I agree with your sentiment. We could add this language to try to discourage
multiple unrelated uses:
Multiple unrelated uses SHOULD NOT be specified for a key because of the
potential vulnerabilities associated with using the same key with multiple
algorithms. So the combinations "sign" with "verify", "encrypt" with
"decrypt", and "wrap" with "unwrap" are permitted, but other combinations
SHOULD NOT be used.
The rub is that WebCrypto apparently isn't enforcing this restriction, so we
need to provide them syntax to express even the nonsensical combinations -
hence the use of SHOULD rather than MUST above.
-- Mike
From: jose [mailto:[email protected]] On Behalf Of John Bradley
Sent: Tuesday, December 24, 2013 4:28 PM
To: Mike Jones
Cc: [email protected]
Subject: Re: [jose] Two proposed JOSE spec actions to more closely coordinate
with WebCrypto
Having it be an array encourages multiple uses for the same key. I have stated
many times that encouraging people to do that is not a good idea, and making it
easy makes people think it is a good idea.
You can use the single value field and have multiple entries with different key
containing the same or different keys to do the same thing.
On the practical side "use_details" is better than creating crazy dot separated
como uses.
John B.
On Dec 24, 2013, at 8:26 PM, Mike Jones
<[email protected]<mailto:[email protected]>> wrote:
Hi all,
Having reflected upon discussions among WebCrypto and JOSE participants about
JWK usage by WebCrypto over the holidays, I'd like to propose the two JOSE spec
actions to more closely coordinate with WebCrypto:
1. Change the JWA registry field name from "Implementation Requirements" to
"JOSE Implementation Requirements" in the JSON Web Signature and Encryption
Algorithms Registry
(http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-18#section-7.1).
This will make it clearer that the Implementation Requirements apply only to
JWS and JWE implementations - and not other uses of JWK (such as WebCrypto).
This changes only non-normative text and is non-breaking.
2. Define the new JWK field "use_details" for recording intended fine-grained
key usage information. This would enable WebCrypto KeyUsage
(https://dvcs.w3.org/hg/webcrypto-api/raw-file/tip/spec/Overview.html#key-interface)
values to be used directly with JWK. The proposed definition is:
3.3. "use_details" (Key Use Details) Parameter
The "use_details" (key use details) member identifies fine-grained
details the intended use of the key. Its value is an array of
key use details values. Values defined by this specification are:
o "sign" (compute signature or MAC)
o "verify" (verify signature or MAC)
o "encrypt" (encrypt content)
o "decrypt" (decrypt content and verify decryption, if applicable)
o "wrap" (encrypt key)
o "unwrap" (decrypt key and verify decryption, if applicable)
o "deriveKey" (derive key)
o "deriveBits" (derive bits not to be used as a key)
Other values MAY be used. Key Use Details values can be registered
in the IANA JSON Web Key Use Details registry defined in Section 7.3.
The use details values are case-sensitive strings.
Duplicate use details values MUST NOT be present in the array.
Use of the "use_details" member is OPTIONAL, unless the application
requires use this member to record fine-grained key usage details.
(Note that the "use_details" values intentionally match the "KeyUsage"
values defined in the WebCrypto [WebCrypto] specification.)
If both "use" and "use_details" JWK members are present, the usages
specified by them MUST be consistent. In particular, the "use" value
"sig" corresponds to "sign" and/or "verify". The "use" value
"enc" corresponds to all other values defined above.
If "use_details" values corresponding to both "sig" and "enc"
"use" values are present, the "use" member SHOULD NOT be present,
and if present, its value MUST NOT be either "sig" or "enc".
This is a non-breaking change - allowing simple applications that want to
distinguish between signing and encryption operations to continue doing so as
they do today, while also providing a multi-valued key usage details field to
be used by applications that want to record fine-grained distinctions among
potential key usages, including distinguishing between producer and consumer
operations.
As I see it, while having two related key usage representations isn't ideal,
it's far better than having WebCrypto overload "use" with multi-valued values
encoded in strings, such as "signOnly,verifyOnly", which I believe is their
current plan of record.
Comments?
-- Mike
P.S. This proposal was already discussed on the WebCrypto list in the thread
http://lists.w3.org/Archives/Public/public-webcrypto/2013Dec/0052.html and no
objections were raised there that I'm aware of.
_______________________________________________
jose mailing list
[email protected]<mailto:[email protected]>
https://www.ietf.org/mailman/listinfo/jose
_______________________________________________
jose mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/jose
