[jose] Re: Review of draft-ietf-jose-deprecate-none-rsa15-02

[Michael Jones]

The current description of “none” at 
https://www.ietf.org/archive/id/draft-ietf-jose-deprecate-none-rsa15-03.html#name-the-none-algorithm
 is not evenhanded.  It lists 9 cases where defective implementations or 
deployments caused problems but fails to list the 2 legitimate and safe uses of 
“none” that I provided in my review.  The document will not be ready for 
working group last call until this is addressed.

Neil, please add this or similar text that section so that the legitimate uses 
are called out for readers, providing a balanced treatment of the subject:
One of the legitimate use cases for Unsecured JWSs is OpenID Connect ID Tokens 
secured by sending them over a TLS connection, as described in Section 2 of 
[OpenID.Core].  Another legitimate use is unsigned request objects, as 
described in Section 6.1 of [OpenID.Core].
That, or consider deleting all the references to the illegitimate uses.

                                                                Thank you,
                                                                -- Mike

From: Neil Madden <neil.e.mad...@runbox.eu>
Sent: Friday, September 19, 2025 2:19 AM
To: Brian Campbell <bcampb...@pingidentity.com>; jose@ietf.org
Cc: Michael Jones <michael_b_jo...@hotmail.com>; Neil Madden 
<neil.e.mad...@runbox.eu>
Subject: Re: [jose] Review of draft-ietf-jose-deprecate-none-rsa15-02

I’ve published a new draft -03 that addresses Mike’s review comments, except 
for adjusting the text around “none” as per the feedback on the list that the 
current text is fine.

Chairs - I believe this is ready for WGLC now.

Name:     draft-ietf-jose-deprecate-none-rsa15
Revision: 03
Title:    JOSE: Deprecate 'none' and 'RSA1_5'
Date:     2025-09-19
Group:    jose
Pages:    7
URL:      
https://www.ietf.org/archive/id/draft-ietf-jose-deprecate-none-rsa15-03.txt
Status:   https://datatracker.ietf.org/doc/draft-ietf-jose-deprecate-none-rsa15/
HTML:     
https://www.ietf.org/archive/id/draft-ietf-jose-deprecate-none-rsa15-03.html
HTMLized: 
https://datatracker.ietf.org/doc/html/draft-ietf-jose-deprecate-none-rsa15
Diff:     
https://author-tools.ietf.org/iddiff?url2=draft-ietf-jose-deprecate-none-rsa15-03

Cheers,

Neil


On 31 Jul 2025, at 14:00, Brian Campbell 
<bcampb...@pingidentity.com<mailto:bcampb...@pingidentity.com>> wrote:

That link 
https://www.ietf.org/archive/id/draft-ietf-jose-deprecate-none-rsa15-02.html#section-1.1-4
 points to the last paragraph of section 1.1. The 'none' 
algorithm<https://www.ietf.org/archive/id/draft-ietf-jose-deprecate-none-rsa15-02.html#name-the-none-algorithm>
 that has the text:

'Although there are some legitimate use-cases for Unsecured JWS, these are 
relatively few in number and can easily be satisfied by alternative means. The 
small risk of breaking some of these use-cases is far outweighed by the 
improvement in security for the majority of JWS users who may be impacted by 
accidental acceptance of the "none" algorithm.'

Which is the text I'm suggesting already provides pretty good and even-handed 
treatment of the topic and shouldn't be changed.


On Wed, Jul 30, 2025 at 1:30 PM Michael Jones 
<michael_b_jo...@hotmail.com<mailto:michael_b_jo...@hotmail.com>> wrote:
The use cases that I’m asking to have added for reference are about “alg”: 
“none”, so readers will know why it exists and how it is used – not “RSA1_5”.  
I agree with Brian that the text describing “RSA1_5” is already fine.

                                                                -- Mike

From: Brian Campbell 
<bcampb...@pingidentity.com<mailto:bcampb...@pingidentity.com>>
Sent: Wednesday, July 30, 2025 11:02 AM
To: Neil Madden <neil.e.mad...@runbox.eu<mailto:neil.e.mad...@runbox.eu>>
Cc: Michael Jones 
<michael_b_jo...@hotmail.com<mailto:michael_b_jo...@hotmail.com>>; 
jose@ietf.org<mailto:jose@ietf.org>; 
neil.e.mad...@gmail.com<mailto:neil.e.mad...@gmail.com>
Subject: Re: [jose] Re: Review of draft-ietf-jose-deprecate-none-rsa15-02


On Wed, Jul 30, 2025 at 2:53 AM Neil Madden 
<neil.e.mad...@runbox.eu<mailto:neil.e.mad...@runbox.eu>> wrote:
1.1. 
<https://www.ietf.org/archive/id/draft-ietf-jose-deprecate-none-rsa15-02.html#section-1.1>
 The 'none' 
algorithm<https://www.ietf.org/archive/id/draft-ietf-jose-deprecate-none-rsa15-02.html#name-the-none-algorithm>:
 After the sentence beginning “Although there are some legitimate use-cases for 
Unsecured JWS”, I suggest adding this text:
One of the legitimate use cases for Unsecured JWSs is OpenID Connect ID Tokens 
secured by sending them over a TLS connection, as described in Section 2 of 
[OpenID.Core].  Another legitimate use is unsigned request objects, as 
described in Section 6.1 of [OpenID.Core].

I’m open to adding something along these lines. I’ll raise a PR.

I thought the text in 
https://www.ietf.org/archive/id/draft-ietf-jose-deprecate-none-rsa15-02.html#section-1.1-4
 provies pretty good and even-handed treatment as is. I think it'd be a mistake 
to list specific cases in the text here.


CONFIDENTIALITY NOTICE: This email may contain confidential and privileged 
material for the sole use of the intended recipient(s). Any review, use, 
distribution or disclosure by others is strictly prohibited.  If you have 
received this communication in error, please notify the sender immediately by 
e-mail and delete the message and any file attachments from your computer. 
Thank you.

CONFIDENTIALITY NOTICE: This email may contain confidential and privileged 
material for the sole use of the intended recipient(s). Any review, use, 
distribution or disclosure by others is strictly prohibited.  If you have 
received this communication in error, please notify the sender immediately by 
e-mail and delete the message and any file attachments from your computer. 
Thank you.


_______________________________________________
jose mailing list -- jose@ietf.org
To unsubscribe send an email to jose-le...@ietf.org