Per my action item on the call, the following is proposed updated text for JWS
Appendix D. It includes a lot of introductory text proposed by Jim. It also
more explicitly describes the likely methods of key ordering and key filtering,
as also requested on the call. Please let me know if there are any additional
text changes you'd like to see (and if so, please provide specific proposed
text, if possible). The previous version of this appendix can be read at
http://tools.ietf.org/html/draft-ietf-jose-json-web-signature-19#appendix-D.
Appendix D. Notes on Validation Key Selection
This appendix describes a set of possible algorithms for selecting the key to
be used to validate the digital signature or MAC of a JWS object. This guidance
identifies a set of algorithms, rather than a single algorithm, because in
different contexts, not all the sources of keys will be used, they can be tried
in different orders, and sometimes not all the collected keys will be tried.
The algorithms consist of the application of some or all of the steps described
below; the order and inclusion of steps described below does not mean that they
need to be performed in this order or that they are required in all contexts.
These algorithms are described for illustration purposes only; specific
applications can and are likely to use different algorithms. Specific
applications will frequently have a much simpler method of determining the keys
to use, as there may be one or two key selection methods that are profiled for
the application's use. This appendix supplements the normative information on
key location in Section 6 (Key Identification).
The gist of these algorithms is to collect a set of keys from known applicable
sources of keys and then to use them to attempt to validate the digital
signature or MAC value of a JWS. Potential sources of keys include:
* Keys supplied by the application protocol being used.
* Keys referenced by the jku (JWK Set URL) Header Parameter.
* The key provided by the jwk (JSON Web Key) Header Parameter.
* The keys referenced by the kid (Key ID) Header Parameter.
* Keys referenced by the x5u (X.509 URL) Header Parameter.
* The key provided by the x5c (X.509 Certificate Chain) Header
Parameter.
* The key referenced by the x5t (X.509 Certificate SHA-1 Thumbprint)
Header Parameter.
* Other applicable keys available to the application.
Once the set of keys has been collected, the following steps may also be
applied:
* Order the set of collected keys in a particular way. For instance,
keys referenced by the kid or x5t parameters might be used before other keys.
Keys with certain alg values or other member values might be ordered before
keys with other alg values or other member values.
* Filter the set of collected keys in a particular way. For instance,
only keys referenced by the kid or x5t parameters might be used by the
application. Keys might be filtered to include or exclude keys with certain alg
values, use values, or other member values.
Finally, signature or MAC validation will be tried with some or all of the
collected and possibly ordered and/or filtered keys. This process will normally
terminate following a successful validation.
-- Mike
_______________________________________________
jose mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/jose
