Re: [jose] #23: Make crypto independent of binary encoding (base64)
"jose issue tracker" <trac+jose@trac.tools.ietf.org> Wed, 12 June 2013 00:02 UTC
Return-Path: <trac+jose@trac.tools.ietf.org>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 684C721F9AC9 for <jose@ietfa.amsl.com>; Tue, 11 Jun 2013 17:02:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.599
X-Spam-Level:
X-Spam-Status: No, score=-102.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CVUH6AhrytSm for <jose@ietfa.amsl.com>; Tue, 11 Jun 2013 17:01:57 -0700 (PDT)
Received: from grenache.tools.ietf.org (grenache.tools.ietf.org [IPv6:2a01:3f0:1:2::30]) by ietfa.amsl.com (Postfix) with ESMTP id ACA9D21F9AC6 for <jose@ietf.org>; Tue, 11 Jun 2013 17:01:53 -0700 (PDT)
Received: from localhost ([127.0.0.1]:36272 helo=grenache.tools.ietf.org ident=www-data) by grenache.tools.ietf.org with esmtp (Exim 4.80) (envelope-from <trac+jose@trac.tools.ietf.org>) id 1UmYVR-0003yf-ES; Wed, 12 Jun 2013 02:01:41 +0200
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: jose issue tracker <trac+jose@trac.tools.ietf.org>
X-Trac-Version: 0.12.3
Precedence: bulk
Auto-Submitted: auto-generated
X-Mailer: Trac 0.12.3, by Edgewall Software
To: draft-ietf-jose-json-web-encryption@tools.ietf.org, rlb@ipv.sx, michael.jones@microsoft.com
X-Trac-Project: jose
Date: Wed, 12 Jun 2013 00:01:41 -0000
X-URL: http://tools.ietf.org/jose/
X-Trac-Ticket-URL: http://trac.tools.ietf.org/wg/jose/trac/ticket/23#comment:2
Message-ID: <064.e396e921644745f7bd339ad363a7d7f7@trac.tools.ietf.org>
References: <049.69ffc5ebf959c6eac7990651822fadf9@trac.tools.ietf.org>
X-Trac-Ticket-ID: 23
In-Reply-To: <049.69ffc5ebf959c6eac7990651822fadf9@trac.tools.ietf.org>
X-SA-Exim-Connect-IP: 127.0.0.1
X-SA-Exim-Rcpt-To: draft-ietf-jose-json-web-encryption@tools.ietf.org, rlb@ipv.sx, michael.jones@microsoft.com, jose@ietf.org
X-SA-Exim-Mail-From: trac+jose@trac.tools.ietf.org
X-SA-Exim-Scanned: No (on grenache.tools.ietf.org); SAEximRunCond expanded to false
Resent-To: ekr@rtfm.com, jhildebr@cisco.com, mbj@microsoft.com
Resent-Message-Id: <20130612000154.ACA9D21F9AC6@ietfa.amsl.com>
Resent-Date: Tue, 11 Jun 2013 17:01:53 -0700
Resent-From: trac+jose@trac.tools.ietf.org
Cc: jose@ietf.org
Subject: Re: [jose] #23: Make crypto independent of binary encoding (base64)
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.12
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/jose>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 12 Jun 2013 00:02:03 -0000
#23: Make crypto independent of binary encoding (base64) Comment (by michael.jones@microsoft.com): For both serializations, you already need the base64url encoded versions of the JWS Header and the JWS Payload to preserve them in transmission, so computing them isn't an extra burden. In the JWS Compact Serialization, you already need the concatenation of the Encoded JWS Header, a period character, and the Encoded JWS Payload, so computing that concatenation isn't an extra burden. Given you already have that quantity, computing the signature over it is the easiest thing for developers to do, and it's been shown to work well in practice. There's no compelling reason to make this change. Even for the JSON Serialization, the only "extra" step that's required to compute the signature is the concatenation with the period character - to prevent shifting of data from one field to the other, as described by Jim Schaad in the e-mail thread. So this step isn't actually "extra" at all - it's necessary. It's also highly advantageous to use exactly the same computation for both serializations, which is currently the case. Since there is no compelling reason to make this change, and since making it could enable the "shifting" problem identified by Jim, it should not be made. -- -------------------------+------------------------------------------------- Reporter: rlb@ipv.sx | Owner: draft-ietf-jose-json-web- Type: defect | encryption@tools.ietf.org Priority: major | Status: new Component: json-web- | Milestone: encryption | Version: Severity: - | Resolution: Keywords: | -------------------------+------------------------------------------------- Ticket URL: <http://trac.tools.ietf.org/wg/jose/trac/ticket/23#comment:2> jose <http://tools.ietf.org/jose/>
- [jose] #23: Make crypto independent of binary enc… jose issue tracker
- Re: [jose] #23: Make crypto independent of binary… jose issue tracker
- Re: [jose] #23: Make crypto independent of binary… jose issue tracker
- Re: [jose] #23: Make crypto independent of binary… Dick Hardt
- Re: [jose] #23: Make crypto independent of binary… Tim Bray
- Re: [jose] #23: Make crypto independent of binary… John Bradley
- Re: [jose] #23: Make crypto independent of binary… Roland Hedberg
- Re: [jose] #23: Make crypto independent of binary… Justin Richer
- Re: [jose] #23: Make crypto independent of binary… Matt Miller (mamille2)
- Re: [jose] #23: Make crypto independent of binary… Richard Barnes
- Re: [jose] #23: Make crypto independent of binary… Breno de Medeiros
- Re: [jose] #23: Make crypto independent of binary… Mike Jones
- Re: [jose] #23: Make crypto independent of binary… Tim Bray
- Re: [jose] #23: Make crypto independent of binary… Dick Hardt
- Re: [jose] #23: Make crypto independent of binary… Richard Barnes
- Re: [jose] #23: Make crypto independent of binary… Dick Hardt
- Re: [jose] #23: Make crypto independent of binary… John Bradley
- Re: [jose] #23: Make crypto independent of binary… Naveen Agarwal
- Re: [jose] #23: Make crypto independent of binary… Phillip Hallam-Baker
- Re: [jose] #23: Make crypto independent of binary… Ludwig Seitz
- Re: [jose] #23: Make crypto independent of binary… John Bradley
- Re: [jose] #23: Make crypto independent of binary… Brian Campbell
- Re: [jose] #23: Make crypto independent of binary… Mike Jones
- Re: [jose] #23: Make crypto independent of binary… George Fletcher
- Re: [jose] #23: Make crypto independent of binary… jose issue tracker