Re: [OAUTH-WG] Omit "jwk" (or use "kid" instead) in DPoP Proof?

Brian Campbell <> Tue, 15 September 2020 22:16 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 28C663A09EA for <>; Tue, 15 Sep 2020 15:16:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 8caU5NSSIgoC for <>; Tue, 15 Sep 2020 15:16:05 -0700 (PDT)
Received: from ( [IPv6:2a00:1450:4864:20::133]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id D4F023A09D8 for <>; Tue, 15 Sep 2020 15:16:04 -0700 (PDT)
Received: by with SMTP id z19so4801886lfr.4 for <>; Tue, 15 Sep 2020 15:16:04 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=xCwpjQkhAIl+T9T/Jk8T7M1HyDiRJO75lAhYDZmHn9I=; b=f9bj2wCpcO+a6KPkvzqrEIGw7InECpuDd1cSzsnSl765VzisTNz02r9l35WM8wm0Kx b7zE5aswcAencbcSO6Gew5hPnMM/nvQzVpw55BDDNFNoMwigBXNSdwbyAKC249P5yIZC twbrYYwY5v5NvCjiQ6tuZCSWfxbQEWvowb848w92hHNymVCCXXG71ySle/cO53r6tQM+ l/n+nWEvTkTJiAQijkknqm6C7Mu/lUKnXMaPDzl+PNtgTvdYd6zg3j8bN2kKDIWatH6B +2P12Bj7QCg2VuP8aUHadfvFdKotAZ5qC9/WkHdJMMtxIbWRFpmkmZTzPY+MzOZNqyX0 ZRuw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=xCwpjQkhAIl+T9T/Jk8T7M1HyDiRJO75lAhYDZmHn9I=; b=X7wk6/xIumVrbbLX0uUGIsZZTy7T2yBJyFerDY/8+u+kgh0ZjL5Z5PpxgbpEsmw2Qd FH5A5xamv3UFt1ifl6DLxOse2cals2xoh5I6urzpxm3mmyKbwVoZs5BXL4dKcworVb9z SoZAMr9RcJDSUakpPzNiEsNBbZ7U7bDY16jSSE67o2noXWyJtIayS/ibUjYyUevDujoY AqDzvmzpBbwoJXLRzaBqCfWawGboR+WFGV6nwf0V/I5IavGoC9IKMTDTZxDxiCi8KrP/ bgAM2wnrXBv/7M3bRYI7B/QDExAwhZHkrBDvu04aFtzD1wZRPsSkc7NEscHjKJIr9I04 rtXQ==
X-Gm-Message-State: AOAM531Kw7zgU6s22u1mLoIICZs6yeDhevSuArgAUQTg3J1qvzu4av8l eeU6fg2JGXYTzAlYvSzsCL54e0Rsot4E9T6jCdQSbggLZujUn4mfWVcZqgPmCsWvqJtLmeATpdl Mg1Z6egX9/XJh+g==
X-Google-Smtp-Source: ABdhPJzcCfp0TdFVPdrOdMt4u/dOYV0j3WUEa/CfqnsKy7kt7VnuO/+z3rqmJDF7/VPScqYjnVlym7edPBa8rPwQg2E=
X-Received: by 2002:a19:606:: with SMTP id 6mr6095449lfg.407.1600208162709; Tue, 15 Sep 2020 15:16:02 -0700 (PDT)
MIME-Version: 1.0
References: <> <>
In-Reply-To: <>
From: Brian Campbell <>
Date: Tue, 15 Sep 2020 16:15:36 -0600
Message-ID: <>
To: Neil Madden <>
Cc:, oauth <>
Content-Type: multipart/alternative; boundary="0000000000001afc0105af617f15"
Archived-At: <>
Subject: Re: [OAUTH-WG] Omit "jwk" (or use "kid" instead) in DPoP Proof?
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: OAUTH WG <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 15 Sep 2020 22:16:08 -0000

Sorry for the slow reply to this one, Neil. It's gotten me thinking a bit
and it took some time to gather my thoughts and attempt to articulate them.

It is true that, as defined in the current -01 draft, there is the
additional step for the RS to check that the proof key matches the hash in
the AT. But I think that equating it to "exactly" that kind of
CVE-2018-0114 mistake or Moxie’s Cryptographic Doom Principle is a
significant mischaracterization. The DPoP proof message and its signature
are used to establish that the sender holds the corresponding private key.
Then binding tokens to that key or checking such bindings can be done.
That's quite different from checking the signature/integrity of a message
against a trusted key before relying on the content of the message, which
is what CVE-2018-0114 and erroneously trusting the key is about. I'm
admittedly a little touchy about this because I tried to speak up about the
potential problems with blindly trusting the jwk header back in the days of
developing the JOSE specs. And have even joked more recently that the DPoP
proof finally uncovered a legitimate use for it. So with all that said, I
don't think it rises to the level of doom. And the step of checking the
binding of the token to the proof key is pretty fundamental. It's
conceptually the same as how the AT binding is done with MTLS / RFC 8705
and the expired/defunct draft-ietf-oauth-token-binding. That doesn't make
it right per se but there's some precedent for the general approach.
Following that conceptual precedent was part of the motivation for the
current approach - not so much as simplicity for the client but simplicity
in the form of consistency in the protocol definition itself. But maybe
that motivation was too much so as the hash based cnf binding is kinda
necessary in those that are doing the key proof at or closer to the
transport layer but DPoP has all the stuff at the same layer so could do it
differently. Putting the jwk in the cnf of the AT would eliminate the
possibility of resource servers forgetting to check the binding. Of course
there are still mistakes that could be made but removing even the
possibility of that particular one is compelling.

The efficiency gains you mention are dependent on circumstance and not
always applicable, as you've kinda alluded to. The many variations of
deployment options (e.g., reference vs self-contained tokens, introspection
vs. local validation and either with various caching strategies, location
of entities and communication path between them) make quantifying it rather
difficult and circumstantially dependent. However, moving the jwk from the
DPoP proof to the AT (by value or reference) would reduce the overall
amount of data that is conveyed across the two items from a jwk and its
hash to just the jwk. That's not a huge gain but it is more than nothing.
It would also eliminate the need to codify a hash function for the jwk
thumbprint, which admittedly would be rather nice.

I guess that's a lot of words to try and kinda defend the current approach
while also admitting that I'm coming around to seeing the light in your

On Wed, Sep 9, 2020 at 12:43 AM Neil Madden <>

> I disagree with this rationale, I’m afraid. I don’t think the simplicity
> gain for the client is really very great and I think we will regret this
> decision.
> Most importantly, including the JWK directly in the proof token increases
> the likelihood that somebody will just validate the signature using that
> key and fail to check that it matches the hash in the AT. We’ve already
> seen at least one vendor make exactly this kind of mistake in the past [1].
> Letting the proof tell you the key to use to verify the proof is another
> example of Moxie’s Cryptographic Doom Principle [2] - trusting the message
> before you’ve authenticated it.
> Moving the jwk from the DPoP proof to the AT/introspection response
> reduces the chances of these kind of mistakes.
> As a bonus it also has efficiency gains because the size of the DPoP proof
> is reduced - potentially by a lot for RSA keys. Although the JWK still has
> to be communicated to the RS, this can be more efficient because:
> - For token introspection, in many deployments the introspection request
> will be within a datacenter and so over a high-bandwidth low-latency
> network. This is usually not the case for the DPoP proof, which may be over
> a poor mobile connection.
> - For embedded directly in a JWT access token, the JWK will be in the
> claims rather than the header and so can at least be compressed. (Albeit
> not by much, because public keys don’t compress well, but the rest of the
> AT will and that can compensate a little for the extra bulk).
> [1]:
> [2]:
> — Neil
> On 8 Sep 2020, at 23:46, Brian Campbell <bcampbell=
>> wrote:
> Indeed there are cases, as you point out, where the key might be knowable
> to the server via some other means, which makes the "jwk" header in the
> DPoP proof not strictly necessary. And while omitting the key in such cases
> would reduce the size of some messages (the DPoP proof anyway), such
> optionality would add complexity to implementations and deployments (and
> that kind of complexity can and often does degrade interoperability and
> even security). How, for example, would a client know if the access token
> includes the public key and thus whether or not to include the key with the
> proof? Sure the access token could always include the key (rather than
> thumbprint) but then there's the question of how to get the key to the AS.
> As well as the stated desire to utilize the same DPoP Proof structure for
> requests to both the AS and RS. There will be some clients that have public
> key(s) registered and some that won't (maybe a lot that won't as a driving
> use case for many for this is key binding access and refresh tokens for
> public clients). The protocol defined by the draft needs to account for
> both.
> Ultimately there are a number of different ways the necessary data could
> flow through the various protocol elements. And there are some tradeoffs
> with different approaches and/or trying to accommodate variations under one
> approach. The approach the draft has taken thus far is to prioritize
> consistency and simplicity as much as is possible. And that ethos has led
> to how it's currently defined, which is to always include the key in the
> proof and bind to a hash of the key in the access token.
> On Tue, Sep 8, 2020 at 3:29 AM <> wrote:
>> Hi all,
>> In section 4.1 of draft-ietf-oauth-dpop-01, the "jwk" header parameter is
>> REQUIRED. However, there are some cases where "jwk" is not necessary in
>> theory.
>> For example, consider a case where the client is registered with the
>> Authorization Server, and its one and only public key is also registered
>> with
>> the AS. In that case, when the AS receives a request on Token endpoint,
>> it can
>> just use the public key registered for the client to verify the DPoP
>> Proof.
>> There is no need to send the public key in DPoP Proof.
>> The same goes for requests to the Resource Server, if the AS and RS share
>> the
>> storage for clients' public keys. Things are a little difficult if the AS
>> and RS
>> are separate. Probably the Access Token or its introspection result have
>> to
>> include the public key (instead of its thumbprint as described in section
>> 7).
>> If the client registers multiple keys with the AS, it needs to specify
>> which key
>> it uses to sign the DPoP Proof. However, there is still no absolute need
>> to send
>> the whole key in DPoP Proof. Instead, the client could use "kid" header
>> parameter to specify the key.
>> Daniel Fett once mentioned the above case in the GitHub issue #26 [*1],
>> but I'm
>> not sure what happened to the discussion. There was also a comment on the
>> latest
>> draft about the "jwk" header parameter [*2]. I agree with using the same
>> DPoP
>> Proof structure for requests to AS and RS, but I think there are some
>> cases
>> where we can omit "jwk" in BOTH requests. Making "jwk" OPTIONAL would
>> allow
>> those cases to reduce some messaging overhead.
>> I'd like to hear your opinions about it.
>> [*1]:
>> [*2]:
>> Best regards,
>> Toshio Ito
>> -------------
>> Toshio Ito
>> Research and Development Center
>> Toshiba Corporation
>> _______________________________________________
>> OAuth mailing list
> *CONFIDENTIALITY NOTICE: This email may contain confidential and
> privileged material for the sole use of the intended recipient(s). Any
> review, use, distribution or disclosure by others is strictly prohibited.
> If you have received this communication in error, please notify the sender
> immediately by e-mail and delete the message and any file attachments from
> your computer. Thank you.*_______________________________________________
> OAuth mailing list

_CONFIDENTIALITY NOTICE: This email may contain confidential and privileged 
material for the sole use of the intended recipient(s). Any review, use, 
distribution or disclosure by others is strictly prohibited.  If you have 
received this communication in error, please notify the sender immediately 
by e-mail and delete the message and any file attachments from your 
computer. Thank you._