Re: [POSH] What's the point of using JWKs in POSH?
Matt Miller <mamille2@cisco.com> Thu, 29 May 2014 16:44 UTC
Return-Path: <mamille2@cisco.com>
X-Original-To: posh@ietfa.amsl.com
Delivered-To: posh@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EDE981A0177 for <posh@ietfa.amsl.com>; Thu, 29 May 2014 09:44:49 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -15.152
X-Spam-Level:
X-Spam-Status: No, score=-15.152 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-0.651, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RVm4jAc4ysob for <posh@ietfa.amsl.com>; Thu, 29 May 2014 09:44:47 -0700 (PDT)
Received: from alln-iport-8.cisco.com (alln-iport-8.cisco.com [173.37.142.95]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5B4891A016E for <posh@ietf.org>; Thu, 29 May 2014 09:44:46 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=3884; q=dns/txt; s=iport; t=1401381882; x=1402591482; h=message-id:date:from:mime-version:to:subject:references: in-reply-to:content-transfer-encoding; bh=2xH4SThPzao6M7KUDQePq7rwyFWXYUESHadTa8qghD8=; b=E9MBLo5rpdRgn5dnF+SY6REerU1U4K0ZREKIQ0u3XUu2OezliG7hfbjb Jq7iTO7NOF3bTxqkJT+O8lDU3rsSK7cdbqEbijyzwzN8mh0nNBK8nom8c OMHDM4jazQNbswOFf3pJJbzxc702rkIPjjqTJyy8OteUjdvtaUpRfTdHs o=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AsYHAKVjh1OtJA2B/2dsb2JhbABZgwdSWKoSAQEBAQEBBQGQX4c5AYEMFnSCJQEBAQQBAQFrChELDgoJFg8JAwIBAgEVMAYBDAYCAQGIPg3XSBeFVYgaMDqEQASJaDqPU4E9kWyDV4FQJBw
X-IronPort-AV: E=Sophos;i="4.98,935,1392163200"; d="scan'208";a="48353379"
Received: from alln-core-9.cisco.com ([173.36.13.129]) by alln-iport-8.cisco.com with ESMTP; 29 May 2014 16:44:42 +0000
Received: from xhc-rcd-x05.cisco.com (xhc-rcd-x05.cisco.com [173.37.183.79]) by alln-core-9.cisco.com (8.14.5/8.14.5) with ESMTP id s4TGigJN022201 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Thu, 29 May 2014 16:44:42 GMT
Received: from MAMILLE2-M-T03K.CISCO.COM (10.129.24.57) by xhc-rcd-x05.cisco.com (173.37.183.79) with Microsoft SMTP Server (TLS) id 14.3.123.3; Thu, 29 May 2014 11:44:41 -0500
Message-ID: <538763F8.1060705@cisco.com>
Date: Thu, 29 May 2014 10:44:40 -0600
From: Matt Miller <mamille2@cisco.com>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:24.0) Gecko/20100101 Thunderbird/24.5.0
MIME-Version: 1.0
To: Thijs Alkemade <me@thijsalkema.de>, posh@ietf.org
References: <B840DF08-6478-41AC-8894-51B0524ED622@thijsalkema.de>
In-Reply-To: <B840DF08-6478-41AC-8894-51B0524ED622@thijsalkema.de>
X-Enigmail-Version: 1.6
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
X-Originating-IP: [10.129.24.57]
Archived-At: http://mailarchive.ietf.org/arch/msg/posh/aCH4Tg2GlO0W59jJyGvbwA8xcMI
Subject: Re: [POSH] What's the point of using JWKs in POSH?
X-BeenThere: posh@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Discussion about PKIX Over Secure HTTP <posh.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/posh>, <mailto:posh-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/posh/>
List-Post: <mailto:posh@ietf.org>
List-Help: <mailto:posh-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/posh>, <mailto:posh-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 29 May 2014 16:44:50 -0000
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On 5/20/14, 12:42 PM, Thijs Alkemade wrote: > Hello, > > Today, I've spent some time on trying to implement POSH-checking > for xmpp.net. My implementation aimed to do two things: doing the > validation as described and showing someone how they could set up > their .well-known file by converting their X509 certificates to > JSON Web Keys. > > The latter part was a lot more work than the former and made me > wonder why it is defined the way it is. > > From draft-ietf-xmpp-posh: > > Each included JWK object MUST possess the following information: > > o The "kty" field set to the appropriate key type used for TLS > connections (e.g., "RSA" for a certificate using an RSA key). > > o The required public parameters for the key type (e.g., "n" and > "e" for a certificate using an RSA key). > > o The "x5t" field set to the certificate thumbprint, as described > in section 3.6 of [JOSE-JWK]. > > Yet the data that is required in the first and second bullet is > never used. It doesn't specify if and how clients should verify it. > Verification only uses the x5t field and optionally x5c. > > There are good arguments for "pinning" just the public key. > draft-ietf-websec- key-pinning only uses the SPKI field, DANE can > use either the full cert or its SPKI field (and optionally hashed). > But the way it is specified here won't allow that: the x5t field > always needs to be present and clients should verify it. > > So the public parameters of the key are useless here, but they make > a key >10x as large is they have to be. Generating them is also not > as easy: most certificate viewers show a SHA1 fingerprint and it's > really easy to do with the openssl cli tool, but extracting n and e > and base64-encoding them is a lot more work. I wouldn't even know > what to do for ECDSA keys. > > Are there any interoperability reasons for using JWKs that I'm not > aware of? Couldn't it just use a list of SHA1 hashes? > > Best regards, Thijs > > > > _______________________________________________ posh mailing list > posh@ietf.org https://www.ietf.org/mailman/listinfo/posh > Hello Thijs, The desire to use JWK came from wanting to support other very similar use-cases, including browserid. But since others haven't picked up on this, using a full JWK might be overkill now. The original version of the document called for the response to be a PEM-encoded certificate, but that has drawbacks for key/certificate rotation. It could move back in that direction, with a list of PEM-encoded certificates. We would have to be clear on what that list means (is it the chain to expect, or is it the list of alternates?). However, there is strong desire for the "by reference" model, where the response is an application-level redirect, and the actual keys/hashes are served up by the hosting provider. It would be nice to maintain a single syntax, I would think, as is the ability to indicate a "cache for at least <x>" without requiring (config|code) changes to the HTTPS servers. I'll confer with my co-author on some options here. - -- - - m&m Matt Miller < mamille2@cisco.com > Cisco Systems, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.22 (Darwin) Comment: GPGTools - https://gpgtools.org Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQEcBAEBCgAGBQJTh2P4AAoJEDWi+S0W7cO1hPsIAKl9iFPCWXgQlHlWxCzQjTTE mBK62d0mWZmKRfezaZY3ihEbuDYU7d1oYEW52gw3Td4tLLvOvbuGw9jyh9gROCSR caQkorwi9N+NQQ9JdYEXXLIY8fU2NiUjOaI8QgLtR4VpJ/XyPMaUvOJo0SksPRUE CIMYmCtD/zDmL0QwtaWZvoCkXqIvJiJdo/p7cM4YJGNxbPq/3NGhTOvRuDZdP7GK 43qIeSTTkR4DMkKIOZRYY+Ns6ZM+Yj5aUF7HGbNCgJNFKM4A34sAOc4266HsmnyA iZIBjd6X7NonOKMlmeXD4Jgm9C9t1Bngxk9LLf3JDDjuWzaqKI96L0KESx0gjuk= =hjA+ -----END PGP SIGNATURE-----
- [POSH] What's the point of using JWKs in POSH? Thijs Alkemade
- Re: [POSH] What's the point of using JWKs in POSH? Matt Miller
- Re: [POSH] What's the point of using JWKs in POSH? Matt Miller