IETF Logo Mail Archive

Re: [jose] Signature algorithm "none"

nov matake <matake@gmail.com> Thu, 01 August 2013 00:33 UTC

Return-Path: <matake@gmail.com>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A2EB021F9ADA for <jose@ietfa.amsl.com>; Wed, 31 Jul 2013 17:33:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 1.848
X-Spam-Level: *
X-Spam-Status: No, score=1.848 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001, J_CHICKENPOX_34=0.6, MIME_CHARSET_FARAWAY=2.45, MIME_QP_LONG_LINE=1.396]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hMFAS6MyYR6S for <jose@ietfa.amsl.com>; Wed, 31 Jul 2013 17:33:17 -0700 (PDT)
Received: from mail-pb0-x22f.google.com (mail-pb0-x22f.google.com [IPv6:2607:f8b0:400e:c01::22f]) by ietfa.amsl.com (Postfix) with ESMTP id 08CD121F991E for <jose@ietf.org>; Wed, 31 Jul 2013 17:33:16 -0700 (PDT)
Received: by mail-pb0-f47.google.com with SMTP id rr4so174367pbb.34 for <jose@ietf.org>; Wed, 31 Jul 2013 17:33:16 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=references:mime-version:in-reply-to:content-type :content-transfer-encoding:message-id:cc:x-mailer:from:subject:date :to; bh=mnkR9sG8m9A1AKo7/ECOQpEU6Ss2RHXaVZHl6HFMTzg=; b=zS0S8ci4Uilq7D5pyKyhwwyeUhWAbVBhWSCpo6ZP0nsB7I57W3xxqfehVyEUiC0KfG b/k6Ptb9e9J791Vjk2O2WPL4gvlQG/txwAmQi7s3BioUNXaF8rwnQqOkUWjW+hKsJ5wJ MMj7V6iZ+vdjLZiHQLowcDyn/MsngovP7VbRDeqpsiVF0+SpbJOf+aud/WIuR/TBuzvJ jr1iswVTcNXnwAIwRLUj4+S97cPBliPG3+JQKizLZrAv7GKDPS+G23ay5/trmnoCHNum vn7dwyJwtHy9Vle6Vcc68B3PKDV+GZd3MR3/OTtUTxYaz/D4z8Ms3x54Dwld9Aii0y6p HdLQ==
X-Received: by 10.66.216.161 with SMTP id or1mr950904pac.41.1375317196298; Wed, 31 Jul 2013 17:33:16 -0700 (PDT)
Received: from [10.237.163.44] (KD182250036185.au-net.ne.jp. [182.250.36.185]) by mx.google.com with ESMTPSA id fl2sm443728pab.23.2013.07.31.17.33.07 for <multiple recipients> (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Wed, 31 Jul 2013 17:33:15 -0700 (PDT)
References: <CAL02cgQUmNqq62S553muLz3L8Xk9tT1W_jR7j3fHXEhH4wvoVA@mail.gmail.com> <4E1F6AAD24975D4BA5B16804296739436B734340@TK5EX14MBXC284.redmond.corp.microsoft.com> <CAL02cgQhmU2O7=nVJS41iQWHp+EOaY-q8w5TFLtT4=fUrS3jYw@mail.gmail.com> <2EFF8E93-C682-460D-95A5-4724CD5AA74D@ve7jtb.com> <CAL02cgQ+YZghfjkWCWLamQ7qJi271LBNUiuGRWTfmNEd0jRyYg@mail.gmail.com>
Mime-Version: 1.0 (1.0)
In-Reply-To: <CAL02cgQ+YZghfjkWCWLamQ7qJi271LBNUiuGRWTfmNEd0jRyYg@mail.gmail.com>
Content-Type: multipart/alternative; boundary="Apple-Mail-09937D13-B9C7-4985-8D05-50F970071210"
Content-Transfer-Encoding: 7bit
Message-Id: <FDF3A532-FF44-4A67-BB4A-8709213D8FED@gmail.com>
X-Mailer: iPhone Mail (10B350)
From: nov matake <matake@gmail.com>
Date: Thu, 01 Aug 2013 09:33:02 +0900
To: Richard Barnes <rlb@ipv.sx>
Cc: John Bradley <ve7jtb@ve7jtb.com>, Mike Jones <Michael.Jones@microsoft.com>, "jose@ietf.org" <jose@ietf.org>
Subject: Re: [jose] Signature algorithm "none"
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/jose>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 01 Aug 2013 00:33:17 -0000

If the function received shared/public key, then it should raise an error for alg=none case.
If no keys are given, it should raise an error for alg=anything-not-none case.

That's my json-jwt rubygem behaviour.

nov

On Aug 1, 2013, at 1:40 AM, Richard Barnes <rlb@ipv.sx> wrote:

> You didn't answer my question: When I put a JWS with "alg":"none" into bool JOSE::verify(), what do I get?
> 
> The consistency you assert is illusory.
> 
> 
> On Wed, Jul 31, 2013 at 5:24 PM, John Bradley <ve7jtb@ve7jtb.com> wrote:
>> Applications need to define what signature algorithms they accept.   In some cases over some communication channels the signature may not be required.
>> 
>> Applications processing JWT like Connect want to process tokens consistently.  Receiving a JWT with a alg of none is fine under some circumstances.  
>> In general you would restrict the library from accepting it.  
>> 
>> John B.
>> 
>> On 2013-07-31, at 3:44 PM, Richard Barnes <rlb@ipv.sx> wrote:
>> 
>>> Ok. That seems like a bug in OpenID Connect.  They should be switching the content type (JWS vs. bare request) or using detached signatures.
>>> 
>>> What's the result of JWS verification when "alg" == "none"?  It seems like it has to be either "True" or "False".  If you pick "true", there's an easy attack where you just change the algorithm to "none" and delete the signature.  If you pick "false"... well it seems silly to have a signature algorithm that never verifies.
>>> 
>>> 
>>> 
>>> 
>>> 
>>> On Wed, Jul 31, 2013 at 2:48 PM, Mike Jones <Michael.Jones@microsoft.com> wrote:
>>>> It’s optional to sign lots of content.  For instance, OpenID Connect requests can be signed or unsigned, depending upon the security properties desired.  “alg”:”none” is used for such unsigned requests.
>>>> 
>>>>  
>>>> 
>>>>                                                             -- Mike
>>>> 
>>>>  
>>>> 
>>>> From: jose-bounces@ietf.org [mailto:jose-bounces@ietf.org] On Behalf Of Richard Barnes
>>>> Sent: Wednesday, July 31, 2013 5:46 AM
>>>> To: jose@ietf.org
>>>> Subject: [jose] Signature algorithm "none"
>>>> 
>>>>  
>>>> 
>>>> What's the use case for this?  Can we delete it?
>>>> 
>>> 
>>> _______________________________________________
>>> jose mailing list
>>> jose@ietf.org
>>> https://www.ietf.org/mailman/listinfo/jose
> 
> _______________________________________________
> jose mailing list
> jose@ietf.org
> https://www.ietf.org/mailman/listinfo/jose

v2.23.0 | Report a Bug | By Email