[stir] RFC 8224: signed-identity-digest syntax
"Cooney, Chris" <CCooney@rbbn.com> Fri, 12 June 2020 20:19 UTC
Return-Path: <ccooney@rbbn.com>
X-Original-To: stir@ietfa.amsl.com
Delivered-To: stir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1AEE83A0EFE for <stir@ietfa.amsl.com>; Fri, 12 Jun 2020 13:19:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.096
X-Spam-Level:
X-Spam-Status: No, score=-2.096 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=rbbn.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 62zvqJuh0v-a for <stir@ietfa.amsl.com>; Fri, 12 Jun 2020 13:18:57 -0700 (PDT)
Received: from us-smtp-delivery-181.mimecast.com (us-smtp-delivery-181.mimecast.com [216.205.24.181]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A326F3A0EBD for <stir@ietf.org>; Fri, 12 Jun 2020 13:18:57 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rbbn.com; s=mimecast20180816; t=1591993136; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type; bh=f3ZFGX9BSjKq4ikChbYq0T2KcuMnXbzVDY9FAzTJ1bU=; b=Uwd8u7WiXFyY6lwBk9nFWD/NAf4KQSOlzoqxIv7g6aOoCMG5aM/7pOwlGYjxNIOFDg1MRb L+wbsCmtJOhZWaeE0t3DWRymlMGoig7TCwZRbl7tFFGx8nyLDVsq5O5QamGT6FK9/e4hOu 4Hx0nrkFkUh9h6BxtXNuBJA8QFAih7w=
Received: from NAM11-DM6-obe.outbound.protection.outlook.com (mail-dm6nam11lp2174.outbound.protection.outlook.com [104.47.57.174]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-35-IDLWlzd-Nsm0dpvjZs5HYw-1; Fri, 12 Jun 2020 16:18:53 -0400
Received: from DM6PR03MB5355.namprd03.prod.outlook.com (2603:10b6:5:246::16) by DM6PR03MB4204.namprd03.prod.outlook.com (2603:10b6:5:5e::25) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3066.20; Fri, 12 Jun 2020 20:18:51 +0000
Received: from DM6PR03MB5355.namprd03.prod.outlook.com ([fe80::3c01:cb4:1943:6b05]) by DM6PR03MB5355.namprd03.prod.outlook.com ([fe80::3c01:cb4:1943:6b05%6]) with mapi id 15.20.3088.025; Fri, 12 Jun 2020 20:18:50 +0000
From: "Cooney, Chris" <CCooney@rbbn.com>
To: "stir@ietf.org" <stir@ietf.org>
Thread-Topic: RFC 8224: signed-identity-digest syntax
Thread-Index: AdZA9oduLc9xDD5hSfWglyN/+1yjMA==
Date: Fri, 12 Jun 2020 20:18:50 +0000
Message-ID: <DM6PR03MB5355512F9F6978421BC67292DB810@DM6PR03MB5355.namprd03.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
x-originating-ip: [70.120.118.19]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: bfdd417d-125a-41a2-50ee-08d80f0dd244
x-ms-traffictypediagnostic: DM6PR03MB4204:
x-ms-exchange-transport-forked: True
x-microsoft-antispam-prvs: <DM6PR03MB420403EDF090A52273402D77DB810@DM6PR03MB4204.namprd03.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-forefront-prvs: 0432A04947
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: wDSYx0pARXF3Em3zHvzuAqT1dLX0bsJlZzMfIyfL0OpGbRQKDmGhkOHzbQsFvRUKidUV1BosoD9kTmEcGY61O189zVxxDn84VkwYeWZ995uLMo56F3COOkb0p9zmIZwQ+W3YRnZ4/O/rXTooSO6VOUhf41mWJ9Gb6XpLv7XMCWT4Nw6rMVXzkvxQsPZixsS4lG4/VSSjjSk+9p0WoEIu+3x9fJzI7UdpE+GcPfn95+3qjDLfQZ1ErekHg/rIyV1TyJyYH6flbwXSKtHHnsVgpgMUZ8akBtl+vop3T6A0GfNM3zs/hAk/8IeP1rmu+fCIQ6hqUAprZtGji6yfhn11QpAVYgm52hqHJHMte4MlKrHLf3gZ5Cjk2zdANy6yNKWogzs/mFfLVrOuSig6ws3pBw==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DM6PR03MB5355.namprd03.prod.outlook.com; PTR:; CAT:NONE; SFTY:; SFS:(4636009)(366004)(346002)(136003)(376002)(39860400002)(396003)(86362001)(55016002)(9686003)(2906002)(6916009)(5660300002)(99936003)(7696005)(71200400001)(64756008)(66446008)(33656002)(26005)(52536014)(316002)(76116006)(166002)(66616009)(66476007)(66556008)(8936002)(66946007)(478600001)(186003)(8676002)(6506007); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata: kTEP+IUSVbyx1ZSPzYl5mgPYo2Dt0Rk8G8pjp+WoSZJ7m/wHwrtDEAGBZ5mxB0vSPdu7ccBq8c+kRKEg3IQlEZe/RdmShWXVNWpZRTwvwd6YPhLX6BhN4zgY3Fk2wNsJhTZjN3p6Q1s3f0KvqhoErUpnXa1yhs1lcrqTzZhvkRWbkTiLiI+RoZ+9GnBu55S+izL7z5BsnuSqAkdSamW+qc1QA4N1SdX5C5SnVqmWCQDmQapTPisnXHvCG9NNZIuZanOeZAErE4pIkBmqj4jKyXTJvMlU77g1F6uk9/IsM7zVup0WKlNufsq6crjobgXyjeJbIr0+AxaMmLlB/Nod8YOfvjz34jc7XYzhZwx+/Wjwk5QRPCmVlMPvK+2Td9Lf4gAQaYK0uCZstIu63Zs3V9NCsfDDpBVdYhnm04nX4r0Lnz0FjSqzNbXW1LuXGKrJVBVQ4cZblYWWeYmS6EZJ6Uglta/HdnIJ4Ik1vpNAdSHs23LcI0R4mleuScmQcxAk
x-mc-unique: IDLWlzd-Nsm0dpvjZs5HYw-1
x-originatororg: rbbn.com
x-ms-exchange-crosstenant-network-message-id: bfdd417d-125a-41a2-50ee-08d80f0dd244
x-ms-exchange-crosstenant-originalarrivaltime: 12 Jun 2020 20:18:50.8444 (UTC)
x-ms-exchange-crosstenant-fromentityheader: Hosted
x-ms-exchange-crosstenant-id: 29a671dc-ed7e-4a54-b1e5-8da1eb495dc3
x-ms-exchange-crosstenant-mailboxtype: HOSTED
x-ms-exchange-crosstenant-userprincipalname: UMuWv9G/KXR2ok+wjrLJ2qnOEzbkB/I5pHy3kLt9XySu9dqRk2+M3quvah1hBU/VlKjp+h0IiI1ODLngp1FdZw==
x-ms-exchange-transport-crosstenantheadersstamped: DM6PR03MB4204
MIME-Version: 1.0
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: rbbn.com
Content-Type: multipart/related; boundary="_004_DM6PR03MB5355512F9F6978421BC67292DB810DM6PR03MB5355namp_"; type="multipart/alternative"
Archived-At: <https://mailarchive.ietf.org/arch/msg/stir/6u7SiDqepRd7Al4yDNJJc_6L7oc>
X-Mailman-Approved-At: Mon, 15 Jun 2020 10:39:25 -0700
Subject: [stir] RFC 8224: signed-identity-digest syntax
X-BeenThere: stir@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Secure Telephone Identity Revisited <stir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/stir>, <mailto:stir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/stir/>
List-Post: <mailto:stir@ietf.org>
List-Help: <mailto:stir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/stir>, <mailto:stir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 14 Jun 2020 00:19:59 -0000
Howdy,
I'm involved with a point of interop confusion relating to RFC's 8224 and 8225. The ultimate question is if "-" and "_" are allowed in the signed-identity-digest part of a SIP Identity header.
Section 4 of RFC 8224 specifies "/" and "+" (which are part of the base64 alphabet from RFC 4648), and NOT "-" and "_" (part of the base64url alphabet from RFC 4648).
........................................................The revised
grammar for the Identity header field builds on the ABNF [RFC5234] in
[RFC3261], Section 25. It is as follows:
Identity = "Identity" HCOLON signed-identity-digest SEMI
ident-info *( SEMI ident-info-params )
signed-identity-digest = 1*(base64-char / ".")
ident-info = "info" EQUAL ident-info-uri
ident-info-uri = LAQUOT absoluteURI RAQUOT
ident-info-params = ident-info-alg / ident-type /
ident-info-extension
ident-info-alg = "alg" EQUAL token
ident-type = "ppt" EQUAL token
ident-info-extension = generic-param
base64-char = ALPHA / DIGIT / "/" / "+"
The signed-identity-digest contains a base64 encoding of a PASSporT
[RFC8225]...
The RFC 8224 reference below says base64 is being used in RFC 8225, but that RFC uses base64url.
section 4.1:
After these two JSON objects, the header and the payload, have been
constructed and base64-encoded, they must each be hashed and signed
per [RFC8225], Section 6. The header, payload, and signature
components comprise a full PASSporT object.
And despite the section 4 grammar for Identity header, sections 4.1.1 and 5.1 of RFC 8224 show examples of Identity headers with "-".
RFC 8225 consistently specifies base64url with matching examples containing "-" or "_" in the encoded Passports.
Please help to clarify!
Thank you,
Chris Cooney
3605 E Plano Pkwy | Plano, TX 75074 USA
office: +1.972.805.9214 | mobile: +1.972.824.3639
[GENBAND.com]
<https://ribboncommunications.com/>
-----------------------------------------------------------------------------------------------------------------------
Notice: This e-mail together with any attachments may contain information of Ribbon Communications Inc. that
is confidential and/or proprietary for the sole use of the intended recipient. Any review, disclosure, reliance or
distribution by others or forwarding without express permission is strictly prohibited. If you are not the intended
recipient, please notify the sender immediately and then delete all copies, including any attachments.
-----------------------------------------------------------------------------------------------------------------------
- [stir] RFC 8224: signed-identity-digest syntax Cooney, Chris