Re: [jose] POLL(s): header criticality

Chuck Mortimore <cmortimore@salesforce.com> Fri, 08 February 2013 22:49 UTC

Return-Path: <cmortimore@salesforce.com>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 26CE721F87B6 for <jose@ietfa.amsl.com>; Fri, 8 Feb 2013 14:49:47 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.599
X-Spam-Level:
X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KBCLrkWNfd7e for <jose@ietfa.amsl.com>; Fri, 8 Feb 2013 14:49:46 -0800 (PST)
Received: from exprod8og104.obsmtp.com (exprod8og104.obsmtp.com [64.18.3.88]) by ietfa.amsl.com (Postfix) with SMTP id 8414421F875F for <jose@ietf.org>; Fri, 8 Feb 2013 14:49:46 -0800 (PST)
Received: from exsfm-hub5.internal.salesforce.com ([204.14.239.233]) by exprod8ob104.postini.com ([64.18.7.12]) with SMTP ID DSNKURWBCmMf9PdG3Afg9Ak/ouEKmzkeQrAp@postini.com; Fri, 08 Feb 2013 14:49:46 PST
Received: from EXSFM-MB03.internal.salesforce.com ([10.1.127.57]) by exsfm-hub5.internal.salesforce.com ([10.1.127.5]) with mapi; Fri, 8 Feb 2013 14:49:46 -0800
From: Chuck Mortimore <cmortimore@salesforce.com>
To: "jose@ietf.org" <jose@ietf.org>
Date: Fri, 08 Feb 2013 14:49:01 -0800
Thread-Topic: [jose] POLL(s): header criticality
Thread-Index: Ac4GTpdjp6jQ9v2xRsK080FJtsp4rQ==
Message-ID: <E973ADCF-A9A9-47C3-A22C-0B29006F75F9@salesforce.com>
References: <510FCA42.5000704@isoc.org> <51156921.1070909@oracle.com>
In-Reply-To: <51156921.1070909@oracle.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Subject: Re: [jose] POLL(s): header criticality
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/jose>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 08 Feb 2013 22:49:47 -0000

FIRST POLL:  YES
SECOND POLL:  YES
THIRD POLL:  A

- cmort

On Feb 8, 2013, at 3:07 PM, "Prateek Mishra" <prateek.mishra@oracle.com> wrote:

> FIRST POLL : Yes
> 
> - cause JOSE headers are security artifacts; when present, they must not 
> be ignored by a processor of JOSE objects
> 
> SECOND POLL: Yes
> 
> - the language here is a bit confusing, i think the distinction sought 
> here is between a deployment instance versus a static component 
> (library). If I understand the intent here,
> the suggestion is that a deployment instance of a JOSE processor should 
> treat JOSE-defined headers as critical.
> 
> THIRD POLL: C
> 
> - high-level list of ignorable headers (vs. adding annotation to each 
> header)
> 
>> Folks,
>> 
>> I am wrestling with how to help drive consensus on the topic of 
>> criticality of headers. For background, please review the current 
>> specification text, the minutes to the Atlanta meeting (IETF85), and 
>> the mailing list (especially the discussion in December with (Subj: 
>> Whether implementations must understand all JOSE header fields)). We 
>> need to come to closure on this issue in order to progress the 
>> specifications.
>> 
>> As a tool to gather further information on determining a way forward, 
>> the following polls have been created. Please respond before 11 
>> February 2013.
>> 
>> Thanks,
>> Karen
>> 
>> *******************
>> FIRST POLL: Should all header fields be critical for implementations 
>> to understand?
>> 
>> YES – All header fields must continue to be understood by 
>> implementations or the input must be rejected.
>> 
>> NO – A means of listing that specific header fields may be safely 
>> ignored should be defined.
>> 
>> ********************
>> SECOND POLL: Should the result of the first poll be "YES", should text 
>> like the following be added? “Implementation Note: The requirement to 
>> understand all header fields is a requirement on the system as a whole 
>> – not on any particular level of library software. For instance, a 
>> JOSE library could process the headers that it understands and then 
>> leave the processing of the rest of them up to the application. For 
>> those headers that the JOSE library didn’t understand, the 
>> responsibility for fulfilling the ‘MUST understand’ requirement for 
>> the remaining headers would then fall to the application.”
>> 
>> YES – Add the text clarifying that the “MUST understand” requirement 
>> is a requirement on the system as a whole – not specifically on JOSE 
>> libraries.
>> 
>> NO – Don’t add the clarifying text.
>> 
>> ************************
>> THIRD POLL: Should the result of the first poll be "NO", which syntax 
>> would you prefer for designating the header fields that may be ignored 
>> if not understood?
>> 
>> A – Define a header field that explicitly lists the fields that may be 
>> safely ignored if not understood.
>> 
>> B – Introduce a second header, where implementations must understand 
>> all fields in the first but they may ignore not-understood fields in 
>> the second.
>> 
>> C - Other??? (Please specify in detail.)
>> _______________________________________________
>> jose mailing list
>> jose@ietf.org
>> https://www.ietf.org/mailman/listinfo/jose
> 
> _______________________________________________
> jose mailing list
> jose@ietf.org
> https://www.ietf.org/mailman/listinfo/jose