Re: [OAUTH-WG] [jose] Security research on JWT implementations
John Bradley <ve7jtb@ve7jtb.com> Thu, 02 April 2015 23:06 UTC
Return-Path: <ve7jtb@ve7jtb.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6749D1A878B for <oauth@ietfa.amsl.com>; Thu, 2 Apr 2015 16:06:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, MIME_QP_LONG_LINE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=unavailable
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UJNgicsR8Cbh for <oauth@ietfa.amsl.com>; Thu, 2 Apr 2015 16:06:25 -0700 (PDT)
Received: from mail-qg0-f45.google.com (mail-qg0-f45.google.com [209.85.192.45]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 417431A8798 for <oauth@ietf.org>; Thu, 2 Apr 2015 16:06:21 -0700 (PDT)
Received: by qgh3 with SMTP id 3so82100573qgh.2 for <oauth@ietf.org>; Thu, 02 Apr 2015 16:06:20 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:content-type:mime-version:subject:from :in-reply-to:date:cc:content-transfer-encoding:message-id:references :to; bh=t/9bosdb210PdnUul4nLU9HN/fzZ7kEEaZG5vArEmkY=; b=ODLk4yQRS1IG9bU1JAj2wfXfk7pTXO7huZNThwkW21fgtnwaPigIPzQTz5i5ZvTlw4 0aXmV2GihK2CiUiHNlcnQuN0UkGH1CtxNootpT0QLnyNWGQd9IlauS1FLAUyp4uGiIbr bhdjhVLaa0ouZ79fOvKHyKLfsIcjzz/aAbB2OM4SL+FNt2ZuGeVbOeneCfgblJMm0ahG BAe5huEHn9otpEJyHoby2GW8iXGb4ab3n20Nu7ws3PI7glQkvp9QX22Ub3y8NdbL5KiC 97+TGufLaKomR177E9iWqpDjMpVMXsWkDDOr2ckkuUAAlJyhvkDQ4TpJHor9h2ODxhTl NeRA==
X-Gm-Message-State: ALoCoQn28JglsdpU+5QMwV5ZfZMjNIuwkGVw8iQsPnjkRJRq6EOaXgXZkrqYzSmZVOejKNE6DSkB
X-Received: by 10.140.232.197 with SMTP id d188mr66914025qhc.80.1428015980289; Thu, 02 Apr 2015 16:06:20 -0700 (PDT)
Received: from [10.231.205.236] ([201.220.243.161]) by mx.google.com with ESMTPSA id o186sm4481679qhb.10.2015.04.02.16.06.18 (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Thu, 02 Apr 2015 16:06:19 -0700 (PDT)
Content-Type: multipart/alternative; boundary="Apple-Mail-1A876574-3034-41BE-A33B-40842249218D"
Mime-Version: 1.0 (1.0)
From: John Bradley <ve7jtb@ve7jtb.com>
X-Mailer: iPhone Mail (12D508)
In-Reply-To: <CABZPcaqsy_9HPJfDT-ErMr9H8owX_M=T5BWMtOGVc1zS-8TSJQ@mail.gmail.com>
Date: Thu, 02 Apr 2015 20:00:14 -0300
Content-Transfer-Encoding: 7bit
Message-Id: <10432770-DDDE-40A7-B1A5-FD26F898F11B@ve7jtb.com>
References: <CABZPcapJQu2dES0qjE73uzJoSs1RYDFOMyTXgkB5CtZ=a8JZ0w@mail.gmail.com> <551D6734.4010907@gmail.com> <CABZPcar2ryAFRFGRtT-GjTXj6mROBYxmjxmXZVMs93XzYnj0HQ@mail.gmail.com> <551D8A3C.1060300@gmx.net> <BY2PR03MB442D97471309DA16C70C80CF5F20@BY2PR03MB442.namprd03.prod.outlook.com> <37B89CA4-0242-41B8-841D-A4C88A1B2B76@ve7jtb.com> <CABZPcaqsy_9HPJfDT-ErMr9H8owX_M=T5BWMtOGVc1zS-8TSJQ@mail.gmail.com>
To: Tim McLean <tim@timmclean.net>
Archived-At: <http://mailarchive.ietf.org/arch/msg/oauth/zVBRMULgaXuE4UujAEtz8xokOrE>
Cc: "oauth@ietf.org" <oauth@ietf.org>, "jose@ietf.org" <jose@ietf.org>
Subject: Re: [OAUTH-WG] [jose] Security research on JWT implementations
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 02 Apr 2015 23:06:26 -0000
I agree that the best thing is one alg per kid. However getting people especially those using x509 Certs to alg is a challenge. People still want to do pkcs1.5 pss sha256 sha512 off of one key. With composite keys you need the alg to know the hash using x509 Certs. I think more advice for applications using JOSE libs to help them understand key management and comparing the alg in the JWT with the specific alg in a JWK or with a known subset of algs based on the key type is the best path. John B. Sent from my iPhone > On Apr 2, 2015, at 6:23 PM, Tim McLean <tim@timmclean.net> wrote: > >> On Thu, Apr 2, 2015 at 4:39 PM, John Bradley <ve7jtb@ve7jtb.com> wrote: >> A given issuer may be allowed to sign using both ECDSA and RSA PKCS 1.5 and that would not be a problem until one of them is deprecated. >> Having libraries assume that there can only be one alg per issuer would not lead to useful crypto agility in my experience. > > Note that I'm proposing one alg per key ID, not one alg per issuer (sorry in advance if I misunderstood what you meant here). > > Tim
- Re: [OAUTH-WG] [jose] Security research on JWT im… Hannes Tschofenig
- Re: [OAUTH-WG] [jose] Security research on JWT im… Mike Jones
- Re: [OAUTH-WG] [jose] Security research on JWT im… Aaron Parecki
- Re: [OAUTH-WG] [jose] Security research on JWT im… John Bradley
- Re: [OAUTH-WG] [jose] Security research on JWT im… Tim McLean
- Re: [OAUTH-WG] [jose] Security research on JWT im… Tim McLean
- Re: [OAUTH-WG] [jose] Security research on JWT im… John Bradley