IETF Logo Mail Archive

Re: [stir] draft-ietf-stir-passport-rcd-14 rcdi for "/jcd"

Chris Wendt <chris-ietf@chriswendt.net> Tue, 18 January 2022 21:53 UTC

Return-Path: <chris-ietf@chriswendt.net>
X-Original-To: stir@ietfa.amsl.com
Delivered-To: stir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 22BDB3A0DFE for <stir@ietfa.amsl.com>; Tue, 18 Jan 2022 13:53:40 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.896
X-Spam-Level:
X-Spam-Status: No, score=-6.896 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=chriswendt-net.20210112.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id R2Aiz7LLhpSw for <stir@ietfa.amsl.com>; Tue, 18 Jan 2022 13:53:35 -0800 (PST)
Received: from mail-qv1-xf2e.google.com (mail-qv1-xf2e.google.com [IPv6:2607:f8b0:4864:20::f2e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9A4E53A0DF9 for <stir@ietf.org>; Tue, 18 Jan 2022 13:53:35 -0800 (PST)
Received: by mail-qv1-xf2e.google.com with SMTP id h16so728673qvk.10 for <stir@ietf.org>; Tue, 18 Jan 2022 13:53:35 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chriswendt-net.20210112.gappssmtp.com; s=20210112; h=from:message-id:mime-version:subject:date:in-reply-to:cc:to :references; bh=Qjui5io5MYrGJjjc/sdVq3Zq4+DIZQaNHV+7NnR/i7A=; b=Kavb224CQrrS/QhF2mJ20Hv5KEnG4iqT0Fwh9+1dKcQ9C/GRH4jV48ajknjQlLGa23 4Kkeuejjzw9HBrsEiLuRvUFgFA6hXoQBgLyhzOGvk7K8nly5jIsB5fvT5PSbu879rt7F l8liBBKQdQgXPNEhsUn8Zo13BYAQhv4x3QY+9zQCwrej9tQlMuQkaJv8KR27ygZFjqo9 85qGbfrVuvFt6gD8yhbwjw9NKsyBq+W/7OrpixdBCzpOhk0P4Ba1haW44s11vz93FnOJ Y1TxhsOVuT/hbVo5/MOKSJh6t00cV3uRFEYhiEyoKPsc3VVL9RCnqBjD3KbYQ4hyXz/K +4+w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:message-id:mime-version:subject:date :in-reply-to:cc:to:references; bh=Qjui5io5MYrGJjjc/sdVq3Zq4+DIZQaNHV+7NnR/i7A=; b=cevwDvbPHuAEsc1EUmOx4XUMTinVGB7LoWqejHleZuJlMQU4VTgFLrDYH8ECebLoTT Pfd7xer0mmVy104mQNnwrFDXEkSw/jtBVFF2fHRJ8JBBs+9iWnKpVvnOHRefFELynY3V DO4odEmZFudquJrcMJ8DhKXbGUiXGGVuWgjoI29lyxTlhzZvJ4TjutMU8eNfQ92Ho07a tVPyGsT/7Kg3NvjJ8vDHALVKX3OAapOlUihBsOvUZPHKGsk423OcffxRPjia9d/TR427 T45dLD6jr4veE6I3xsN7sEzss/z8EUzb27Wy+BuKDZuEDIeZluW9Jn009772RAutyzQ0 t2mQ==
X-Gm-Message-State: AOAM531qz9xloE21D5jky7DSriACEjkvRbr4DiupCK/KxmeaBzbX1f3O zAJVMO9IKW0I7iJGwlfHSKitmg==
X-Google-Smtp-Source: ABdhPJwuJmMfsttp4m//5WzWTB4SNJaBOURoLW2VuFyippmLHrQ1mK5xMpNlO9ViQrwHZDrNgV7C0Q==
X-Received: by 2002:a05:6214:19ed:: with SMTP id q13mr21430785qvc.38.1642542813661; Tue, 18 Jan 2022 13:53:33 -0800 (PST)
Received: from smtpclient.apple (c-69-242-46-71.hsd1.pa.comcast.net. [69.242.46.71]) by smtp.gmail.com with ESMTPSA id c11sm11410746qtb.8.2022.01.18.13.53.33 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Tue, 18 Jan 2022 13:53:33 -0800 (PST)
From: Chris Wendt <chris-ietf@chriswendt.net>
Message-Id: <11F60F01-4F7A-42BA-B0B0-73A3260C6EB3@chriswendt.net>
Content-Type: multipart/alternative; boundary="Apple-Mail=_7F1507A9-90B3-4431-9354-EF9ACB48FDD7"
Mime-Version: 1.0 (Mac OS X Mail 15.0 \(3693.40.0.1.81\))
Date: Tue, 18 Jan 2022 16:53:31 -0500
In-Reply-To: <AM5PR83MB03559C293FEE5A0C429D299D88549@AM5PR83MB0355.EURPRD83.prod.outlook.com>
Cc: IETF STIR Mail List <stir@ietf.org>
To: Jack Rickard <jack.rickard=40microsoft.com@dmarc.ietf.org>
References: <AM5PR83MB03559C293FEE5A0C429D299D88549@AM5PR83MB0355.EURPRD83.prod.outlook.com>
X-Mailer: Apple Mail (2.3693.40.0.1.81)
Archived-At: <https://mailarchive.ietf.org/arch/msg/stir/QHBb9-72Siq20Q-15qiHUWAipyM>
Subject: Re: [stir] draft-ietf-stir-passport-rcd-14 rcdi for "/jcd"
X-BeenThere: stir@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Secure Telephone Identity Revisited <stir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/stir>, <mailto:stir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/stir/>
List-Post: <mailto:stir@ietf.org>
List-Help: <mailto:stir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/stir>, <mailto:stir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 18 Jan 2022 21:53:40 -0000

Hi Jack,

I think you are missing the primary use-case we are trying to protect with “rcdi”, this is where the party that is authoritative over the certificate that has JWT Constraints for the specific “rcdi” for the party (explicitly different than the authoritative party) that is authoring the “rcd” PASSporT does not have the ability to try to author different contents than what have been authorized for them to include in the JSON or in the linked data as constrained by the certificate.

If the authoritative party and party signing the PASSporT is one in the same, yes there is some unnecessary hashing occurring, but I think consistency is the better path than trying to have multiple “rcdi” flavors or constraints procedures in this case.

-Chris

> On Jan 14, 2022, at 1:49 PM, Jack Rickard <jack.rickard=40microsoft.com@dmarc.ietf.org> wrote:
> 
> Hi all,
>  
> I’ve been mulling over RCD over Christmas, and you’ll be glad to know that I’m mostly happy with where it is (or will be once the rcdi changes are made). However, there is one part that is still bothering me that I’d like to ask about. Specifically, this paragraph of the spec:
>    For the use of JSON pointer in "jcd" and because array indexes are
>    dependent on the order of the elements in the jCard, the digest for
>    the "/jcd" corresponding to the entire jCard array string MUST be
>    included to avoid any possibility of substitution or insertion
>    attacks that may be possible to avoid integrity detection.  Each URI
>    referenced in the jCard array string MUST have a corresponding JSON
>    pointer string key and digest value.
>  
> I don’t think this does any harm however I also don’t think it does any good; anyone who could modify the “jcd” could just as easily modify the “rcdi” entry. In fact, I don’t think there’s any point providing digests for anything that isn’t a URI to remote content (e.g. nam and apn). Now, performing a few extra hashes per call probably won’t have an impact on anything, but I’m not a fan of requiring people to do something they don’t need to, and only supporting checking the hash of data from a URL could simplify some implementations.
>  
> Thanks,
> Jack Rickard 
> he/him 
> Software Engineer 
> jack.rickard@microsoft.com <mailto:jack.rickard@microsoft.com> 
> 
> <image001.png>
>  
>  
> _______________________________________________
> stir mailing list
> stir@ietf.org <mailto:stir@ietf.org>
> https://www.ietf.org/mailman/listinfo/stir <https://www.ietf.org/mailman/listinfo/stir>

v2.23.0 | Report a Bug | By Email