Re: [jose] issues with x5c in JWE

Brian Campbell <bcampbell@pingidentity.com> Thu, 31 January 2013 16:21 UTC

Return-Path: <bcampbell@pingidentity.com>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C364B21F8AB2 for <jose@ietfa.amsl.com>; Thu, 31 Jan 2013 08:21:02 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.351
X-Spam-Level:
X-Spam-Status: No, score=-5.351 tagged_above=-999 required=5 tests=[AWL=-0.375, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, J_BACKHAIR_12=1, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QDiq4D1TkNNW for <jose@ietfa.amsl.com>; Thu, 31 Jan 2013 08:21:01 -0800 (PST)
Received: from na3sys009aog112.obsmtp.com (na3sys009aog112.obsmtp.com [74.125.149.207]) by ietfa.amsl.com (Postfix) with ESMTP id BFA6121F857E for <jose@ietf.org>; Thu, 31 Jan 2013 08:20:58 -0800 (PST)
Received: from mail-ob0-f200.google.com ([209.85.214.200]) (using TLSv1) by na3sys009aob112.postini.com ([74.125.148.12]) with SMTP ID DSNKUQqZ6fpiwUJzKepev3asUXRR9+m1cl9l@postini.com; Thu, 31 Jan 2013 08:21:01 PST
Received: by mail-ob0-f200.google.com with SMTP id un3so16582941obb.3 for <jose@ietf.org>; Thu, 31 Jan 2013 08:20:57 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=x-received:x-received:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-type:x-gm-message-state; bh=6bgdDyumNc2M5kX8LRV15bzV4PYU2IsolOVial+jcoo=; b=cl2gD3GrYNpW6Zq0+rhsVaT82yMrSu8rVCx98AjNECZgMB7qzRVIVDoRgURGloE3UI e/YaB8dL3V5HTuNiZU4Q84VqJkcokVgvH5JMEL8MciDYeMy1loNBcJcqxfkyyC/08qGw 42aHbKSo19izR9YcLBmzWauY35gquV6LUrHPBOkVcuSSl45vU/yV9ESFybo+hxvs1MxO d+tm+V5fzi8zfkaiNoeKJ4OZU46JAXcHW61WEmomaMJpT8eOUMCAoOZqMYa2DFIMBudb Ktf+2oWgYFCEl18fbspfbL1ZHdtdvcuq0G9BMdsl/3BdHvCeTQo5lMRf6bwAGrv1louZ GOTQ==
X-Received: by 10.50.214.39 with SMTP id nx7mr1594780igc.101.1359649257204; Thu, 31 Jan 2013 08:20:57 -0800 (PST)
X-Received: by 10.50.214.39 with SMTP id nx7mr1594776igc.101.1359649257107; Thu, 31 Jan 2013 08:20:57 -0800 (PST)
MIME-Version: 1.0
Received: by 10.64.23.97 with HTTP; Thu, 31 Jan 2013 08:20:27 -0800 (PST)
In-Reply-To: <DAD9D0F9-1889-41B8-8F87-2FC689E9397B@ve7jtb.com>
References: <CA+k3eCRbkefo3M+7QK_anM+H-VQLj2b+Jvw+8EXKPnSuc4Y_7Q@mail.gmail.com> <DAD9D0F9-1889-41B8-8F87-2FC689E9397B@ve7jtb.com>
From: Brian Campbell <bcampbell@pingidentity.com>
Date: Thu, 31 Jan 2013 09:20:27 -0700
Message-ID: <CA+k3eCQqTpiTdDwdkqFNU9UApM8H4TjjkKq+XupSQuhLkbjRsg@mail.gmail.com>
To: John Bradley <ve7jtb@ve7jtb.com>
Content-Type: multipart/alternative; boundary=14dae93406e3fd302b04d4980275
X-Gm-Message-State: ALoCoQklanOF1LVmp8EByOSMw0HbzCheV1tBYDKsCTaaTtXkfk66vcgAqJMDvLLqp6bXarRnJnXLawNAGmPH5SowiYynWiOFyEFlVRrjF6WLkwZQJ2ESZD/ceg0IcLRHle13414AQobc
Cc: "jose@ietf.org" <jose@ietf.org>
Subject: Re: [jose] issues with x5c in JWE
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/jose>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 31 Jan 2013 16:21:03 -0000

Seems to me that something like x5c would be a lot more meaningful and
useful for a possible future ECDH-SS algorithm for JWE. But it would be
about the encrypting party or sender's certs in that case, right? Which
would be different than how it's currently being used. And that might be
another argument for not having it in JWE right now.

Of course that starts to beg the "must understand headers" question but I
digress...


On Tue, Jan 29, 2013 at 8:04 PM, John Bradley <ve7jtb@ve7jtb.com> wrote:

> Yes for encryption (Leaving ECDH-SS aside ) the recipoient decrypts with a
> secret.  I would expect a kid in the header.
>
> I suppose they if the recipient published a x5c that the sender used to
> encrypt with then you could include the x5c as a reference though a
> thumbprint would be simpler as the recipient is probably keeping its
> private keys in a key-store of some sort.
>
> In any event we would minimally want to change that to
>
> "The certificate containing the public key of the entity that is to
> decrypt the JWE MUST be the first certificate."
>
>
> Thanks Brian
>
> John B.
>
>
> On 2013-01-29, at 11:08 PM, Brian Campbell <bcampbell@pingidentity.com>
> wrote:
>
> I just noticed a couple of things in the JWE's x5c definition that struck
> me as maybe not right.
>
> From
> http://tools.ietf.org/html/draft-ietf-jose-json-web-encryption-08#section-4.1.9
>
> "The certificate containing the public key of the entity that encrypted
> the JWE MUST be the first certificate." - but it's not the public key of
> the entity that encrypted, is it? It's the public key of the entity that
> will decrypt. The other entity.
>
> "The recipient MUST verify the certificate chain according to [RFC5280]
> and reject the JWE if any validation failure occurs." - maybe I'm missing
> something but why would the recipient verify it's own certificate chain?
>
> And the first hyperlink in "See Appendix B<http://tools.ietf.org/html/draft-ietf-jose-json-web-encryption-08#appendix-B>of [
> JWS<http://tools.ietf.org/html/draft-ietf-jose-json-web-encryption-08#ref-JWS>]
> for an example "x5c" value" takes you to Appendix B of JWE, which is
> Acknowledgements, rather than JWS as the text would suggest.
>
> So all those little nits could be fixed. But maybe it'd be better to just
> remove x5c from JWE all together? As Richard pointed out previously,
> http://www.ietf.org/mail-archive/web/jose/current/msg01434.html, there's
> really no point in sending a whole chain to help the recipient identify its
> own key.
>
>
>
>
>
>
> _______________________________________________
> jose mailing list
> jose@ietf.org
> https://www.ietf.org/mailman/listinfo/jose
>
>
>