Re: [jose] Benoit Claise's No Objection on draft-ietf-jose-jws-signing-input-options-07: (with COMMENT)
Mike Jones <Michael.Jones@microsoft.com> Wed, 23 December 2015 16:20 UTC
Return-Path: <Michael.Jones@microsoft.com>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 431051A1B51; Wed, 23 Dec 2015 08:20:39 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.002
X-Spam-Level:
X-Spam-Status: No, score=-2.002 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VankJhFOk1u8; Wed, 23 Dec 2015 08:20:37 -0800 (PST)
Received: from na01-bl2-obe.outbound.protection.outlook.com (mail-bl2on0141.outbound.protection.outlook.com [65.55.169.141]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 869421A1B4B; Wed, 23 Dec 2015 08:20:36 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector1; h=From:To:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=aqgz/F29dWsixjFH5hrz2QehMVCtjugC+yBnnyh+4DE=; b=O2Go4futbEqcJb4RIKrOm3Xk8yVg+o8WpmQrwc/NHJv5rQZXG0Uz2KDhH5EBHz+1UxKhKIN5TnXkXpPnTT+gt0JKzablfvfy6eXkMqVBR2cgcvcHGmTpi5o9FWe0boH6hO9lze01QMhGvsyiGbpSMUuqtV3n6W5eC/1ZiAeG/9I=
Received: from BY2PR03MB442.namprd03.prod.outlook.com (10.141.141.145) by BY2PR03MB444.namprd03.prod.outlook.com (10.141.141.154) with Microsoft SMTP Server (TLS) id 15.1.361.13; Wed, 23 Dec 2015 16:20:34 +0000
Received: from BY2PR03MB442.namprd03.prod.outlook.com ([10.141.141.145]) by BY2PR03MB442.namprd03.prod.outlook.com ([10.141.141.145]) with mapi id 15.01.0361.006; Wed, 23 Dec 2015 16:20:34 +0000
From: Mike Jones <Michael.Jones@microsoft.com>
To: Benoit Claise <bclaise@cisco.com>, The IESG <iesg@ietf.org>
Thread-Topic: Benoit Claise's No Objection on draft-ietf-jose-jws-signing-input-options-07: (with COMMENT)
Thread-Index: AQHROE60T04rwem4YEieEMHhGVpKVJ7OegnQgABabwCACfZuYA==
Date: Wed, 23 Dec 2015 16:20:33 +0000
Message-ID: <BY2PR03MB442E024F43AAA40DB504758F5E60@BY2PR03MB442.namprd03.prod.outlook.com>
References: <20151216221123.7663.35723.idtracker@ietfa.amsl.com> <BL2PR03MB4336F6A3BD8CA6085601AA1F5E00@BL2PR03MB433.namprd03.prod.outlook.com> <56726E36.2050305@cisco.com>
In-Reply-To: <56726E36.2050305@cisco.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=Michael.Jones@microsoft.com;
x-originating-ip: [50.47.85.157]
x-microsoft-exchange-diagnostics: 1; BY2PR03MB444; 5:r42irSIfJcP5DtCR8izqI2HCQUDEgHutGnwxGDgIqq8UeOkkpPfUwy7Cka8BPG71FYW2jX/OTX9TucKLXTSPzmZs3B3oY5Qz9+JONN/TiQwdheNJijti6WCp6CfBDbVk9++R/ccws00JeS4OBoGjSg==; 24:3++/vFKel2eXwfdrbOUq0F0zzytQhOBKCsXZFQoEk9HO2+q2wRYMz75tBE3w/M3Eh0b+icI/gD3c6rcXzvJvcm05ZxqIJtcqY0CqpTQKXAQ=
x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:BY2PR03MB444;
x-microsoft-antispam-prvs: <BY2PR03MB44438E888D867B427036AD9F5E60@BY2PR03MB444.namprd03.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(95692535739014);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(61425038)(601004)(2401047)(5005006)(520078)(8121501046)(10201501046)(3002001)(61426038)(61427038); SRVR:BY2PR03MB444; BCL:0; PCL:0; RULEID:; SRVR:BY2PR03MB444;
x-forefront-prvs: 0799B1B2D7
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(6009001)(43784003)(52044002)(13464003)(377454003)(199003)(69234005)(189002)(54356999)(66066001)(40100003)(50986999)(76176999)(1220700001)(1096002)(5001770100001)(102836003)(6116002)(97736004)(3846002)(5004730100002)(5001960100002)(76576001)(81156007)(19580405001)(19580395003)(15975445007)(2900100001)(77096005)(2950100001)(101416001)(230783001)(33656002)(86362001)(122556002)(74316001)(189998001)(5008740100001)(11100500001)(8990500004)(586003)(10090500001)(106116001)(86612001)(106356001)(105586002)(92566002)(99286002)(5002640100001)(10290500002)(5005710100001)(10400500002)(5003600100002)(87936001); DIR:OUT; SFP:1102; SCL:1; SRVR:BY2PR03MB444; H:BY2PR03MB442.namprd03.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en;
received-spf: None (protection.outlook.com: microsoft.com does not designate permitted sender hosts)
spamdiagnosticoutput: 1:23
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
X-MS-Exchange-CrossTenant-originalarrivaltime: 23 Dec 2015 16:20:34.0076 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BY2PR03MB444
Archived-At: <http://mailarchive.ietf.org/arch/msg/jose/qyMr4NkwIi4HWYNyIExb9eP-pgI>
Cc: "stefan.winter@restena.lu" <stefan.winter@restena.lu>, Jim Schaad <ietf@augustcellars.com>, "jose-chairs@ietf.org" <jose-chairs@ietf.org>, "draft-ietf-jose-jws-signing-input-options@ietf.org" <draft-ietf-jose-jws-signing-input-options@ietf.org>, "jose@ietf.org" <jose@ietf.org>
Subject: Re: [jose] Benoit Claise's No Objection on draft-ietf-jose-jws-signing-input-options-07: (with COMMENT)
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/jose/>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 23 Dec 2015 16:20:39 -0000
FYI, Benoit, "crit" is now required with "b64", as you'd requested. -----Original Message----- From: Benoit Claise [mailto:bclaise@cisco.com] Sent: Thursday, December 17, 2015 12:12 AM To: Mike Jones <Michael.Jones@microsoft.com>; The IESG <iesg@ietf.org> Cc: draft-ietf-jose-jws-signing-input-options@ietf.org; Jim Schaad <ietf@augustcellars.com>; jose-chairs@ietf.org; jose@ietf.org; stefan.winter@restena.lu Subject: Re: Benoit Claise's No Objection on draft-ietf-jose-jws-signing-input-options-07: (with COMMENT) Thanks Mike. Regards, Benoit > Thanks for your review, Benoit. Per my reply to Stefan, I've added the new normative section titled "Using "crit" with "b64"" to specify requirements for situations in which implementations might not understand one another. As you can see in draft -08 and my reply to Robert Sparks, "crit" is now required in all situations in which the participants might not understand one another. > > I've also adopted Stefan's recommendation that "b64" not be included with a value of "true". > > Thanks again, > -- Mike > > -----Original Message----- > From: Benoit Claise [mailto:bclaise@cisco.com] > Sent: Wednesday, December 16, 2015 11:11 PM > To: The IESG <iesg@ietf.org> > Cc: draft-ietf-jose-jws-signing-input-options@ietf.org; Mike Jones <Michael.Jones@microsoft.com>; Jim Schaad <ietf@augustcellars.com>; jose-chairs@ietf.org; ietf@augustcellars.com; jose@ietf.org; stefan.winter@restena.lu > Subject: Benoit Claise's No Objection on draft-ietf-jose-jws-signing-input-options-07: (with COMMENT) > > Benoit Claise has entered the following ballot position for > draft-ietf-jose-jws-signing-input-options-07: No Objection > > When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) > > > Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html > for more information about IESG DISCUSS and COMMENT positions. > > > The document, along with other ballot positions, can be found here: > https://datatracker.ietf.org/doc/draft-ietf-jose-jws-signing-input-options/ > > > > ---------------------------------------------------------------------- > COMMENT: > ---------------------------------------------------------------------- > > As mentioned by Stefan in his OPS DIR review: > There are coexistence issues between implementations which understand the notion of the "b64" parameter (i.e. implementing this RFC) and those who do not (i.e. all existing JWS implementations). > The issues are discussed in Security Considerations (second para up until the end). The issues with it are: > > * the conclusions are not as satisfactory as they could be. > Interoperability is either > > - left as an out-of-band and undescribed mechanism ("make sure that only supporting implementations talk to each other") > - by explicitly marking support for b64 as critical (IMO the only good > solution) > - modifying the payload so that it contains unparseable characters (which may or may not be possible for the sender depending on the payload characteristics) > > * this is placed in Security Considerations while it has actual operational impact on every transmitted message: in essence it states: > "Sometimes, sender and recipient may misunderstand each other without noticing". Example given in the draft where the actual message is "NDA1" > while the recipient thinks it was told "405", without a way to notice. > Even if the misunderstanding is not related to security, it can/will have significant implications for the application. > > I believe this can not be left as-is. Luckily, there seems to be an easy way out: > > "Whenever the 'b64' header exists and is set to false, the 'crit' header MUST also be present and contain 'b64'." > > This, maybe in conjunction with > > "When the content is intended to be base64 encoded, the 'b64' header SHOULD NOT be present." > > This would make sure that implementations who know nothing of b64 are left alone (there is no unknown extension, there is no criticality in any such extension, and the sender did not intend to make use of the feature => all good). While at the same time for unencoded payloads making deterministically clear that unencoded transmission is happening, and is required to be understood. > > This would at the same time make a complex piece of Sec Con go away. > >
- [jose] Benoit Claise's No Objection on draft-ietf… Benoit Claise
- Re: [jose] Benoit Claise's No Objection on draft-… Mike Jones
- Re: [jose] Benoit Claise's No Objection on draft-… Benoit Claise
- Re: [jose] Benoit Claise's No Objection on draft-… Mike Jones