Thanks for the initial feedback. I'm not following at the moment how any
of these attacks can affect it. Perhaps I'll need to work on making it
more obvious how it is all implemented.
It is simply a concrete implementation of JWS with Detached Content.
The content is written out and by the time it's finished the JWS payload
will be finished and will accompany this content.
On the receiving end the verification provider will be instantiated
(with the proper care, example, the server will not support the dynamic
verification provider selection process - i.e - will be expected to
process only RSA or HMAC etc signatures). Once this provider is
available it will then get all the data which is being read passing
through the verification process and finally compare the signatures
Cheers, Sergey
On 12/05/17 16:52, Ilari Liusvaara wrote:
On Fri, May 12, 2017 at 01:59:21PM +0100, Sergey Beryozkin wrote:
Hi All,
I've experimented in our project with having HTTP attachment parts protected
using JWS with Detached Content and Unencoded Payload options [1].
This approach appears to be quite effective to me. It also appears to me
that the data as shown in the example at [1], can, in principle, be produced
and processed by any HTTP stack that can work with multiparts, assuming a
JOSE library supporting the detached and unencoded content is also
available.
I'd appreciate if the experts could comment on 1) do you see some weaknesses
in the proposed approach and 2) can someone see a point in drafting some
text around it (I can contribute if it is of interest) ?
It look from the text that the implementation can produce output before
the entiere signature (or tag in case of encryption) has been verified.
This is very dangerous if so.
Then there are the standard attacks against JOSE (the JOSE library must
not be vulernable to these):
- The JWS HMAC versus signature confusion
- The JWE ECDH-ES invalid curve attack.
-Ilari
_______________________________________________
jose mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/jose
