IETF Logo Mail Archive

[stir] stir-06: JWT vs UAC time

Eric Burger <eburger@standardstrack.com> Fri, 11 December 2015 05:54 UTC

Return-Path: <eburger@standardstrack.com>
X-Original-To: stir@ietfa.amsl.com
Delivered-To: stir@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 10B5F1A892F for <stir@ietfa.amsl.com>; Thu, 10 Dec 2015 21:54:45 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.887
X-Spam-Level:
X-Spam-Status: No, score=0.887 tagged_above=-999 required=5 tests=[BAYES_40=-0.001, DKIM_SIGNED=0.1, SPF_HELO_PASS=-0.001, SPF_NEUTRAL=0.779, T_DKIM_INVALID=0.01] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4sDKms2Lil9z for <stir@ietfa.amsl.com>; Thu, 10 Dec 2015 21:54:44 -0800 (PST)
Received: from biz104.inmotionhosting.com (biz104.inmotionhosting.com [173.247.247.235]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 488251A892B for <stir@ietf.org>; Thu, 10 Dec 2015 21:54:44 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=standardstrack.com; s=default; h=Mime-Version:To:Message-Id:Date:Subject:Content-Type:From; bh=E8vzALS5NCGODWlorkI4KpNOKow+cfqTvldivFSJFt4=; b=q/MjX0sCwAUFdZtDegAW6WeUtHwqhwFtcpK6YY1M+wEy3oeAfauRy/7cYXrJEWPbpS12U3l2Z8RilPAnLs51UPl8OtQ6nX14z66gBXkuKx1Zm/Y3GOiXlLzSl6SSnIcNHhmNIzJQmvx6V+/2uhurLJuV4A0CcOszpTKMr94X/KY=;
Received: from ip68-100-196-239.dc.dc.cox.net ([68.100.196.239]:53943 helo=[192.168.15.111]) by biz104.inmotionhosting.com with esmtpsa (TLSv1:RC4-SHA:128) (Exim 4.85) (envelope-from <eburger@standardstrack.com>) id 1a7DGv-0007Tf-Nd for stir@ietf.org; Thu, 10 Dec 2015 18:17:27 -0800
From: Eric Burger <eburger@standardstrack.com>
X-Pgp-Agent: GPGMail 2.6b2
Content-Type: multipart/signed; boundary="Apple-Mail=_92A7AC0F-BE34-41D4-B3E5-9BD81E911034"; protocol="application/pgp-signature"; micalg="pgp-sha256"
Date: Thu, 10 Dec 2015 21:15:55 -0500
Message-Id: <97A26561-3508-4CE1-9BFE-44DE35C78EC7@standardstrack.com>
To: stir@ietf.org
Mime-Version: 1.0 (Mac OS X Mail 9.1 \(3096.5\))
X-Mailer: Apple Mail (2.3096.5)
X-OutGoing-Spam-Status: No, score=-2.9
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - biz104.inmotionhosting.com
X-AntiAbuse: Original Domain - ietf.org
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - standardstrack.com
X-Get-Message-Sender-Via: biz104.inmotionhosting.com: authenticated_id: eburger+standardstrack.com/only user confirmed/virtual account not confirmed
Archived-At: <http://mailarchive.ietf.org/arch/msg/stir/4ZgkwSeSfJjJlLfNVM4-Pu0gdGU>
Subject: [stir] stir-06: JWT vs UAC time
X-BeenThere: stir@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Secure Telephone Identity Revisited <stir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/stir>, <mailto:stir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/stir/>
List-Post: <mailto:stir@ietf.org>
List-Help: <mailto:stir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/stir>, <mailto:stir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 11 Dec 2015 05:54:45 -0000

Section 7 defines the issued at JWT value (iat) as the time the UAC asserts in the SIP message:
      Third, the JSON key "iat" followed by a colon and then a quoted
      encoding of the value of the SIP Date header field [EB1] as a JSON
      NumericDate (as UNIX time, per [RFC7519] Section 2)/

Do we really want to do that? I think there is value in either the authenticator barfing if the SIP time is too old or the validator barfing because the SIP time is way different than the authenticator issued time. I do not like the idea of the validator lying on behalf of the UAC.

v2.45.0 | Report a Bug | By Email | System Status