+1
Basically, JOSE defines both crypto processes and container mechanisms
for those processes. "alg:none" lets you use the container without the
crypto in a way that's compatible with using the same contianer with
crypto. Code reuse and parallelism are awesome. But by explicitly
calling out that a thing is unsigned, an app can decide whether or not
it likes unsigned stuff and act accordingly.
-- Justin
On 04/25/2014 06:17 PM, Brian Campbell wrote:
Plaintext JWSs haven't been free of controversy but the topic has been
discussed many times and the [rough] consensus of the WG is that the
"none" JWS alg is useful. It is in use by the finalized versions of
OpenID Connect, as Vladimir has alluded to. And it has been fairly
wildly deployed in production use.
The "Plaintext JWS Security Considerations" in section 8.5 of JWA [1]
represents the consensus the WG came to, which keeps the "none" alg
but mandates that implementations "MUST NOT accept such objects as
valid unless the application specifies that it is acceptable for a
specific object."
[1]
http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-25#section-8.5
Vladimir
On Fri, Apr 25, 2014 at 2:51 PM, Kathleen Moriarty
<[email protected]
<mailto:[email protected]>> wrote:
Thanks, Vladimir.
Is there consensus in the WG that this is the right thing to do? I'm
expecting some push-back on this one and want to make sure it has
consensus behind it. I have heard of a couple of objections already.
On Thu, Apr 17, 2014 at 2:10 PM, Vladimir Dzhuvinov
<[email protected] <mailto:[email protected]>> wrote:
>> Thanks, Vladimir.
>>
>> How would they be secured then? With the current threat
landscape, it
>> seems odd that we would be putting forth a method that is not
secured?
>> Does this rely on transport for security?
>
> Yes, securing the JWS message with TLS for instance, as Mike just
> pointed
> out in the his response.
>
> JWT-encoded ID tokens in OpenID Connect is one such example, but
only
> when
> the token is returned from the OAuth 2.0 token endpoint where TLS is
> mandatory, clients can then register to receive plaintext ID tokens:
>
> http://openid.net/specs/openid-connect-core-1_0.html#IDToken
>
>
> There is a section in the JWA spec to instruct developers of the
various
> security
> considerations regarding use of "none" alg JWS:
>
>
http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-25#section-8.5
>
>
> Vladimir
>
>
>
>> On Thu, Apr 17, 2014 at 12:57 PM, Vladimir Dzhuvinov <
>> [email protected] <mailto:[email protected]>> wrote:
>>
>> > Hi Kathleen,
>> >
>> >
>> > > Section 3.6 - Can you explain why would this be included?
If you are
>> > not going to sign, I am not sure why one would use JOSE at all.
>> > >
>> >
>> > Perhaps the most popular application of JWS today is to
construct JSON
>> > Web Tokens (JWT), such as the ID tokens in OpenID Connect.
The JWT spec
>> > permits plain tokens that don't have a signature and this is
enabled by
>> > the special case "none" alg in JWS.
>> >
>> > Plaintext JWTs are explained here:
>> >
>> >
http://tools.ietf.org/html/draft-ietf-oauth-json-web-token-19#section-6
>> >
>> >
>> > Vladimir
>> >
>> >
>>
>>
>> --
>>
>> Best regards,
>> Kathleen
--
Best regards,
Kathleen
_______________________________________________
jose mailing list
[email protected] <mailto:[email protected]>
https://www.ietf.org/mailman/listinfo/jose
_______________________________________________
jose mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/jose
_______________________________________________
jose mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/jose
