IETF Logo Mail Archive

Re: [jose] Does JWS signature relate with JWS payload?

n-sakimura <n-sakimura@nri.co.jp> Fri, 23 February 2018 06:03 UTC

Return-Path: <n-sakimura@nri.co.jp>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 12CF51243FE for <jose@ietfa.amsl.com>; Thu, 22 Feb 2018 22:03:04 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.79
X-Spam-Level:
X-Spam-Status: No, score=-1.79 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, T_DKIM_INVALID=0.01] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=fail (1024-bit key) reason="fail (message has been altered)" header.d=nri365.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hcQkQI3nFKzq for <jose@ietfa.amsl.com>; Thu, 22 Feb 2018 22:03:02 -0800 (PST)
Received: from nrifs02.index.or.jp (nrigw01.index.or.jp [133.250.250.1]) by ietfa.amsl.com (Postfix) with ESMTP id E075B124234 for <jose@ietf.org>; Thu, 22 Feb 2018 22:03:01 -0800 (PST)
Received: from nrimmfm052.index.or.jp (unknown [172.19.246.144]) by nrifs02.index.or.jp (Postfix) with ESMTP id 12607196861; Fri, 23 Feb 2018 15:03:01 +0900 (JST)
Received: from index.or.jp (unknown [172.19.246.151]) by nrimmfm052.index.or.jp (Postfix) with ESMTP id A1B634E0046; Fri, 23 Feb 2018 15:03:00 +0900 (JST)
Received: from nriea05.index.or.jp (localhost.localdomain [127.0.0.1]) by pps.mf051 (8.15.0.59/8.15.0.59) with SMTP id w1N630bS002077; Fri, 23 Feb 2018 15:03:00 +0900
Received: from nrims00a.nri.co.jp ([192.50.135.11]) by nriea05.index.or.jp with ESMTP id w1N630s6002074; Fri, 23 Feb 2018 15:03:00 +0900
Received: from nrims00a.nri.co.jp (localhost.localdomain [127.0.0.1]) by nrims00a.nri.co.jp (Switch-3.3.4/Switch-3.3.4) with ESMTP id w1N630cX000608; Fri, 23 Feb 2018 15:03:00 +0900
Received: (from mailnull@localhost) by nrims00a.nri.co.jp (Switch-3.3.4/Switch-3.3.0/Submit) id w1N630c6000605; Fri, 23 Feb 2018 15:03:00 +0900
X-Authentication-Warning: nrims00a.nri.co.jp: mailnull set sender to n-sakimura@nri.co.jp using -f
Received: from nrizmf14.index.or.jp ([172.100.25.23]) by nrims00a.nri.co.jp (Switch-3.3.4/Switch-3.3.4) with ESMTP id w1N630BW000599; Fri, 23 Feb 2018 15:03:00 +0900
Received: from CUEXE01PA.cu.nri.co.jp (192.51.23.31) by CUEXM05PA.cu.nri.co.jp (172.159.253.47) with Microsoft SMTP Server (TLS) id 15.0.1293.2; Fri, 23 Feb 2018 15:02:59 +0900
Received: from JPN01-TY1-obe.outbound.protection.outlook.com (23.103.139.178) by ex.nri.co.jp (192.51.23.31) with Microsoft SMTP Server (TLS) id 15.0.1293.2; Fri, 23 Feb 2018 15:02:55 +0900
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nri365.onmicrosoft.com; s=selector1-cu-nri-co-jp; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=47y5+IY9//Ty4O1TajlBDPoBEmVGssw3g87m0XERxhY=; b=Mljo5Ipge7MCS25fRBC5DriaRNoAxGWM6WdvQnpVvk4tL3qEAo5242O7mGuKN+MnVTY2Nv4MeeYJDpwukh/edmE+wDnMsHWZ8lW3peQKdHDMDtrZu4UirunE/mmYYluT6vBbGTWT+J1nRNqRJEuXku7WRpyVTfPegLXwliQAVAo=
Received: from TY1PR01MB1054.jpnprd01.prod.outlook.com (10.174.225.12) by TY1PR01MB1150.jpnprd01.prod.outlook.com (10.174.225.147) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.506.18; Fri, 23 Feb 2018 06:02:58 +0000
Received: from TY1PR01MB1054.jpnprd01.prod.outlook.com ([10.174.225.12]) by TY1PR01MB1054.jpnprd01.prod.outlook.com ([10.174.225.12]) with mapi id 15.20.0506.023; Fri, 23 Feb 2018 06:02:58 +0000
From: n-sakimura <n-sakimura@nri.co.jp>
To: Beth Lee <bethleekor@gmail.com>, "jose@ietf.org" <jose@ietf.org>
Thread-Topic: [jose] Does JWS signature relate with JWS payload?
Thread-Index: AQHTrGUP2ONXwoKtp0eDy+sFo0fmRaOxftRQ
Date: Fri, 23 Feb 2018 06:02:58 +0000
Message-ID: <TY1PR01MB105491BDB54998934A7DE0A5F9CC0@TY1PR01MB1054.jpnprd01.prod.outlook.com>
References: <CADawRBY8RMfMBbMS3maef1_q9nADUz6qzM-SvzhWzkn4+Uc-tQ@mail.gmail.com>
In-Reply-To: <CADawRBY8RMfMBbMS3maef1_q9nADUz6qzM-SvzhWzkn4+Uc-tQ@mail.gmail.com>
Accept-Language: ja-JP, en-US
Content-Language: ja-JP
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-mailadviser: 20170719
authentication-results: spf=none (sender IP is ) smtp.mailfrom=n-sakimura@cu.nri.co.jp;
x-originating-ip: [133.250.250.4]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; TY1PR01MB1150; 6:4JQWsMaJ0AZCgNhtFXJGrqi1WSg9Ry8mDNukJ5Sy7XfjfD8p51QWvWjFtfg2uOL9Frqfp4KvjpHeiTXvQx6Nbv4/oy9cLmdkXWrfjXm8ah2e3+FGEY9SnSZa9596J+kXbLL9EamDgPVSPvzRkcljMqoL/CYd1OBkx77AUrriAXsZoSI0qolWxq4Q3eWaaeEzUs60cjynPyNHOVqgpN2REjAjmrVt3BJPFU2LIF2r5jqM3WQCJ35/PL62s/xVCNdZmYqrpWxyiHVYRVdRSZvEbBrIYQeLePR+l31GMAVnC704r9LJU+foCRR9LTZIqt32pMGB+indixsBKUPJ+Qy5HxwgbF8mCfhhZTGNKdbY8/L446HsVXYVq4NdPhUOpWMm; 5:PKWsVOZXk44eANzzWmSxU/wYxZRkEp+5POqsqXb1P2DHjL/y69b7sONEAbrWfvSBXRIsS+IPupZP6lUlk026OXYPrtOyzmDyCVsyEki3x5dBPx1+WVCXjTC0Z5/K7PJW/Q4F6vhxfXOQ1hfNHbrrBBNmpdwBxEzbmZpBHQhRa1g=; 24:vOUukLsCeK8JOxKd3tilJvF+9YAlGVlAZJ5TNhGnoBXH++QMywqTcfDAe/1PkMQVMC/8cZ3HbIVmap+RG8klEs/EaDfvYx1fV8mL+NRPRXE=; 7:rXYU+P9oU/9QEki3+JoxCz+6PZXk3Fqz3u9+U4ZuNh/r2t5Zoo3Qn4buQun5jGinAionuy5ZTfmq1OhmRlyCtD19yszbOuC2iaGXi/EHBdjhbhcbipevOm+TFMBj77HzfFK/SdwF74EP4QZWVt5lh7S8jdouCRMA1P8swjhp2blv8GAPpi3AtaPZqb/63mfTGfjZG85mYmz/OsGoY+Jtsy9wG0lU3mYB7wWKRTJHluKPgPA88L4nxoWBRA6e7TEu
x-ms-exchange-antispam-srfa-diagnostics: SSOS;
x-ms-office365-filtering-correlation-id: 384f0ef3-f3c8-493b-aec1-08d57a8316bb
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(7020095)(4652020)(4534165)(4627221)(201703031133081)(201702281549075)(5600026)(4604075)(3008032)(2017052603307)(7153060)(7193020); SRVR:TY1PR01MB1150;
x-ms-traffictypediagnostic: TY1PR01MB1150:
x-microsoft-antispam-prvs: <TY1PR01MB115060E2BD169BB87CCBF19EF9CC0@TY1PR01MB1150.jpnprd01.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(28532068793085)(21748063052155);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(8211001083)(6040501)(2401047)(8121501046)(5005006)(3002001)(93006095)(93001095)(3231101)(944501161)(10201501046)(6041288)(20161123562045)(20161123564045)(20161123560045)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123558120)(6072148)(201708071742011); SRVR:TY1PR01MB1150; BCL:0; PCL:0; RULEID:; SRVR:TY1PR01MB1150;
x-forefront-prvs: 0592A9FDE6
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(366004)(396003)(39380400002)(346002)(376002)(39830400003)(189003)(199004)(68736007)(25786009)(966005)(86362001)(5660300001)(39060400002)(33656002)(478600001)(14454004)(74316002)(7736002)(186003)(2950100002)(2501003)(6506007)(42882006)(66066001)(74482002)(77096007)(6116002)(105586002)(54896002)(26005)(102836004)(236005)(2906002)(6306002)(9686003)(55016002)(3660700001)(6436002)(3846002)(53936002)(606006)(53546011)(76176011)(106356001)(229853002)(7696005)(110136005)(8936002)(8676002)(316002)(81166006)(81156014)(3280700002)(99286004)(97736004)(6246003)(2900100001); DIR:OUT; SFP:1102; SCL:1; SRVR:TY1PR01MB1150; H:TY1PR01MB1054.jpnprd01.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:0; LANG:en;
received-spf: None (protection.outlook.com: cu.nri.co.jp does not designate permitted sender hosts)
x-microsoft-antispam-message-info: kSRnr4tYSuqifZlGu7y9KBsmHKuK3zRTP2zT5pUqenGAolxc4fvK+K2/YC81b74bRVf/bFsTRzS99+2rN2qoEwImbmibrmDf+Qzi2ZquOTNH/tyzO8+K/diqnxKZgw6OO2t3ubYDp3ntlfRfzao/M1YvnA/lcrS1H3gEjN9v+4k=
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative; boundary="_000_TY1PR01MB105491BDB54998934A7DE0A5F9CC0TY1PR01MB1054jpnp_"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: 384f0ef3-f3c8-493b-aec1-08d57a8316bb
X-MS-Exchange-CrossTenant-originalarrivaltime: 23 Feb 2018 06:02:58.2715 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: e3e360d9-7e7f-48d5-ac33-3c5de61f0a75
X-MS-Exchange-Transport-CrossTenantHeadersStamped: TY1PR01MB1150
X-OrganizationHeadersPreserved: TY1PR01MB1150.jpnprd01.prod.outlook.com
X-CrossPremisesHeadersPromoted: CUEXE01PA.cu.nri.co.jp
X-CrossPremisesHeadersFiltered: CUEXE01PA.cu.nri.co.jp
X-OriginatorOrg: cu.nri.co.jp
Archived-At: <https://mailarchive.ietf.org/arch/msg/jose/sv91j5q_28MOQyuYWlOG5IVb4mU>
Subject: Re: [jose] Does JWS signature relate with JWS payload?
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/jose/>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 23 Feb 2018 06:03:04 -0000

Hi

JWS Signature is the signature only. It does not repeat the payload.

Best,

Nat Sakimura

From: jose [mailto:jose-bounces@ietf.org] On Behalf Of Beth Lee
Sent: Thursday, February 22, 2018 11:36 AM
To: jose@ietf.org
Subject: [jose] Does JWS signature relate with JWS payload?

Hi. I'm Jin.

I have curious about JWS signatrue in JWT.

I already read the JWT spec inforation from https://www.rfc-editor.org/rfc/rfc7515.txt
But I'm still confusted about JWS signatrue contains or relate with JWS Payload value or not.

I knew that JWT contained with 3 part. (JOSE Header, JWS Payload, JWS Signatrue)

When I read the spec information.
I understood that JWS signature value doesn't contain the JWS payload value.

Am I right? Then how can I check data integrity based on JSW signature ?
(I guess I'm not right.)

I really want to solve my question but I can't reache the answers.

So please give me some advice.

Best regards,
Jin

v2.23.0 | Report a Bug | By Email