IETF Logo Mail Archive

Re: [jose] PBES2-HS256+A128KW: where do salt and iteration count go?

Mike Jones <Michael.Jones@microsoft.com> Thu, 18 July 2013 18:39 UTC

Return-Path: <Michael.Jones@microsoft.com>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 70BB421E8183 for <jose@ietfa.amsl.com>; Thu, 18 Jul 2013 11:39:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.713
X-Spam-Level:
X-Spam-Status: No, score=-4.713 tagged_above=-999 required=5 tests=[AWL=0.886, BAYES_00=-2.599, GB_I_LETTER=-2, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ITTWOtidlM9b for <jose@ietfa.amsl.com>; Thu, 18 Jul 2013 11:39:51 -0700 (PDT)
Received: from ch1outboundpool.messaging.microsoft.com (ch1ehsobe002.messaging.microsoft.com [216.32.181.182]) by ietfa.amsl.com (Postfix) with ESMTP id 52D4C21E8177 for <jose@ietf.org>; Thu, 18 Jul 2013 11:39:50 -0700 (PDT)
Received: from mail38-ch1-R.bigfish.com (10.43.68.241) by CH1EHSOBE015.bigfish.com (10.43.70.65) with Microsoft SMTP Server id 14.1.225.22; Thu, 18 Jul 2013 18:39:43 +0000
Received: from mail38-ch1 (localhost [127.0.0.1]) by mail38-ch1-R.bigfish.com (Postfix) with ESMTP id A0D0F40316; Thu, 18 Jul 2013 18:39:43 +0000 (UTC)
X-Forefront-Antispam-Report: CIP:131.107.125.8; KIP:(null); UIP:(null); IPV:NLI; H:TK5EX14HUBC102.redmond.corp.microsoft.com; RD:autodiscover.service.exchange.microsoft.com; EFVD:NLI
X-SpamScore: -25
X-BigFish: VS-25(zz98dI9371I1b0bId772h542I1432Izz1f42h208ch1ee6h1de0h1fdah2073h1202h1e76h1d1ah1d2ah1fc6hzz1de098h1033IL1de097h8275bh8275dhz2fh2a8h668h839h944hd25hf0ah1220h1288h12a5h12a9h12bdh137ah13b6h1441h1504h1537h153bh15d0h162dh1631h1758h18e1h1946h19b5h19ceh1b0ah1d0ch1d2eh1d3fh1dfeh1dffh1e1dh1155h)
Received-SPF: pass (mail38-ch1: domain of microsoft.com designates 131.107.125.8 as permitted sender) client-ip=131.107.125.8; envelope-from=Michael.Jones@microsoft.com; helo=TK5EX14HUBC102.redmond.corp.microsoft.com ; icrosoft.com ;
Received: from mail38-ch1 (localhost.localdomain [127.0.0.1]) by mail38-ch1 (MessageSwitch) id 1374172782257541_22181; Thu, 18 Jul 2013 18:39:42 +0000 (UTC)
Received: from CH1EHSMHS037.bigfish.com (snatpool2.int.messaging.microsoft.com [10.43.68.237]) by mail38-ch1.bigfish.com (Postfix) with ESMTP id 307B3E004C; Thu, 18 Jul 2013 18:39:42 +0000 (UTC)
Received: from TK5EX14HUBC102.redmond.corp.microsoft.com (131.107.125.8) by CH1EHSMHS037.bigfish.com (10.43.69.246) with Microsoft SMTP Server (TLS) id 14.16.227.3; Thu, 18 Jul 2013 18:39:41 +0000
Received: from TK5EX14MBXC284.redmond.corp.microsoft.com ([169.254.1.38]) by TK5EX14HUBC102.redmond.corp.microsoft.com ([157.54.7.154]) with mapi id 14.03.0136.001; Thu, 18 Jul 2013 18:39:33 +0000
From: Mike Jones <Michael.Jones@microsoft.com>
To: "Matt Miller (mamille2)" <mamille2@cisco.com>, "jose@ietf.org" <jose@ietf.org>
Thread-Topic: [jose] PBES2-HS256+A128KW: where do salt and iteration count go?
Thread-Index: Ac6Bwa7E5l6r/DDHRwe+2UU0iYcgFQA1v0SA///D1wD///0PMIAACJeAgAAIqYCAABzcAP/9VRww
Date: Thu, 18 Jul 2013 18:39:32 +0000
Message-ID: <4E1F6AAD24975D4BA5B16804296739436B6EB008@TK5EX14MBXC284.redmond.corp.microsoft.com>
References: <255B9BB34FB7D647A506DC292726F6E1151C7C31BF@WSMSG3153V.srv.dir.telstra.com> <BF7E36B9C495A6468E8EC573603ED941152C0944@xmb-aln-x11.cisco.com> <CAL02cgQF1O67LMivM+tzuAb-6BawPDL1m0mPC7+s=FzN7zrjwg@mail.gmail.com> <4E1F6AAD24975D4BA5B16804296739436B6C8153@TK5EX14MBXC283.redmond.corp.microsoft.com> <CAL02cgS8iVs5Qz0T6CeA-6uCoVGYwfjvDf4KvZ7svxwkVvmcGg@mail.gmail.com> <255B9BB34FB7D647A506DC292726F6E1151C7C3E1D@WSMSG3153V.srv.dir.telstra.com> <BF7E36B9C495A6468E8EC573603ED941152C1638@xmb-aln-x11.cisco.com>
In-Reply-To: <BF7E36B9C495A6468E8EC573603ED941152C1638@xmb-aln-x11.cisco.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [157.54.51.37]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
X-FOPE-CONNECTOR: Id%0$Dn%*$RO%0$TLS%0$FQDN%$TlsDn%
Subject: Re: [jose] PBES2-HS256+A128KW: where do salt and iteration count go?
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/jose>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 18 Jul 2013 18:39:57 -0000

Wearing my editor's hat, it seems like the direction from the working group is to make the salt and iteration count be explicit header parameter values and to drop the "kty":"PBKDF2".  Any disagreement, or shall I do that in the next drafts?

FYI, I was thinking that I'd use "slt" and "itc" for the parameter names.

				-- Mike

-----Original Message-----
From: Matt Miller (mamille2) [mailto:mamille2@cisco.com] 
Sent: Tuesday, July 16, 2013 6:52 PM
To: Manger, James H
Cc: Richard Barnes; Mike Jones; jose@ietf.org
Subject: Re: [jose] PBES2-HS256+A128KW: where do salt and iteration count go?

I think the basic concept is fine, but I would rather not add any more human-facing fields.  It has too much potential to open the Pandora's box that is localization and internationalization.  Hint is something one human enters directly (I assume), so said human could communicate it to other humans.

I do understand your concerns with "password" (or "pwd" to continue our exuberant use of three-letter fields), but that seems like a more general issue to discuss.


- m&m

Matt Miller < mamille2@cisco.com >
Cisco Systems, Inc.

On Jul 16, 2013, at 6:08 PM, "Manger, James H" <James.H.Manger@team.telstra.com>
 wrote:

> "kty":"PBKDF2" feels unnecessary, though "kty":"password" would be useful. A key set could have an entry like the following:
> 
> {
>  "kty":"password",
> "alg":" PBES2-HS256+A128KW",
> "c-min":2000,
> "prompt":"Payment approval PIN",
> "hint":"last 4 digits of \u03C0"
> }
> 
> The entry could also have a "password" field holding the actual password.
> Mind you, I think mixing public (eg kty, alg) and sensitive (eg hint, password) fields side-by-side in a JSON object is a design guaranteed to lead to security breaches from poor handling.
> 
> --
> James Manger
> 
> From: Richard Barnes [mailto:rlb@ipv.sx]
> Sent: Wednesday, 17 July 2013 9:37 AM
> To: Mike Jones
> Cc: Matt Miller (mamille2); Manger, James H; jose@ietf.org
> Subject: Re: [jose] PBES2-HS256+A128KW: where do salt and iteration count go?
> 
> I was thinking that the "jwk" would be unnecessary.  We could have "hint" at the top level, or just use "kid" for that purpose.
> 
> --Richard
> 
> On Tue, Jul 16, 2013 at 7:30 PM, Mike Jones <Michael.Jones@microsoft.com<mailto:Michael.Jones@microsoft.com>> wrote:
> If we move "s" and "c" to being header parameters from the JWK, would we still need the JWK with "kty":"PBKDF2"?  All that would be left would be the "hint" JWK parameter.

v2.30.2 | Report a Bug | By Email | System Status