Re: [jose] The role of JWK
Sergey Beryozkin <sberyozkin@gmail.com> Thu, 14 August 2014 17:40 UTC
Return-Path: <sberyozkin@gmail.com>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3E6B31A6F93 for <jose@ietfa.amsl.com>; Thu, 14 Aug 2014 10:40:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QrFsVLw3zAlx for <jose@ietfa.amsl.com>; Thu, 14 Aug 2014 10:40:10 -0700 (PDT)
Received: from mail-we0-x229.google.com (mail-we0-x229.google.com [IPv6:2a00:1450:400c:c03::229]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E50E81A0940 for <jose@ietf.org>; Thu, 14 Aug 2014 10:40:09 -0700 (PDT)
Received: by mail-we0-f169.google.com with SMTP id u56so1430769wes.0 for <jose@ietf.org>; Thu, 14 Aug 2014 10:40:08 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:date:from:user-agent:mime-version:to:cc:subject :references:in-reply-to:content-type:content-transfer-encoding; bh=DEm/TXDMoidKn1QFv+PBHmJLTxThkdGoRBbJ0v1AJPY=; b=aUhkrQiwM28gJMKhHnVXJN5klm5yORasmcKDQRz40VxVVEbFWsBbEdk/Gj0b1ixfVo TPSvShImCxXxrMYq36eR6Yu4jEA8jq1xdadncJdBaTTInhC3O0CqMNGkWCLU6dFQsAtD DTn0ODDIKvRUeIklbXToW4egHitQa1/3yOVQ+jWYaUvKuV0WnA/ArMTIRKCf5Vkr5jk7 0cDpvGIE8xlnczizzlPDeXyhObBdnW/zPv03QGK1YOU3iS//1lKll+Srq6vb+qEWvPJN qkvXkA0QdSrjm8GYlk7YI2UAAzHWZgkB3VtGmwmj/kAEk0sk5wKVQ+AuaxkXhh13y3mJ H+WQ==
X-Received: by 10.194.78.170 with SMTP id c10mr14257106wjx.22.1408038008447; Thu, 14 Aug 2014 10:40:08 -0700 (PDT)
Received: from [192.168.2.7] ([109.255.231.6]) by mx.google.com with ESMTPSA id a11sm12772967wjx.46.2014.08.14.10.40.07 for <multiple recipients> (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 14 Aug 2014 10:40:07 -0700 (PDT)
Message-ID: <53ECF476.9020009@gmail.com>
Date: Thu, 14 Aug 2014 18:40:06 +0100
From: Sergey Beryozkin <sberyozkin@gmail.com>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.0
MIME-Version: 1.0
To: Justin Richer <jricher@mitre.org>, Richard Barnes <rlb@ipv.sx>
References: <4E1F6AAD24975D4BA5B16804296739439AE1989B@TK5EX14MBXC293.redmond.corp.microsoft.com> <53EC868E.4000000@gmail.com> <CAL02cgS7LxLBWNRdh5EOKwyuiBSsR0jsmMz49c9xztfZehZP_A@mail.gmail.com> <53ECCFF8.9090305@mitre.org> <53ECE6F6.8000400@gmail.com> <53ECEE85.4010505@mitre.org>
In-Reply-To: <53ECEE85.4010505@mitre.org>
Content-Type: text/plain; charset="windows-1252"; format="flowed"
Content-Transfer-Encoding: 7bit
Archived-At: http://mailarchive.ietf.org/arch/msg/jose/vMOw8KJ1eMG_2mEyHMnClMIKOKs
Cc: "jose@ietf.org" <jose@ietf.org>
Subject: Re: [jose] The role of JWK
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/jose/>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 14 Aug 2014 17:40:16 -0000
Hi Justin - I can only afford sometimes looking at how others do something I'm not clear about but eventually would hack things my own way :-) Can you please give me a favor and address a couple of questions I asked in the previous message too ? Cheers, Sergey On 14/08/14 18:14, Justin Richer wrote: > Sergey - it's an Apache licensed project. Copy away! (with attribution) :) > > -- Justin > > On 08/14/2014 12:42 PM, Sergey Beryozkin wrote: >> Hi Richard and Justin >> >> Very helpful, many thanks ! >> >> Richard: thanks for the link, the idea of using JWK as a standard >> medium for shipping the key (information) is something that helps to >> understand why JWK is referred to so much in the specifications like >> JWE/JWS >> >> Justin: I'll try my best not to copy the Java code you linked too :-). >> >> Thanks for links to the examples, let me ask few questions below: >> >> On 14/08/14 16:04, Justin Richer wrote: >>> Services are starting to publish their public keys as JWK instead of >>> X509, since a JWK doesn't require a trusted CA and can be much more >>> easily rotated at runtime. >> Sorry if it is off-topic, is JWK representing a public key (the public >> exponent) is effectively a self-signed public key/cert ? What provides >> the extra trust into such JWK ? I've heard here about JWK Thumbprints ? >> >>> This is the class from our OAuth/OpenID >>> Connect system that builds signers and validators off of a public-key >>> JWK (using the Nimbus-DS JOSE library): >>> >>> https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server/blob/master/openid-connect-common/src/main/java/org/mitre/jwt/signer/service/impl/JWKSetCacheService.java >>> >>> >>> >>> To add to that, with the private/shared key components of JWK, it can be >>> a very effective key store. Our OAuth server uses this for its keys, >>> this is the class that reads the file and makes the keys available as >>> Java key objects to the rest of the system: >>> >>> https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server/blob/master/openid-connect-common/src/main/java/org/mitre/jose/keystore/JWKSetKeyStore.java >>> >>> >>> As you can see, these are both exceedingly simple classes because they >>> simple read the URL (in the first case) or file (in the second case) and >>> parse the JSON found there into a JWK set, which is then used to create >>> the bare keys in the Java security framework. This is the RSA public key >>> parser for example: >>> >>> https://bitbucket.org/connect2id/nimbus-jose-jwt/src/0d5b12b4d4b84c822bec4af368b3bea5120cb310/src/main/java/com/nimbusds/jose/jwk/RSAKey.java?at=master#cl-1395 >>> >>> >>> >>> Finally, in order to make these keys more easy to deal with, we wrote a >>> simple key generator program that will spin up a new RSA, EC, or Oct key >>> and print it out as a JWK: >>> >>> https://github.com/mitreid-connect/json-web-key-generator >>> >>> >>> Whenever we deploy a new copy of our server somewhere, we also pull down >>> this program and run it to generate a new JWK key set (with public and >>> private keys) that we use to start up the server. The alternative, which >>> we used to do, was to use OpenSSL to generate a self-signed X509 >>> certificate that we effectively threw away the trust chain for -- lots >>> of extra effort to create information that we didn't want and then >>> ignore it on the far end, all to get a simple keypair. It was >>> unnecessarily complex from all ends, and the switch to JWK has been much >>> nicer to deal with. >>> >> Is the simplicity of making a demo application running fast a major >> factor of preferring JWK to self-signed X509 ? What about the >> synchronization between the existing X509-based key storage and the >> new JWK-aware storages ? >> >> Thanks, Sergey >> >>> -- Justin >>> >>> On 08/14/2014 09:25 AM, Richard Barnes wrote: >>>> Hey Sergey, >>>> >>>> JWK isn't necessarily tied to JWE or JWS. It can be used to represent >>>> the public key that was used to encrypt a JWE (so that the recipient >>>> can look up the private key), or the public key that should be used to >>>> verify a JWS. But it can also be used in other contexts. For >>>> example, WebCrypto uses JWK (among others) as a format for serializing >>>> keys. >>>> https://dvcs.w3.org/hg/webcrypto-api/raw-file/tip/spec/Overview.html#subtlecrypto-interface-datatypes >>>> >>>> >>>> As that link suggests, JWK is effectively the same as the PKCS#8 >>>> format for private keys and the SubjectPublicKeyInfo format for public >>>> keys -- just in JSON instead of ASN.1. It's a way to ship a key from >>>> one place to another, for whatever reason you need to do that. >>>> >>>> Hope that helps, >>>> --Richard >>>> >>>> >>>> >>>> >>>> >>>> On Thu, Aug 14, 2014 at 5:51 AM, Sergey Beryozkin >>>> <sberyozkin@gmail.com <mailto:sberyozkin@gmail.com>> wrote: >>>> >>>> Hi, >>>> >>>> This is very likely a newbie question. What is the role of JWK ? >>>> According to [1] it is "... a (JSON) data structure that >>>> represents a cryptographic key". >>>> >>>> I can see plenty examples of JWK in the JWE specification. JWS and >>>> JWE headers can have a "jwk" property representing a given JWK. >>>> >>>> What confuses me is that the examples in JWE use JWK to describe >>>> the private parts of a given key. For example, when we talk about >>>> the RSA OAEP key encryption, JWK would show a private exponent of >>>> a given RSA key (JWE A1). Same for Aes Wrap secret key (JWE A3). >>>> Etc. >>>> >>>> So clearly one would not use a "jwk" JWE header to pass around a >>>> JWK representation of the key which was used to encrypt the >>>> content encryption key. >>>> >>>> So I'm thinking a JWK is: >>>> - a convenient way to describe a cryptographic key for JWE/JWS >>>> specifications to refer to it in the spec examples. >>>> - perhaps there's a long-term vision that the key stores would >>>> support JWK format directly ? >>>> - JWK is a 'container' for various key properties, some of those >>>> 'public' properties can be passed around as a JWE/JWS header; >>>> >>>> Am I on the right track, can someone please clarify it further ? >>>> >>>> Thanks, Sergey >>>> >>>> >>>> [1] >>>> http://tools.ietf.org/html/draft-ietf-jose-json-web-key-31#section-1 >>>> >>>> _______________________________________________ >>>> jose mailing list >>>> jose@ietf.org <mailto:jose@ietf.org> >>>> https://www.ietf.org/mailman/listinfo/jose >>>> >>>> >>>> >>>> >>>> _______________________________________________ >>>> jose mailing list >>>> jose@ietf.org >>>> https://www.ietf.org/mailman/listinfo/jose >>> >> >
- [jose] JWK Elliptic Curve key representations and… Mike Jones
- Re: [jose] JWK Elliptic Curve key representations… Daniel Holth
- Re: [jose] JWK Elliptic Curve key representations… Mike Scott
- [jose] The role of JWK Sergey Beryozkin
- Re: [jose] The role of JWK Richard Barnes
- Re: [jose] JWK Elliptic Curve key representations… Richard Barnes
- Re: [jose] JWK Elliptic Curve key representations… Stephen Farrell
- Re: [jose] The role of JWK Justin Richer
- Re: [jose] JWK Elliptic Curve key representations… Mike Jones
- Re: [jose] The role of JWK Sergey Beryozkin
- Re: [jose] The role of JWK Justin Richer
- Re: [jose] The role of JWK Sergey Beryozkin
- Re: [jose] The role of JWK Brian Campbell
- Re: [jose] The role of JWK Justin Richer
- Re: [jose] JWK Elliptic Curve key representations… Kathleen Moriarty
- Re: [jose] JWK Elliptic Curve key representations… Mike Jones
- Re: [jose] JWK Elliptic Curve key representations… Justin Richer
- Re: [jose] JWK Elliptic Curve key representations… Richard Barnes
- Re: [jose] JWK Elliptic Curve key representations… Brian Campbell
- Re: [jose] The role of JWK Sergey Beryozkin
- Re: [jose] The role of JWK Sergey Beryozkin
- Re: [jose] The role of JWK Anders Rundgren
- Re: [jose] The role of JWK Sergey Beryozkin
- [jose] Does A128GCMKW qualify as key wrap or encr… Sergey Beryozkin
- Re: [jose] Does A128GCMKW qualify as key wrap or … Mike Jones