IETF Logo Mail Archive

Re: [jose] New Version Notification for draft-barnes-jose-jsms-00.txt

Mike Jones <Michael.Jones@microsoft.com> Tue, 26 June 2012 22:04 UTC

Return-Path: <Michael.Jones@microsoft.com>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2F5FC11E809F for <jose@ietfa.amsl.com>; Tue, 26 Jun 2012 15:04:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.822
X-Spam-Level:
X-Spam-Status: No, score=-3.822 tagged_above=-999 required=5 tests=[AWL=-0.223, BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vRSDlrCMskE5 for <jose@ietfa.amsl.com>; Tue, 26 Jun 2012 15:04:10 -0700 (PDT)
Received: from va3outboundpool.messaging.microsoft.com (va3ehsobe004.messaging.microsoft.com [216.32.180.14]) by ietfa.amsl.com (Postfix) with ESMTP id 32B0F11E8097 for <jose@ietf.org>; Tue, 26 Jun 2012 15:04:09 -0700 (PDT)
Received: from mail263-va3-R.bigfish.com (10.7.14.235) by VA3EHSOBE004.bigfish.com (10.7.40.24) with Microsoft SMTP Server id 14.1.225.23; Tue, 26 Jun 2012 22:02:27 +0000
Received: from mail263-va3 (localhost [127.0.0.1]) by mail263-va3-R.bigfish.com (Postfix) with ESMTP id 6BE763C005B; Tue, 26 Jun 2012 22:02:27 +0000 (UTC)
X-Forefront-Antispam-Report: CIP:131.107.125.8; KIP:(null); UIP:(null); IPV:NLI; H:TK5EX14HUBC103.redmond.corp.microsoft.com; RD:none; EFVD:NLI
X-SpamScore: -28
X-BigFish: VS-28(zz98dI9371I542M1432Izz1202hzz1033IL8275bh8275dhz2fh2a8h668h839h944hd25hf0ah)
Received-SPF: pass (mail263-va3: domain of microsoft.com designates 131.107.125.8 as permitted sender) client-ip=131.107.125.8; envelope-from=Michael.Jones@microsoft.com; helo=TK5EX14HUBC103.redmond.corp.microsoft.com ; icrosoft.com ;
Received: from mail263-va3 (localhost.localdomain [127.0.0.1]) by mail263-va3 (MessageSwitch) id 1340748145134081_23933; Tue, 26 Jun 2012 22:02:25 +0000 (UTC)
Received: from VA3EHSMHS042.bigfish.com (unknown [10.7.14.243]) by mail263-va3.bigfish.com (Postfix) with ESMTP id 1592E640042; Tue, 26 Jun 2012 22:02:25 +0000 (UTC)
Received: from TK5EX14HUBC103.redmond.corp.microsoft.com (131.107.125.8) by VA3EHSMHS042.bigfish.com (10.7.99.52) with Microsoft SMTP Server (TLS) id 14.1.225.23; Tue, 26 Jun 2012 22:02:24 +0000
Received: from TK5EX14MBXC283.redmond.corp.microsoft.com ([169.254.2.53]) by TK5EX14HUBC103.redmond.corp.microsoft.com ([157.54.86.9]) with mapi id 14.02.0309.003; Tue, 26 Jun 2012 22:03:26 +0000
From: Mike Jones <Michael.Jones@microsoft.com>
To: "Richard L. Barnes" <rbarnes@bbn.com>, Brian Campbell <bcampbell@pingidentity.com>
Thread-Topic: [jose] New Version Notification for draft-barnes-jose-jsms-00.txt
Thread-Index: Ac1T54J3Hq2uD/biTxyDhHQtQaL+4Q==
Date: Tue, 26 Jun 2012 22:03:25 +0000
Message-ID: <4E1F6AAD24975D4BA5B168042967394366569B1D@TK5EX14MBXC283.redmond.corp.microsoft.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [157.54.51.22]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
Cc: John Bradley <ve7jtb@ve7jtb.com>, "jose@ietf.org" <jose@ietf.org>
Subject: Re: [jose] New Version Notification for draft-barnes-jose-jsms-00.txt
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/jose>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 26 Jun 2012 22:04:11 -0000

http://tools.ietf.org/html/draft-jones-json-web-signature-json-serialization-01 is an existence proof that it's not hard to sign the parameters and have multiple signatures.

				-- Mike

-----Original Message-----
From: jose-bounces@ietf.org [mailto:jose-bounces@ietf.org] On Behalf Of Richard L. Barnes
Sent: Tuesday, June 26, 2012 10:46 AM
To: Brian Campbell
Cc: John Bradley; jose@ietf.org
Subject: Re: [jose] New Version Notification for draft-barnes-jose-jsms-00.txt

I agree with that goal!  I disagree that JWS is a good solution.  

It is true that JWS provides a relatively simple mechanism for a single signature, but:
1. It could be simpler (see below)
2. JWS header protection is useless for the single-signature case, and makes the multiple-signature/recipient case harder

--Richard



On Jun 26, 2012, at 12:16 PM, Brian Campbell wrote:

> I wasn't suggesting that integrity-protecting the header itself makes 
> things simpler. Rather that a desirable goal is for support of a 
> relatively simple model utilizing a single signature over the whole 
> message. And that we already have that in JWS.
> 
> On Mon, Jun 25, 2012 at 3:55 PM, Richard L. Barnes <rbarnes@bbn.com> wrote:
>> 
>> On Jun 25, 2012, at 5:53 PM, Richard L. Barnes wrote:
>> 
>>>>> I think part of this is that as one of the openID Connect authors I look at this as a necessary security token format, for OAuth and Connect.
>>>>> For that simple processing with one signature is a high priority for adoption.
>>>> 
>>>> +1.
>>>> 
>>>> A simple JSON friendly model supporting a single signature over the 
>>>> entire message (including headers) is an important case for 
>>>> adoption (and security). JWS provides that now and there are 
>>>> already numerous interoperable JWS implementations available or in the works.
>>> 
>>> I'm not sure how people think that integrity-protecting the header makes things *simpler*, especially since it adds a whole new decoding step and makes the parsing more complicated.
>>> 
>>> Pseudocode without integrity protection (assuming JSMS format, but JWS could be made to look similar):
>>> function verify(json) {
>>>    jose = JSON.parse(json);
>>>    // Check algorithm values
>>>    return Crypto.SignatureAlgorithm.verify(jose.content, 
>>> jose.keys[0].signature, jose.keys[0].key); }
>>> 
>>> Pseudocode with integrity protection (assuming JWS format):
>>> function verify(jws) {
>>>    (txtHeader, content, signature) = jws.split("\.");
>>>    protectedBody = header + "." + content
>>>    jsonHeader = base64url.decode(txtHeader);
>>>    header = JSON.parse(jsonHeader);
>>>    return Crypto.SignatureAlgorithm.verify(content, signature, 
>>> header.jwk); }
>>> 
>> 
>> Err, sorry, that should read:
>>    protectedBody = txtHeader + "." + content; and
>>    return Crypto.SignatureAlgorithm.verify(protectedBody, signature, 
>> header.jwk);
>> 
>> See how hard it is to get right?  :)
>> 
>> --Richard
> _______________________________________________
> jose mailing list
> jose@ietf.org
> https://www.ietf.org/mailman/listinfo/jose

_______________________________________________
jose mailing list
jose@ietf.org
https://www.ietf.org/mailman/listinfo/jose

v2.23.0 | Report a Bug | By Email