Re: [jose] Do we have actual normative text which curves are allowed / standard for ECDH-ES in JOSE?

Neil Madden <neil.madden@forgerock.com> Tue, 03 November 2020 21:50 UTC

Return-Path: <neil.madden@forgerock.com>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5725C3A1218 for <jose@ietfa.amsl.com>; Tue, 3 Nov 2020 13:50:22 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=forgerock.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YwvZKbFx6Tls for <jose@ietfa.amsl.com>; Tue, 3 Nov 2020 13:50:20 -0800 (PST)
Received: from mail-wm1-x32f.google.com (mail-wm1-x32f.google.com [IPv6:2a00:1450:4864:20::32f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AC2763A1215 for <jose@ietf.org>; Tue, 3 Nov 2020 13:50:19 -0800 (PST)
Received: by mail-wm1-x32f.google.com with SMTP id d142so665197wmd.4 for <jose@ietf.org>; Tue, 03 Nov 2020 13:50:18 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=forgerock.com; s=google; h=from:mime-version:subject:date:message-id:references:cc:in-reply-to :to:content-transfer-encoding; bh=aRDplsfCQeUfXdRr4QLQPIlLlCIn8NbbPfJo2KOidWs=; b=dbaVL3SJun3TD4W5doYK46crpgTF4KvFzyhutd03KCCBCdz9WdeEYE84XpVkdFFRIn 38obxWoOU8SyEjAqzk8rQu0ye0fMnLTeFR5yFzifQf51qmYpA91Hq51QUnDgVBfvB/Zy tK91dd38T7XU6XPRZdHo9VGYm3oOwW957y6rg=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:mime-version:subject:date:message-id :references:cc:in-reply-to:to:content-transfer-encoding; bh=aRDplsfCQeUfXdRr4QLQPIlLlCIn8NbbPfJo2KOidWs=; b=M3AgSUa5fwDOYD7N4ynZQjdqq7fgUfJEctMef7M0he07mR+C4RHawi5nnMqCqVtPhA G9LKnNj8EP4scNYnEzHFoejCtTLeckrbzpsp6OFs+bY3SFNO+NzkTiL2iPiPw3PZnyFd S/+uFWcjl85qaIdKGw3mY+0kCOpZnsmRydP+NiBABMwx/BUKLYZ+plxKLnPPaeKmQK4B o3pe8qHg+a0xxLXDSIkNQGrebpecip1AF7jtcCcFnNrSHqEJb3qXS/MqS7LyL4KgRKHP d2gapgLJ01uVN44SBezWMCBPGewiz044UbvJvkmHANYFS8KyRbs7VGbxMjSCHVSSUhYv uP8Q==
X-Gm-Message-State: AOAM531r3zBV/WkL7+ZwY4TmLUOBSLIm3f7XvwNonoxpiTSUHIF5eRyf klCgPZwozGXA1qDX1U2ZwL0B1+LXWsgsZyM8rjrTctbsnYlNEA3Gy2lp4OBmd9F3wTeZF6DL
X-Google-Smtp-Source: ABdhPJzaKqEk4V+PfVM5Y7DElWn+cIXLZiyrRBMXYh7g2FhjaPn2k1+kzjQC+I6d0dg3+GhspT1Cyg==
X-Received: by 2002:a1c:1bd3:: with SMTP id b202mr1146586wmb.169.1604440217428; Tue, 03 Nov 2020 13:50:17 -0800 (PST)
Received: from [10.0.0.5] ([213.31.218.193]) by smtp.gmail.com with ESMTPSA id a12sm12307646wrr.31.2020.11.03.13.50.16 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Tue, 03 Nov 2020 13:50:16 -0800 (PST)
From: Neil Madden <neil.madden@forgerock.com>
Mime-Version: 1.0 (1.0)
Date: Tue, 3 Nov 2020 21:50:16 +0000
Message-Id: <252DEDA1-509E-431C-895F-5B0BB6C70139@forgerock.com>
References: <b29e1554-42ae-3ce3-037b-ca3eaa4087d8@connect2id.com>
Cc: "jose@ietf.org" <jose@ietf.org>, "Voss, Ray" <ray.voss@jpmorgan.com>, "Hamad, Samer K" <samer.k.hamad@chase.com>
In-Reply-To: <b29e1554-42ae-3ce3-037b-ca3eaa4087d8@connect2id.com>
To: Vladimir Dzhuvinov <vladimir@connect2id.com>
X-Mailer: iPhone Mail (17H35)
Content-Type: multipart/alternative; boundary=Apple-Mail-5853B15D-774B-479D-8426-E049A725F568
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/jose/uFwyXUsFUC1ynHHLbKULqje8USw>
Subject: Re: [jose] Do we have actual normative text which curves are allowed / standard for ECDH-ES in JOSE?
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/jose/>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 03 Nov 2020 21:50:22 -0000

Good question!

I guess the answer is that ECDH-ES requires a JWK-formatted “epk” header and so the JWK elliptic curve IANA registry defines the available choices. https://tools.ietf.org/html/rfc7518#section-7.6

https://tools.ietf.org/html/rfc7518#section-4.6.1.1

But I agree that you have to join the dots a bit. 

— Neil

> On 3 Nov 2020, at 21:40, Vladimir Dzhuvinov <vladimir@connect2id.com> wrote:
> 
> Today we received the question why the Nimbus JOSE+JWT lib supports the
> EC curves it does for ECDH (P-256, P-384, P-512) and I couldn't find any
> normative text or reference in the JWA spec to explain this.
> 
> https://tools.ietf.org/html/rfc7518#section-4.6
> 
> 
> We also looked at the IANA registry for hints:
> 
> https://www.iana.org/assignments/jose/jose.xhtml
> 
> 
> Contrast this with the JWS ECDSA, where the curves to go with the ESxxx
> algs are specced:
> 
> https://tools.ietf.org/html/rfc7518#section-3.4
> 
> 
> Can someone help here? :)
> 
> 
> Thanks,
> 
> Vladimir
> 
> -- 
> Vladimir Dzhuvinov
> 
> 
> _______________________________________________
> jose mailing list
> jose@ietf.org
> https://www.ietf.org/mailman/listinfo/jose

-- 
ForgeRock values your Privacy <https://www.forgerock.com/your-privacy>