction. Namely,
we don't need to have the signing instructions cover the multiple-signer
case. The signatures are independent, so we can just write a single-signer
algorithm and say, "do this for each signer".
As I noted in ISSUE-26, the only modification needed here is in how the JWS
Signing Input is determined.
OLD:
"""
5. Compute the JWS Signature in the manner defined for the particular
algorithm being used over the JWS Signing Input (the concatenation of the
Encoded JWS Header, a period ('.') character, and the Encoded JWS Payload).
The alg (algorithm) header parameter MUST be present in the JWS Header,
with the algorithm value accurately representing the algorithm used to
construct the JWS Signature.
"""
NEW:
"""
5. Compute the JWS Signing Input. If there is a JWS Protected Header, then
the JWS Signing Input is the concatenation of the Encoded JWS Header, a
period ('.') character, and the Encoded JWS Payload. If there is no JWS
Protected Header, then the JWS Signing Input is simply the JWS Payload.
6. Compute the JWS Signature in the manner defined for the particular
algorithm being used over the JWS Signing Input. The alg (algorithm) header
parameter MUST be present in the JWS Header, with the algorithm value
accurately representing the algorithm used to construct the JWS Signature.
"""
Note that this is independent of how the JWS Payload is represented in the
JSON representation (base64url encoded or directly).
--Richard
On Sat, Jun 29, 2013 at 12:07 AM, Jim Schaad <ietf@augustcellars.com> wrote:
> I would suggest something along the following lines. It is still missing
> some of the descriptive text that is required, but not a great deal of it.
> ****
>
> ** **
>
> Jim****
>
> ** **
>
> ** **
>
> ** **
>
> 5.1 Message signing or MACing****
>
> ** **
>
> To create a JWS, on performs the following steps. The order of the steps
> is information, however the result of performing the steps is prescriptive.
> ****
>
> ** **
>
> **1. ** Verify the content to be used as the JWS Payload is an
> octet stream. If it is not then the fail.****
>
> **2. ** If a common signature header field exists, then serialize
> the object describing the header using UTF-8 and then base64 URL that
> result. This is now the Encoded JWS Header.****
>
> **3. **For each signature to be created perform the following steps:
> ****
>
> **a. **Obtain the algorithm to be used for the signature
> operation. This may be in the common signature protected header, the
> common signature unprotected header or the signature header objects. If
> this is not a legal and supported signature algorithm then fail.****
>
> **b. **Verify that the key to be used for the signature operation is
> compatible with the signature algorithm.****
>
> **c. **Concatenate the following values for the octet stream to be
> signed:****
>
> ** i. *
> *The Encoded JWS header if it exists,****
>
> ** ii. **One
> period character (‘.’)****
>
> ** iii. **The
> JWS payload****
>
> **d. **Compute the signature value using the key, the signature
> algorithm and the octet stream to be signed.****
>
> **e. **Base64url encode the signature value, this is the Encoded JWS
> signature.****
>
> ** **
>
> Section 8.1 Compact serialization****
>
> ** **
>
> In order for a compact serialization to be created, the following
> conditions must be met:****
>
> **1. **There must be exactly one signer****
>
> **2. **There must not be a common unprotected header field or a
> signer header field. These can be combined before the signature is created
> to form the common protected header field.****
>
> **3. **The JWS payload MUST conform to the character set which is
> used for base64url encoding. This is A-Za-z0-9 (and whatever the rest of
> them are)****
>
> ** **
>
> The compact serialization is formed by concatenating the following items:*
> ***
>
> **1. **The Encoded JWS Header,****
>
> **2. **One period character (‘.’)****
>
> **3. **The JWS Payload****
>
> **4. **One period character (‘.’)****
>
> **5. **The Encoded JWS signature****
>
> ** **
>
> Section 8.2 JSON Serialization****
>
> ** **
>
> The JSON serialization is an object with the following members:****
>
> Protected - a string containing the Encoded JWS Header
> (OPTIONAL)****
>
> Unprotected - an object containing any common unprotected header
> values (OPTINAL)****
>
> Payload - a string containing the JWS Payload (REQUIRED)***
> *
>
> Signatures - an array containing one element for each signature
> created. Each array element consists of an object with the following
> members:****
>
> Header – an object containing any signer specific
> unprotected header values (OPTINAL)****
>
> Signature – a string containing the Encoded JWS Signature
> for that signer.****
>
> ** **
>
> ** **
>
> ** **
>
> ** **
>
> _______________________________________________
> jose mailing list
> jose@ietf.org
> https://www.ietf.org/mailman/listinfo/jose
>
>
- Re: [jose] Propsoed Signing Procedure Richard Barnes
- [jose] Propsoed Signing Procedure Jim Schaad
- Re: [jose] Propsoed Signing Procedure Mike Jones
- Re: [jose] Propsoed Signing Procedure Jim Schaad