Re: [OAUTH-WG] JWT PoP Key Semantics WGLC followup 3 (was Re: confirmation model in proof-of-possession-02)
Brian Campbell <bcampbell@pingidentity.com> Fri, 31 July 2015 18:47 UTC
Return-Path: <bcampbell@pingidentity.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 252B01B344B for <oauth@ietfa.amsl.com>; Fri, 31 Jul 2015 11:47:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.378
X-Spam-Level:
X-Spam-Status: No, score=-1.378 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LH-eKWzAhOZz for <oauth@ietfa.amsl.com>; Fri, 31 Jul 2015 11:47:10 -0700 (PDT)
Received: from mail-ig0-x231.google.com (mail-ig0-x231.google.com [IPv6:2607:f8b0:4001:c05::231]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C91D21B3460 for <oauth@ietf.org>; Fri, 31 Jul 2015 11:47:09 -0700 (PDT)
Received: by igr7 with SMTP id 7so22050481igr.0 for <oauth@ietf.org>; Fri, 31 Jul 2015 11:47:09 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=pingidentity.com; s=gmail; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type; bh=kU/70hNl0Lr14vUdYS27WxkSGrz29E3HFLoGLHYTRMU=; b=g8aqUrDPa1duCq+Zjos04qqo5IJJY9n/DmeOn26/TnyW7/+FZgJStHKkW4TWS5O1PK 1gF0I0ymsKdIDUN6cFDY808UkFbFg9Wqvy3lC4zs5+joxd8q8og9dbnajPR+cnIEsra0 o7GqJ7hKqMfngy4adPzoU9XrGcYzI1F+05/Ig=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-type; bh=kU/70hNl0Lr14vUdYS27WxkSGrz29E3HFLoGLHYTRMU=; b=WbN6tCmIHm0BKeIarRADV6oHLXnVthzFYiQT+PBinpZR3H1rpWPy0dv+9kwPT0GQ+O uUXG5Lxr+ZTyA5HRXmpduaUkU4jm49FSvlK85e4ghQtx+xEChiWZSos13S7OiILZTfSN FTiR6k0l6VWZ4RJC3GNKviZ49PepU5BMg/fq4GVsFRguDavfjVWuRGIVSiBJS68LVsAX f0hl4Lfv2xYqsddHvwuwf0j2uhWJEcjbvxvX4SopHUmRvCz9xd/6hPcW0N6qv0joCzjf jYbIZrHlQk/1L01jz6Qlo8Rs769ure1j3iLb7PrjivOCP8SwgrDa+PHKklL9xVG3gOkO ZAAw==
X-Gm-Message-State: ALoCoQm2VZVV7iKtizvAny/yj8HA+/0bfDn6nqvfHouP8oW5//YBe6rhDJ6f0EFPDlN56mbm81IA
X-Received: by 10.50.61.195 with SMTP id s3mr8631530igr.62.1438368429041; Fri, 31 Jul 2015 11:47:09 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.79.96.199 with HTTP; Fri, 31 Jul 2015 11:46:39 -0700 (PDT)
In-Reply-To: <DB55D089-32B7-4D65-A8B0-19103FCE60F6@ve7jtb.com>
References: <CA+k3eCR1WLC5WbGz72Aunpy+FQKiUjmbYAHkv-+4OpbF=Ub1zA@mail.gmail.com> <BY2PR03MB44265A451E0AF7B6C1D1340F58B0@BY2PR03MB442.namprd03.prod.outlook.com> <CA+k3eCSecR3Nwoxd+Pazm7Oaoder5yk5XT3vUe1tboEmhFeM0Q@mail.gmail.com> <DB55D089-32B7-4D65-A8B0-19103FCE60F6@ve7jtb.com>
From: Brian Campbell <bcampbell@pingidentity.com>
Date: Fri, 31 Jul 2015 12:46:39 -0600
Message-ID: <CA+k3eCS7t2TAva5=CHgcTf6kd1oK8Hy5TrfkOZwyTpQAUH5b4w@mail.gmail.com>
To: John Bradley <ve7jtb@ve7jtb.com>
Content-Type: multipart/alternative; boundary="047d7bdc05f2450bad051c303fd3"
Archived-At: <http://mailarchive.ietf.org/arch/msg/oauth/J0XTs6nDLDmEwmIMUcI5SDBfYLo>
Cc: oauth <oauth@ietf.org>
Subject: Re: [OAUTH-WG] JWT PoP Key Semantics WGLC followup 3 (was Re: confirmation model in proof-of-possession-02)
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 31 Jul 2015 18:47:13 -0000
The Token Binding ID already has the public key in it. A normal cnf containing a JWK with the public key would work. But the whole Token Binding ID would probably be simpler. Or, if we're gonna make them parse the Token Binding ID, then a cnf that uses a finger/thumbprint of the key would be more space efficient as the whole key is already being sent elsewhere. That's all stuff that can be worked out later though. What I'm trying to express is that we don't really know what kind of flexibility will be needed and it's not at all clear that a structured cnf claim gives flexibility. On Thu, Jul 30, 2015 at 4:52 PM, John Bradley <ve7jtb@ve7jtb.com> wrote: > Token binding might be a bad example. > > I can’t see why you would need something separate unless you are trying to > do something like message signing and token binding. > I guess that is theoretically posable. > > Typically I think token binding would use the normal cnf containing a JWK > with the public key. > > The difference between token binding and mutual TLS is in the presentment > one is TLS client auth and the other is a signature over the tls unique in > a header. > > I think multiple cnf methods for the same presenter like SAML is overkill. > > However the ability to re-use the cnf structure for people who want > something custom seems reasonable (we couldn't stop them anyway) > > John B. > > On Jul 30, 2015, at 7:40 PM, Brian Campbell <bcampbell@pingidentity.com> > wrote: > > Some replies inline but the gist is that I disagree. > > On Thu, Jul 30, 2015 at 2:17 PM, Mike Jones <Michael.Jones@microsoft.com> > wrote: > >> Part of the reasoning for using a structured confirmation claim, rather >> than flattening the confirmation claim into the top-level JWT claims set, >> is that a JWT may carry more than one conformation key or key descriptor, >> as was mentioned in Prague. For instance, imagine that an application is >> conveying an application-level confirmation key using the “cnf” claim and >> for instance a token binding key using a second instance of the >> confirmation structure, say using the “tokbnd” claim. With the current >> structured approach, you’d have: >> >> >> >> {… >> >> “cnf”:{“jwk”: …}, >> >> “tokbnd”:{“jwk”: …} >> >> } >> >> >> > > That presumes token binding will use the same confirmation methods. But > I'd imagine that the Token Binding ID would somehow be used to signal > confirmation. So I'd be surprised if it ends up looking like that. The jwe > member of the cnf claim defiantly wouldn't apply. > > It also presumes that you'd want cnf and tokbnd in the same JWT, which > doesn't really make sense to me. This draft wants to establish a registry > for JWT Confirmation Methods but a token binding confirmation would be a > different claim? > > > >> If one were to flatten the structure, however, unique claim names would >> have to be produced for the cross-product of each conformation element and >> each confirmation claim. So you’d end up defining and registering these >> claims in the top-level JWT Claims registry: >> >> cnf_jwk >> >> cnf_jwe >> >> cnf_kid >> >> tokbnd_jwk >> >> tokbnd_jwe >> >> tokbnd_kid >> >> If you add other kind of confirmation keys, things would continue to get >> even sillier. >> > > Again that presumes token binding will use the same confirmation methods, > which I think it unlikely. > > I suspect it'd be more like cjwk, cjwe, ckid, and ctbd. > > And a cnf with nested structure would need a tbd or tokbnd member defined > and registered. > > >> >> >> The code will be simpler if you can have a single shared routine for >> handling confirmation structures rather a separate for handling cnf_jwk, >> cnf_jwe, cnf_kid from the one for handling tokbnd_jwk, tokbnd_jwe, >> tokbnd_kid, etc. >> > > You can still have a shared routine for handling things that are the same. > But with a nested structure you have to dig into the nesting. > > >> >> >> Another reason the structure makes things conceptually simpler is that >> then you can always use the name “kid” to hold a key ID, no matter the >> context, rather than having to use *name-your-prefix*_kid. The same >> holds true for other elements. >> > > I personally don't find that convincing. It depends on how someone thinks > about it. > > >> >> >> I’m sorry this wasn’t clear in Prague. I know it was mentioned in the >> context of carrying multiple confirmation keys in a JWT, but it went by >> pretty fast. >> > > It was an informal discussion that was largely about something else. > > >> >> >> Based on the discussion in Prague, I believe that we should add language >> to the spec saying that applications can define new claim names other than >> “cnf” to use to represent application-specific confirmation structures that >> have the same syntax as those using the “cnf” name. Would that do the >> trick for you? >> > > That's not at all what I'm driving at. > > If you believe that there's need for multiple confirmation structures with > the exact same syntax and meaning, I suppose that would be a useful > addition. But if you really believe that, the structure itself should > probably be adjusted to allow for multiples. I'm skeptical that it'll ever > be needed. > > >> >> >> By the way, I’m as much in favor of compactness as anyone. Heck – I was >> one of the folks who foisted the short claim names like “iss” on the >> world! But I really do believe that in this case, having structure makes >> things more readable and more flexible, especially since there will be >> cases where there are multiple confirmation structures in the same JWT. >> > > I can see both sides of readability. I don't see the flexibility. > > >> And once you prefix the names, you lose most of the space savings anyway. >> > > Depends on how you prefix them or otherwise name things. You've chosen > long prefixes to make your point but it wouldn't have to be that way. > > >> >> >> Best >> wishes, >> >> -- Mike >> >> >> >> *From:* OAuth [mailto:oauth-bounces@ietf.org] *On Behalf Of *Brian >> Campbell >> *Sent:* Thursday, July 30, 2015 11:29 AM >> *To:* Nat Sakimura <sakimura@gmail.com> >> *Cc:* oauth <oauth@ietf.org> >> *Subject:* [OAUTH-WG] JWT PoP Key Semantics WGLC followup 3 (was Re: >> confirmation model in proof-of-possession-02) >> >> >> >> Using individual claims for the different confirmation types would convey >> the same information with a reduced message size, likely simpler >> implementation, and avoid the need to establish a new registry. >> >> Seems like a no-brainer to me but maybe I'm overlooking something? >> >> There hasn't been much discussion that I'm aware of. Nat seemed in favor >> of it (the +1 below). Mike was dismissive of it at the Dallas meeting but >> didn't provide any reasoning (that I understood anyway). >> >> >> >> >> >> On Mon, Mar 23, 2015 at 10:18 AM, Nat Sakimura <sakimura@gmail.com> >> wrote: >> >> +1 >> >> =nat via iPhone >> >> >> 2015/03/23 11:07、Brian Campbell <bcampbell@pingidentity.com> のメッセージ: >> >> This is mostly about section 3.4 >> <https://na01.safelinks.protection.outlook.com/?url=https%3a%2f%2ftools.ietf.org%2fhtml%2fdraft-ietf-oauth-proof-of-possession-02%23section-3.4&data=01%7c01%7cMichael.Jones%40microsoft.com%7c8abba73f10ae4e3ddcff08d2990cd3bb%7c72f988bf86f141af91ab2d7cd011db47%7c1&sdata=2dHZxIhDc2jtu1krNFIccKamceZvM4%2b7Yw0hJGA6WcY%3d> >> but also the whole draft. >> >> >> If "cnf" is intended to analogous to the SAML 2.0 SubjectConfirmation >> element, it should probably contain an array value rather than an object >> value. SAML allows not just for multiple methods of confirming but for >> multiple instances of the same method. IIRC, only one confirmation needs to >> be confirmable. >> >> I'm not sure the extra complexity is worth it though. I've rarely, if >> ever, seen SAML assertions that make use of it. >> >> If the intent is just to allow for different kinds of confirmation, >> couldn't the structure be pared down and simplified and just have >> individual claims for the different confirmation types? Like "cjwk" and >> "ckid" or similar that have the jwk or kid value respectively as the member >> value. >> >> >> >> _______________________________________________ >> OAuth mailing list >> OAuth@ietf.org >> https://www.ietf.org/mailman/listinfo/oauth >> <https://na01.safelinks.protection.outlook.com/?url=https%3a%2f%2fwww.ietf.org%2fmailman%2flistinfo%2foauth&data=01%7c01%7cMichael.Jones%40microsoft.com%7c8abba73f10ae4e3ddcff08d2990cd3bb%7c72f988bf86f141af91ab2d7cd011db47%7c1&sdata=jwMvoc50hKttPr1u5gwWLmmCI9k3zumK8RtzWR2F7w0%3d> >> >> >> > > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth > > >
- [OAUTH-WG] JWT PoP Key Semantics WGLC followup 3 … Brian Campbell
- Re: [OAUTH-WG] JWT PoP Key Semantics WGLC followu… Mike Jones
- Re: [OAUTH-WG] JWT PoP Key Semantics WGLC followu… John Bradley
- Re: [OAUTH-WG] JWT PoP Key Semantics WGLC followu… Brian Campbell
- Re: [OAUTH-WG] JWT PoP Key Semantics WGLC followu… Brian Campbell
- Re: [OAUTH-WG] JWT PoP Key Semantics WGLC followu… John Bradley
- Re: [OAUTH-WG] JWT PoP Key Semantics WGLC followu… John Bradley
- Re: [OAUTH-WG] JWT PoP Key Semantics WGLC followu… Brian Campbell
- Re: [OAUTH-WG] JWT PoP Key Semantics WGLC followu… Brian Campbell
- Re: [OAUTH-WG] JWT PoP Key Semantics WGLC followu… John Bradley