Re: [OAUTH-WG] Signed JWK Sets
Watson Ladd <watsonbladd@gmail.com> Mon, 18 March 2024 00:23 UTC
Return-Path: <watsonbladd@gmail.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E3057C14F5E5 for <oauth@ietfa.amsl.com>; Sun, 17 Mar 2024 17:23:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.108
X-Spam-Level:
X-Spam-Status: No, score=-7.108 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PrtvjJS90jHT for <oauth@ietfa.amsl.com>; Sun, 17 Mar 2024 17:23:29 -0700 (PDT)
Received: from mail-wm1-x32b.google.com (mail-wm1-x32b.google.com [IPv6:2a00:1450:4864:20::32b]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 42BA2C14E515 for <oauth@ietf.org>; Sun, 17 Mar 2024 17:23:29 -0700 (PDT)
Received: by mail-wm1-x32b.google.com with SMTP id 5b1f17b1804b1-41412411672so1108195e9.3 for <oauth@ietf.org>; Sun, 17 Mar 2024 17:23:29 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1710721407; x=1711326207; darn=ietf.org; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=D0vlEQLucRnXvL8PONV/c2P0RXB67/Sj0sGVIiuOCww=; b=I3lvBQtZqDmT3/lpjAXaag+KhNZQ5F42MJZAVY4EB/mzC5tEbIxpjX2O79sgUHshDD +Vrh9dn+8CVu+1g7PQvdrX0z1vJxQxYYFdChaBXpuawwXHUIJ7r81L77Sze1fo2y/OCK rOqEfLB01VjnS+miwtNtxQ3eLEDA5oMqid/UMqUjyoU8U3CPFEXLrNVEuskWpGVi8pso UCAFAwzygAojUdfn078g8lto4OscbcG7qTM5n0iN17wUl6SP2uo3zUq1LaOMPIfRHWsq KTAc1fzHk9sLdAQ8uq656QqVmyt4E42jepisw7PEsXTr3jrG3lWWT/1QENdBRV6QQSLV 9VzQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1710721407; x=1711326207; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=D0vlEQLucRnXvL8PONV/c2P0RXB67/Sj0sGVIiuOCww=; b=DTWcyc+uwWOWJcPT18OH7EbZYM89EGhybfoqmLI0lPPr5iL3dIW2J69dDZQvdm8DNV tY7sTomTMZH+MKwZkgdOBIPu3+wtkuT4A1r0s2bZZl2HRL/zGjvm5CEmDLjzb40+a88l OFUOfQUDC3QQFn9HClgKEH4LL1kz5buMi1wAwdlXNyPdKediFayikh7sZpXLce2AOE/u H7iqkHb5iQWqBkCkUMHCdRbCdVBKK7frtpsu6LNl7+rWwVfRBUQcVMIDHMSAxrpzIqHa rPCpDbFbqM4YyyiucrPlKHZ4swQcYyGnK1hWUypESL9WRpflRbP344hHW7BgTWHQrWQf 06OA==
X-Gm-Message-State: AOJu0YwLVlC4hJ6Pph8uVOGaBhCm9pmT82jwruzQO47hiRIeQ3aPN92C aPSLPPZM6t1XoyG+QhEokHTYva5YQhTXwNMin2pDXB8478a/aMgV6n8ADcfACU9/klTbGVexNl7 tnW7/Vdmm0twMglkj8huxJ5buFuhKnAsX
X-Google-Smtp-Source: AGHT+IFSWnRIkKtPHAI23KtYmP45dY/AX+Rh7K/L31aCcoy6/BedFDqeEat30iQ97q7Dsp51bww+6zuBIB85o1zUkL8=
X-Received: by 2002:a5d:6803:0:b0:33d:fb3:9021 with SMTP id w3-20020a5d6803000000b0033d0fb39021mr6537663wru.54.1710721407159; Sun, 17 Mar 2024 17:23:27 -0700 (PDT)
MIME-Version: 1.0
References: <CAL02cgSANrR=nys3RXDOYJPibLkv25X8Okq4dhL0Dpfi_ZSS_A@mail.gmail.com>
In-Reply-To: <CAL02cgSANrR=nys3RXDOYJPibLkv25X8Okq4dhL0Dpfi_ZSS_A@mail.gmail.com>
From: Watson Ladd <watsonbladd@gmail.com>
Date: Sun, 17 Mar 2024 17:23:15 -0700
Message-ID: <CACsn0cm0XdfFEjspPuBaHiv5AD0PNpCCRifo4OOC+F+XC3rAmg@mail.gmail.com>
To: Richard Barnes <rlb@ipv.sx>
Cc: "oauth@ietf.org WG" <oauth@ietf.org>, Sharon Goldberg <goldbe@bastionzero.com>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/-ar_evb72kMGIm74woZ0XRduUMc>
Subject: Re: [OAUTH-WG] Signed JWK Sets
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 18 Mar 2024 00:23:30 -0000
On Sat, Mar 16, 2024 at 10:56 PM Richard Barnes <rlb@ipv.sx> wrote: > > Hi all, > > A few of us have been considering use cases for JWTs related to Verifiable Credentials and container signing, which require better "proof of authority" for JWT signing keys. Sharon Goldberg and I wrote up a quick specification for how to sign a JWK set, and how you might extend discovery mechanisms to present such a signed JWK set: > > https://github.com/bifurcation/redistributable-jwks/blob/main/draft-barnes-oauth-redistributable-jwks.md > > (Just in GitHub for now; will publish as an I-D when the window reopens tomorrow.) > > If we could get this functionality added to OAuth / OIDC, it would make these use cases work a lot better. As a prelude toward proposing working group adoption, it would be great to know if this design seems helpful to other folks as well. Obviously, happy to answer any questions / comments. I have concerns about this proposal. First we need to ban any use of RSA-1.5 encryption (aka TLS 1.2) with the certificates used here. This is not really possible in TLS as commonly implemented for reasons, and can't be determined from the certificate alone (unless it's RSA-PSS certificate with special stuff that hopefully is honored or ECDSA). Then there's a philosphical issue to reusing keys for different purposes that requires domain separation ala TLS 1.3, and likely some X509 extensions as well to really nail it. Secondly there are a bunch of layer 8 question with the Web PKI this raises. The web PKI is moving to short term issuance and possibly removal of revocation entirely if certificates can be sufficiently short term. For signatures on containers this is inappropriate: a verification that a container is the correct container needs to be possible long after 90 days or a week, and this means the keying material that was used to make that signature must be held secure afterwards. This runs straight up into what we're trying to do to improve the Web PKI, and using the Web PKI for other things often leads to pain. Thirdly the web PKI issuance methods make sense from a web perspective, but not necessarily from a codesigning perspective. What we want to validate is different. Organizationally websites and codesigning often belong in different places. At the same time there's a barrier to alternatives, especially the ones that don't exist (see also Roughtime for my personal experience with this). These issues get real thorny real fast. Sincerely, Watson Ladd -- Astra mortemque praestare gradatim
- Re: [OAUTH-WG] Signed JWK Sets John Zila
- [OAUTH-WG] Signed JWK Sets Richard Barnes
- Re: [OAUTH-WG] Signed JWK Sets Michael Jones
- Re: [OAUTH-WG] Signed JWK Sets Michael Jones
- Re: [OAUTH-WG] Signed JWK Sets Watson Ladd
- Re: [OAUTH-WG] Signed JWK Sets Richard Barnes
- Re: [OAUTH-WG] Signed JWK Sets Richard Barnes
- Re: [OAUTH-WG] Signed JWK Sets Watson Ladd
- Re: [OAUTH-WG] Signed JWK Sets Joseph Salowey
- Re: [OAUTH-WG] Signed JWK Sets Orie Steele
- Re: [OAUTH-WG] Signed JWK Sets Richard Barnes
- Re: [OAUTH-WG] Signed JWK Sets Ethan Heilman
- Re: [OAUTH-WG] Signed JWK Sets Neil Madden
- Re: [OAUTH-WG] Signed JWK Sets Ethan Heilman
- Re: [OAUTH-WG] Signed JWK Sets Joseph Salowey
- Re: [OAUTH-WG] Signed JWK Sets Neil Madden
- Re: [OAUTH-WG] Signed JWK Sets Neil Madden
- Re: [OAUTH-WG] Signed JWK Sets Rifaat Shekh-Yusef
- Re: [OAUTH-WG] Signed JWK Sets James Carnegie