IETF Logo Mail Archive

Re: [jose] Feedback request on jose tracker issue#11: Should we use RFC 5116 and remove the JWE Integrity Value field?

Richard Barnes <rlb@ipv.sx> Tue, 16 April 2013 14:24 UTC

Return-Path: <rlb@ipv.sx>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 55CEB21F9702 for <jose@ietfa.amsl.com>; Tue, 16 Apr 2013 07:24:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.425
X-Spam-Level:
X-Spam-Status: No, score=-0.425 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FH_RELAY_NODNS=1.451, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RDNS_NONE=0.1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mPUTftXHGCja for <jose@ietfa.amsl.com>; Tue, 16 Apr 2013 07:24:14 -0700 (PDT)
Received: from mail-ob0-x22a.google.com (mail-ob0-x22a.google.com [IPv6:2607:f8b0:4003:c01::22a]) by ietfa.amsl.com (Postfix) with ESMTP id 0461521F96FA for <jose@ietf.org>; Tue, 16 Apr 2013 07:24:13 -0700 (PDT)
Received: by mail-ob0-f170.google.com with SMTP id x4so488456obh.1 for <jose@ietf.org>; Tue, 16 Apr 2013 07:24:13 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:x-received:x-originating-ip:in-reply-to:references :date:message-id:subject:from:to:cc:content-type:x-gm-message-state; bh=T+RRBD0ZnBkL5C/iuHq8wG+j/JGS6yRTk0FeCI9rvJ8=; b=MTmKeKe3+cqtzYCQnfXHsPi3Erzd/ARB9kCWHxoaVMZF/SjHhCm1RhF94Dywi+pvRa l9SmQwNqMzvW8sQ9s54fBNQCY6/EbQFGzxX/+jbizDETBK/BmX0abYZSnAmJWUHjJ7Cx WM9bUjPqhn6+VJRf2BzlZ/XNVBDBN3dQw0coTc2W6aDAUUqbrZgmwdbGABfVEAwNKurM KzCPRvvFIOr3HBxPZy5498e/tFi3EtuWCu+s+aR80chu+O3kjx/6rft2ZjrLjCtE1hcD bYVi/Kh10WYTIvwVod1DnVEMQ12vJhiLMX2dnPXxNNwvuY4yGAIKJiXrNTjVsFBEsYz9 V3GQ==
MIME-Version: 1.0
X-Received: by 10.60.62.39 with SMTP id v7mr941636oer.5.1366122252796; Tue, 16 Apr 2013 07:24:12 -0700 (PDT)
Received: by 10.60.25.196 with HTTP; Tue, 16 Apr 2013 07:24:12 -0700 (PDT)
X-Originating-IP: [192.1.51.16]
In-Reply-To: <71C65BBC-A7CB-4A5A-AE85-20650203F2FB@ve7jtb.com>
References: <51674E3D.7030004@isoc.org> <71C65BBC-A7CB-4A5A-AE85-20650203F2FB@ve7jtb.com>
Date: Tue, 16 Apr 2013 10:24:12 -0400
Message-ID: <CAL02cgRtu6TkmkP3gBk6UYCBk9hnDA=tiqyaRgoCyx9z-O__OA@mail.gmail.com>
From: Richard Barnes <rlb@ipv.sx>
To: John Bradley <ve7jtb@ve7jtb.com>
Content-Type: multipart/alternative; boundary="089e013a005a99657604da7b1fbe"
X-Gm-Message-State: ALoCoQnwfpnW9S+5tVvXwUphqBP/4PBqOg7eOVbgp8wLjqoGnOTKFyRgQDsIdv3DqOO2tKM/8xSb
Cc: jose@ietf.org, odonoghue@isoc.org
Subject: Re: [jose] Feedback request on jose tracker issue#11: Should we use RFC 5116 and remove the JWE Integrity Value field?
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/jose>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 16 Apr 2013 14:24:16 -0000

I'm confused.  This is not about the IV == Initialization Vector, it's
about the JWE Integrity Value (inconveniently also "IV").  I don't think
anyone has proposed merging in the initialization vector, both because
that's not what RFC 5116 does and because it's a terrible idea :)


On Mon, Apr 15, 2013 at 2:41 PM, John Bradley <ve7jtb@ve7jtb.com> wrote:

> 1 ish.
>
> Representing the nonce/IV separately should not preclude using a crypto
> library generated nonce/IV , as may be done in some libraries implementing
>  draft-mcgrew-aead-aes-cbc-hmac-sha2.
>
> So I am in favour of the current serialization while wanting to support
> the crypto from  draft-mcgrew-aead-aes-cbc-hmac-sha2 if not the particular
> serialization which is optimized for a different use-case.   The current draft-mcgrew-aead-aes-cbc-hmac-sha2
> conflates crypto and serialization.  I am hoping we can resolve that so the
> crypto can be supported.
>
> John B.
>
> On 2013-04-11, at 8:58 PM, Karen O'Donoghue <odonoghue@isoc.org> wrote:
>
>  Issue #11 http://trac.tools.ietf.org/wg/jose/trac/ticket/11 proposes
> restructuring the JWE representation to remove the JWE Integrity Value
> field and instead use the RFC 5116 (AEAD) binary serialization to represent
> the Ciphertext, Initialization Vector, and Integrity Value values.  If this
> proposal is adopted, JWEs would then have three fields – the header, the
> encrypted key, and the RFC 5116 combination of the Ciphertext,
> Initialization Vector, and Integrity Value values.****** **
>
> This issue is also related to issue #3.  Note that the updated McGrew
> draft described there could be used whether or not we switched to using RFC
> 5116.****
>
>
> Which of these best describes your preferences on this issue?****
>
> 1.  Continue having separate Ciphertext, Initialization Vector, and
> Integrity Value values in the JWE representation.****
>
> 2.  Switch to using the RFC 5116 (AEAD) serialization to represent the
> combination of these three values.****
>
> 3.  Another resolution (please specify in detail).****
>
> 0.  I need more information to decide.****
>
>
> Your reply is requested by Friday, April 19th or earlier.
>  _______________________________________________
> jose mailing list
> jose@ietf.org
> https://www.ietf.org/mailman/listinfo/jose
>
>
>
> _______________________________________________
> jose mailing list
> jose@ietf.org
> https://www.ietf.org/mailman/listinfo/jose
>
>

v2.23.0 | Report a Bug | By Email