Re: [jose] Pete Resnick's Discuss on draft-ietf-jose-json-web-signature-33: (with DISCUSS and COMMENT)

Mike Jones <> Thu, 02 October 2014 15:39 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id DED441A1C03; Thu, 2 Oct 2014 08:39:18 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id FJtSNwbjgfpG; Thu, 2 Oct 2014 08:39:16 -0700 (PDT)
Received: from ( [IPv6:2a01:111:f400:fc10::1:736]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 80E6C1A0123; Thu, 2 Oct 2014 08:39:15 -0700 (PDT)
Received: from ( by ( with Microsoft SMTP Server (TLS) id 15.0.1039.15; Thu, 2 Oct 2014 15:38:52 +0000
Received: from (2a01:111:f400:7c0c::101) by (2a01:111:e400:1414::37) with Microsoft SMTP Server (TLS) id 15.0.1044.10 via Frontend Transport; Thu, 2 Oct 2014 15:38:51 +0000
Received: from ( by ( with Microsoft SMTP Server (TLS) id 15.0.1029.15 via Frontend Transport; Thu, 2 Oct 2014 15:38:50 +0000
Received: from ([]) by ([]) with mapi id 14.03.0195.002; Thu, 2 Oct 2014 15:38:12 +0000
From: Mike Jones <>
To: Kathleen Moriarty <>, Richard Barnes <>
Thread-Topic: Pete Resnick's Discuss on draft-ietf-jose-json-web-signature-33: (with DISCUSS and COMMENT)
Date: Thu, 02 Oct 2014 15:38:11 +0000
Message-ID: <>
References: <> <> <> <> <> <> <> <> <> <>
In-Reply-To: <>
Accept-Language: en-US
Content-Language: en-US
x-originating-ip: []
Content-Type: multipart/alternative; boundary="_000_4E1F6AAD24975D4BA5B16804296739439BAB3A9BTK5EX14MBXC288r_"
MIME-Version: 1.0
X-EOPAttributedMessage: 0
X-Forefront-Antispam-Report: CIP:; CTRY:US; IPV:CAL; IPV:NLI; IPV:NLI; EFV:NLI; SFV:NSPM; SFS:(10019020)(438002)(24454002)(377454003)(199003)(479174003)(189002)(84676001)(77096002)(95666004)(85306004)(512874002)(15975445006)(84326002)(68736004)(21056001)(69596002)(20776003)(64706001)(92726001)(76176999)(19300405004)(80022003)(106116001)(55846006)(97736003)(54356999)(46102003)(99396003)(86612001)(15202345003)(71186001)(50986999)(26826002)(86362001)(10300001)(87936001)(19617315012)(107046002)(19580405001)(104016003)(19625215002)(120916001)(19580395003)(2656002)(33656002)(85852003)(66066001)(6806004)(44976005)(106466001)(4396001)(81156004)(16236675004)(93886004)(230783001)(76482002)(92566001)(31966008); DIR:OUT; SFP:1102; SCL:1; SRVR:BY2PR03MB396;; FPR:; MLV:ovrnspm; PTR:InfoDomainNonexistent; A:1; MX:1; LANG:en;
X-Microsoft-Antispam: UriScan:;
X-Microsoft-Antispam: BCL:0;PCL:0;RULEID:;SRVR:BY2PR03MB396;
X-O365ENT-EOP-Header: Message processed by - O365_ENT: Allow from ranges (Engineering ONLY)
X-Forefront-PRVS: 03524FBD26
Received-SPF: Pass ( domain of designates as permitted sender); client-ip=;;
Authentication-Results: spf=pass (sender IP is;
Cc: "" <>, Pete Resnick <>, The IESG <>, Ted Lemon <>, "" <>, John Bradley <>, "" <>
Subject: Re: [jose] Pete Resnick's Discuss on draft-ietf-jose-json-web-signature-33: (with DISCUSS and COMMENT)
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Javascript Object Signing and Encryption <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 02 Oct 2014 15:39:19 -0000

From: Kathleen Moriarty []
Sent: Thursday, October 02, 2014 8:34 AM
To: Richard Barnes
Cc: Pete Resnick; Ted Lemon; John Bradley;; The IESG;
Subject: Re: Pete Resnick's Discuss on draft-ietf-jose-json-web-signature-33: (with DISCUSS and COMMENT)

On Thu, Oct 2, 2014 at 11:29 AM, Richard Barnes <<>> wrote:
On Thu, Oct 2, 2014 at 11:25 AM, Pete Resnick <<>> wrote:
On 10/2/14 10:18 AM, Ted Lemon wrote:
On Oct 2, 2014, at 11:05 AM, Pete Resnick<<>>  wrote:

If I use a instant messaging protocol that uses JWS as a payload format for signed instant messages, and in my client, when I receive a message with a broken signature, I display the message to the user but put a big red box around the message with a flashing title in the margin in 7 point Helvetica  that says, "Invalid Signature", will I have violated the JWS spec? This isn't as part of "error processing and display"; I'm displaying the text of the message to the user, but I'm marking it as invalid.

That seems like the wrong thing to do, unless you like to get a lot of nicely highlighted spam in your instant messaging client.

Very much depends on the environment and the purpose. Which is an implementation decision. "MUST reject" is, in fact, not right.

Look, the signature verification process has two outcomes:
1. This is a valid signed object
2. This is not a valid signed object
The common names for these are "accept" and "reject".  No further semantics apply.

I agree with Richard here.  If we go down the path of changing the language, then we'll have to explore qualifiers to make sure we are not introducing security risks as well.

+1 from me.  We can explore adding language saying that “reject” does not imply that error processing can’t occur, but I don’t see a compelling case for changing the accept/reject language throughout.

                                                            -- Mike



Pete Resnick<>
Qualcomm Technologies, Inc. - +1 (858)651-4478<tel:%2B1%20%28858%29651-4478>


Best regards,