Re: [jose] Header criticality -- hidden consensus?

[Mike Jones]

I'm not going to spend a lot of time arguing semantics, but there are lots of 
ways to meet this requirement in a library and still allow extensions to be 
used by the system as a whole that are not understood by the library.

One would be to have the caller pass a list of header parameter values to the 
library informing it to allow the use of particular parameters not understood 
by the library.  For instance, the list ["notes", "vsf"] might be passed in, 
informing the library not to reject inputs using the "notes" and "vsf" header 
parameters, since they are understood by the caller.

A dual of this is to have the library return a list of header parameters 
present in the input that it did not understand to the caller, letting the 
caller decide whether the input needs to be rejected.

I don't see the word "library" anywhere in RFC 2199. :)

                                                                Cheers,
                                                                -- Mike

From: jose-boun...@ietf.org [mailto:jose-boun...@ietf.org] On Behalf Of Richard 
Barnes
Sent: Friday, February 08, 2013 3:25 PM
To: Mike Jones
Cc: jose@ietf.org
Subject: Re: [jose] Header criticality -- hidden consensus?

Allow me to quote RFC 2119, which defines the requirements terminology for IETF 
documents:
"
1. MUST   This word, or the terms "REQUIRED" or "SHALL", mean that the
   definition is an absolute requirement of the specification.
"

By that definition, a system that implements JWE is absolutely required to 
throw out an object that contains an unknown header.  That requirement applies 
to any system that implements JWE -- JUST JWE, not some overall system that 
uses JWE.  (And likewise JWS.)

So yes, the current language applies very specifically to a JOSE library, not 
to a more general system.  If you want to do that, write a BCP on "Guidelines 
for Usage of JOSE".

--Richard




On Fri, Feb 8, 2013 at 6:19 PM, Mike Jones 
<michael.jo...@microsoft.com<mailto:michael.jo...@microsoft.com>> wrote:
I think you're missing the point of the second poll question.  It's there to 
clarify that the requirement to validate the headers is one placed on the 
system as a whole - not solely on particular pieces of an implementation.  
Indeed, it's my understanding that IETF specs almost universally place 
requirements only on the protocol behaviors - not on how implementations must 
be factored.  In other words, it's normal for IETF specs to place constraints 
on the behavior of the system as a whole.  The text in the second poll question 
would just reinforce that this is so in this particular case.

Hope everyone has a good weekend!

                                                                -- Mike

From: jose-boun...@ietf.org<mailto:jose-boun...@ietf.org> 
[mailto:jose-boun...@ietf.org<mailto:jose-boun...@ietf.org>] On Behalf Of 
Richard Barnes
Sent: Friday, February 08, 2013 3:12 PM
To: jose@ietf.org<mailto:jose@ietf.org>
Subject: [jose] Header criticality -- hidden consensus?

We're 24 votes into the header criticality poll, so I thought I would go ahead 
and take a look at how the results are shaping up.  My initial tabulation is 
below.  The result on the FIRST POLL (the main one) is as follows:

No: 10
Yes: 14

What I find striking, however, is that every single person that voted "Yes" on 
the FIRST POLL also voted "Yes" on the SECOND POLL.  So nobody who thinks that 
all headers should be critical thinks that a JOSE library should actually be 
required to enforce this constraint.  And that means that enforcing that all 
headers are supported cannot be a MUST according to RFC 2119.

So I wonder if there's consensus to remove the following text from JWE and JWS:
-----BEGIN-JWE-----
   4.   The resulting JWE Header MUST be validated to only include
        parameters and values whose syntax and semantics are both
        understood and supported.
-----END-JWE-----
-----BEGIN-JWS-----
   4.  The resulting JWS Header MUST be validated to only include
       parameters and values whose syntax and semantics are both
       understood and supported.
-----END-JWS-----

Otherewise, a JOSE library conforming to these specifications would be REQUIRED 
(a synonym to MUST in 2119) to reject a JWE/JWS that contains an unknown 
header, contradicting all those "Yes" votes on the SECOND POLL.

--Richard



-----BEGIN-Tabulation-----
1       2       3    Name:
N       -       -    Bradley
N       -       -    Ito
N       N       A    Yee
N       N       B    Barnes
N       N       B    Rescorla
N       N       C    Manger
N       N       C    Octman
N       Y       A    Fletcher
N       Y       A    Miller
N       Y       A    Sakimura
Y       Y       -    D'Agostino
Y       Y       A    Biering
Y       Y       A    Brault
Y       Y       A    Hedberg
Y       Y       A    Jay
Y       Y       A    Jones
Y       Y       A    Marais
Y       Y       A    Nadalin
Y       Y       A    Nara
Y       Y       A    Nennker
Y       Y       A    Solberg
Y       Y       B    Hardt
Y       Y       B    Medeiros
Y       Y       C    Matake
Y       Y       C    Mishra
-----END-Tabulation-----


_______________________________________________
jose mailing list
jose@ietf.org
https://www.ietf.org/mailman/listinfo/jose