Return-Path: <neil.madden@forgerock.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1])
 by ietfa.amsl.com (Postfix) with ESMTP id ABA851200D6
 for <oauth@ietfa.amsl.com>; Tue, 13 Aug 2019 02:04:39 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level: 
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, 
 DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1,
 RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001]
 autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key)
 header.d=forgerock.com
Received: from mail.ietf.org ([4.31.198.44])
 by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id pWWUJMIT27kT for <oauth@ietfa.amsl.com>;
 Tue, 13 Aug 2019 02:04:37 -0700 (PDT)
Received: from mail-wm1-x332.google.com (mail-wm1-x332.google.com
 [IPv6:2a00:1450:4864:20::332])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (No client certificate requested)
 by ietfa.amsl.com (Postfix) with ESMTPS id EE78812008C
 for <oauth@ietf.org>; Tue, 13 Aug 2019 02:04:36 -0700 (PDT)
Received: by mail-wm1-x332.google.com with SMTP id o4so633666wmh.2
 for <oauth@ietf.org>; Tue, 13 Aug 2019 02:04:36 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=forgerock.com; s=google;
 h=from:content-transfer-encoding:mime-version:subject:message-id
 :references:to:date;
 bh=OBfm7taRBYTPH4CGNgRCvy/cu3Xg/Pr7mpyuwS7frYs=;
 b=Bz3MsYg7Ufx5oJQ2oVhmjvvcrLMUHKHpfyVL8sj4lr9Ld9pHDxj0LoNXPBjXJAFCJw
 p7t4UwoioDAVQYG0iX8DHnrk5wf+xzTIbtqWMBWRkKLUQo7/v+94CpRy8xaU4Dza5z21
 9SWGD1uIDM/1MLjFzkfplTRB9cqlqZBcKs+Fk=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:from:content-transfer-encoding:mime-version
 :subject:message-id:references:to:date;
 bh=OBfm7taRBYTPH4CGNgRCvy/cu3Xg/Pr7mpyuwS7frYs=;
 b=uEMOmTG88remqY6bqe3/tafI63no4rzmWwu4BjWutZ0J7Pdrf0yzrIxZ5w8/5Gdhvf
 g9kkcsdwgtMqXsXA6X2GvsoYuu/0d4M6cz8nKPYMD7Vd0C+O+k/QBlX6W9NwA8ECy10n
 Zc+3k6OqQw/di+3D/zqPK8sTHfa3M2NqZnpmc4vKUa9fv2QH7QXqnq1xTf5OeAxYFsUH
 TwzFRmkXI4f9CzwCdn7dxEBE4ZWitOpAduqqNBZ5KwGzVzyPloo50LSChesef159Iq5s
 pt1faaNJuw2vwjDBMFofsOUSY05jKlc5X7pJO74hn1BTVwXgEf/XGNyh7GRYs8PJt+V+
 O/ww==
X-Gm-Message-State: APjAAAVT58irq7ZyAePOQ9ny9lrKHn00mTystk1HwxWRRY2TmM7a23Xu
 5laJSpJRyp0peoPxsBRn9L4587gjYcN+C9/G51P7dukDxy/XfJtuPMZXRfbw6lEI/twXla8EbGi
 KNz3zTv3ziv4YlJtuKC00nwSNue3WZdEU58qoAROuNMRganojzyHLefq/IPWldA0=
X-Google-Smtp-Source: APXvYqyHMXn7WiaRI7XobesXbKQtWHkSXDYtaFkZx6pgBt9WjJjkOCy+5+qwY7SMPm3qMbeDAlxrLA==
X-Received: by 2002:a05:600c:d9:: with SMTP id
 u25mr1967967wmm.26.1565687075027; 
 Tue, 13 Aug 2019 02:04:35 -0700 (PDT)
Received: from [192.168.2.116] (77-44-110-214.xdsl.murphx.net. [77.44.110.214])
 by smtp.gmail.com with ESMTPSA id z2sm680371wmi.2.2019.08.13.02.04.34
 for <oauth@ietf.org>
 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
 Tue, 13 Aug 2019 02:04:34 -0700 (PDT)
From: Neil Madden <neil.madden@forgerock.com>
Content-Type: text/plain;
	charset=us-ascii
Content-Transfer-Encoding: quoted-printable
Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.11\))
Message-Id: <CEBE2BDF-E101-4E85-8061-62D4CDB321ED@forgerock.com>
References: <156568660565.24107.1708228686719919450.idtracker@ietfa.amsl.com>
To: OAuth WG <oauth@ietf.org>
Date: Tue, 13 Aug 2019 10:04:31 +0100
X-Mailer: Apple Mail (2.3445.104.11)
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/f-ir3_HFjlow-0DFsEexTQlOnk4>
Subject: [OAUTH-WG] Updated version of draft-madden-jose-ecdh-1pu-02.txt
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>,
 <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>,
 <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 13 Aug 2019 09:04:40 -0000

Hi all,

I've created a new version of my I-D on adding public key authenticated =
encryption to JOSE to support JWT-based encrypted access tokens.

https://tools.ietf.org/html/draft-madden-jose-ecdh-1pu-02

Version -02 removes the discussion of creating a two-way interactive =
handshake protocol after discussion with Hannes. That's out of scope for =
this WG and distracts from the main benefits of the draft, which are =
summed up in these bullet points from the introduction:

   o  The resulting message size is more compact as an additional layer
      of headers and base64url-encoding is avoided.  A 500-byte payload
      when encrypted and authenticated with ECDH-1PU (with P-256 keys
      and "A256GCM" Content Encryption Method) results in a 1087-byte
      JWE in Compact Encoding.  An equivalent nested signed-then-
      encrypted JOSE message using the same keys and encryption method
      is 1489 bytes (37% larger).

   o  The same primitives are used for both confidentiality and
      authenticity, providing savings in code size for constrained
      environments.

   o  The generic composition of signatures and public key encryption
      involves a number of subtle details that are essential to security
      [PKAE].  Providing a dedicated algorithm for public key
      authenticated encryption reduces complexity for users of JOSE
      libraries.

   o  ECDH-1PU provides only authenticity and not the stronger security
      properties of non-repudiation or third-party verifiability.  This
      can be an advantage in applications where privacy, anonymity, or
      plausible deniability are goals.

I missed the IETF meeting unfortunately. I can put together a few slides =
if anybody wants me to run through it?

-- Neil

> Begin forwarded message:
>=20
> From: internet-drafts@ietf.org
> Subject: New Version Notification for =
draft-madden-jose-ecdh-1pu-02.txt
> Date: 13 August 2019 at 09:56:45 BST
> To: "Neil Madden" <neil.madden@forgerock.com>
>=20
>=20
> A new version of I-D, draft-madden-jose-ecdh-1pu-02.txt
> has been successfully submitted by Neil Madden and posted to the
> IETF repository.
>=20
> Name:		draft-madden-jose-ecdh-1pu
> Revision:	02
> Title:		Public Key Authenticated Encryption for JOSE: =
ECDH-1PU
> Document date:	2019-08-13
> Group:		Individual Submission
> Pages:		12
> URL:            =
https://www.ietf.org/internet-drafts/draft-madden-jose-ecdh-1pu-02.txt
> Status:         =
https://datatracker.ietf.org/doc/draft-madden-jose-ecdh-1pu/
> Htmlized:       =
https://tools.ietf.org/html/draft-madden-jose-ecdh-1pu-02
> Htmlized:       =
https://datatracker.ietf.org/doc/html/draft-madden-jose-ecdh-1pu
> Diff:           =
https://www.ietf.org/rfcdiff?url2=3Ddraft-madden-jose-ecdh-1pu-02
>=20
> Abstract:
>   This document describes the ECDH-1PU public key authenticated
>   encryption algorithm for JWE.  The algorithm is similar to the
>   existing ECDH-ES encryption algorithm, but adds an additional ECDH
>   key agreement between static keys of the sender and recipient.  This
>   additional step allows the recipient to be assured of sender
>   authenticity without requiring a nested signed-then-encrypted =
message
>   structure.
>=20
>=20
>=20
>=20
> Please note that it may take a couple of minutes from the time of =
submission
> until the htmlized version and diff are available at tools.ietf.org.
>=20
> The IETF Secretariat
>=20