IETF Logo Mail Archive

Re: [OAUTH-WG] Signed JWK Sets

Joseph Salowey <joe@salowey.net> Tue, 19 March 2024 23:24 UTC

Return-Path: <joe@salowey.net>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AD503C14CE22 for <oauth@ietfa.amsl.com>; Tue, 19 Mar 2024 16:24:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.905
X-Spam-Level:
X-Spam-Status: No, score=-6.905 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=salowey-net.20230601.gappssmtp.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8o_Bbtb0Z6La for <oauth@ietfa.amsl.com>; Tue, 19 Mar 2024 16:24:34 -0700 (PDT)
Received: from mail-lj1-x22f.google.com (mail-lj1-x22f.google.com [IPv6:2a00:1450:4864:20::22f]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 08408C14F70C for <oauth@ietf.org>; Tue, 19 Mar 2024 16:24:33 -0700 (PDT)
Received: by mail-lj1-x22f.google.com with SMTP id 38308e7fff4ca-2d4a901e284so55148661fa.1 for <oauth@ietf.org>; Tue, 19 Mar 2024 16:24:33 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=salowey-net.20230601.gappssmtp.com; s=20230601; t=1710890671; x=1711495471; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=UIp5sZvao59gU1jb3dCApUg5njEukopU7pQXgBqNrx0=; b=GlhG1eLw4l1iR8X00onYdLEErM4yqSXernbfELWWYjicmKXBYx0OZSCBdPmBIh0G1V 1ghRSMiDIsalJgWO/CJJFNcbC6slpe86vnHve58zeWsuXNcAP2GDk4HG9A9kDFnLCiUs XEQgkIOe6og+HXIs40idcjtAtiJtqegoghZLJGn2d/JxN+gnKJQUn/Sjh0hO3A20ubDT ZT2rZd5GWHnwhWem22DzKKTkQ+3k+QVVj53M73zOshmzp4maMaqt91fEmUs/sLgWtonH NBCTIutOe3U/9tUQMSgc4B+Fsqbj4g2eSHBfdnCRw8HuBncPC6gx7t6y76p2X8dJw+A1 wfmw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1710890671; x=1711495471; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=UIp5sZvao59gU1jb3dCApUg5njEukopU7pQXgBqNrx0=; b=jVFCoby6Ye4zUYC1RhZVa09+LaC92HWuuaZrZ1AVMSEBA1X/1BE4mUqTQGhgai1tUX 38br1pM7/SKFByCam9HJdjo7afEapAvDaM47Q0jgkkziHkVHuN8Cxcgwix0Y9V/4CRjq 2B2vJhHj16ftrPgMep5hWh3Bnoido/zWoO3RtyXOiN426y67qb6gudHZL3qN7ZADwB2K SE6+qPBneysVRYPldc634flJlEaHOXDTf3kvST76BRp2hmFBYFIDKlEsjzmSg8Lc5G/c Y5ousxp4XUzS5v+7hNP4UsuvIyBs4BuGC3AzxxHD1pMAgzpjSyfQ4ZZWE+mMcVGHTbe2 fNgw==
X-Forwarded-Encrypted: i=1; AJvYcCV/RLHQxys62gUcDHgE3ss7PWe9V9uiMFL0/9B8dvPdTkwqQOueZ5tm1FJO+8P75LBfchl68OiOtCugf/YhXw==
X-Gm-Message-State: AOJu0YyltspQh+vhoAkSRAbrci0tXBy/NKBxnX6Dn11JK3ZCjrrc44Xj R3ECGCq/1fVPbtYzC1ky4XTX8Kget0sStFQ/uFS3VfpIOBlNa/knhTBmHU84Qm83CHEgw1G9FF0 +21NzquRmyXVQfpQwuqk884jzJ3wbiC6zDKb77A==
X-Google-Smtp-Source: AGHT+IGKYtS/FGjK2ozNyYb5n2TidRE/h6LexWl2SWfH3OWRJlWlG3vvFaZtwOT7Sbv30tTNetdF6bT9auNYCtTaUZk=
X-Received: by 2002:a2e:7d0b:0:b0:2d4:3078:ef3d with SMTP id y11-20020a2e7d0b000000b002d43078ef3dmr9502111ljc.1.1710890671171; Tue, 19 Mar 2024 16:24:31 -0700 (PDT)
MIME-Version: 1.0
References: <CAL02cgSANrR=nys3RXDOYJPibLkv25X8Okq4dhL0Dpfi_ZSS_A@mail.gmail.com> <CACsn0cm0XdfFEjspPuBaHiv5AD0PNpCCRifo4OOC+F+XC3rAmg@mail.gmail.com> <CAL02cgQVWQfQ2wnpHZ2=OL5NMJTMf_Bxv+jifBFzu0WK+wYqrg@mail.gmail.com> <CACsn0cmM3otJ-P0O7dVNtNzc8sjJUxzOfzz+nAgmzqXtzdXb-A@mail.gmail.com>
In-Reply-To: <CACsn0cmM3otJ-P0O7dVNtNzc8sjJUxzOfzz+nAgmzqXtzdXb-A@mail.gmail.com>
From: Joseph Salowey <joe@salowey.net>
Date: Wed, 20 Mar 2024 09:24:19 +1000
Message-ID: <CAOgPGoDtaC=sFqj8O7ygvFziEMS2Zeigxy5aQSRPXPthd1kqYA@mail.gmail.com>
To: Watson Ladd <watsonbladd@gmail.com>
Cc: Richard Barnes <rlb@ipv.sx>, "oauth@ietf.org WG" <oauth@ietf.org>, Sharon Goldberg <goldbe@bastionzero.com>
Content-Type: multipart/alternative; boundary="000000000000b4818c06140bc6aa"
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/HU7vJJrVf9baSlw5Fyq5QXGNXaY>
Subject: Re: [OAUTH-WG] Signed JWK Sets
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 19 Mar 2024 23:24:37 -0000

I think Signed JWK sets are useful and would like to see them used in more
use cases so separating out the specifications seems like a good idea.  We
will have to be careful specify what security and deployment properties you
are trying to achieve in different use cases.

On Tue, Mar 19, 2024 at 11:36 AM Watson Ladd <watsonbladd@gmail.com> wrote:

> On Sun, Mar 17, 2024 at 5:32 PM Richard Barnes <rlb@ipv.sx> wrote:
> >
> > Hi Watson,
> >
> > I appreciate the concerns with regard to re-using Web PKI certs for
> cases such as these.  Care is required, but I think there is a path here.
> >
> > 1. Clearly there are cross-protocol concerns.  I expect that most usage
> here in reality would be based on ECDSA / EdDSA, not RSA, which helps.  I
> would be comfortable with security considerations recommending that a key
> pair / certificate used for signing these things be used for no other
> purpose.
> >
>

[Joe] I think there may also be a consideration in some environments that
problems could arise if keys not intended for signing JWK sets could be
used to sign JWK sets.


> > 2. Validity times are definitely a challenge for the container signing
> use case, but from the conversations I've had with that community, they are
> taking an orthogonal approach.  As I tried to sketch in the document, they
> are establishing authorities that will vouch that a signed thing existed at
> a given time, so that a relying party can safely rewind their clock and
> validate as if it were that time.  See, e.g., SigStore <
> https://www.sigstore.dev/>, which has roughly this shape if you squint
> right.
>
> That should work out: might want a security considerations saying this.
>
> >
> > 3. I don't think there's actually any disconnect between HTTPS
> authentication and proof of authority.  The Web PKI is about authenticating
> domain names, which is what both use cases require.
>
> Only with certain validation methods. Others like agreed upon change
> to site content have a narrower scope and the BRs reflect this
> subtlety. To be honest you're probably safe and I am not the expert
> here.
>

[Joe] I think this can work and be useful in many cases, but there may be
some subtleties here that should be considered.  All the more reason to
document this.


> Sincerely,
> Watson
>
> --
> Astra mortemque praestare gradatim
>
> _______________________________________________
> OAuth mailing list
> OAuth@ietf.org
> https://www.ietf.org/mailman/listinfo/oauth
>

v2.23.0 | Report a Bug | By Email