| draft-ietf-ace-cbor-web-token-06.txt | draft-ietf-ace-cbor-web-token-07.txt | |||
|---|---|---|---|---|
| skipping to change at page 1, line 14 ¶ | skipping to change at page 1, line 14 ¶ | |||
| Internet-Draft Microsoft | Internet-Draft Microsoft | |||
| Intended status: Standards Track E. Wahlstroem | Intended status: Standards Track E. Wahlstroem | |||
| Expires: December 31, 2017 | Expires: December 31, 2017 | |||
| S. Erdtman | S. Erdtman | |||
| Spotify AB | Spotify AB | |||
| H. Tschofenig | H. Tschofenig | |||
| ARM Ltd. | ARM Ltd. | |||
| June 29, 2017 | June 29, 2017 | |||
| CBOR Web Token (CWT) | CBOR Web Token (CWT) | |||
| draft-ietf-ace-cbor-web-token-06 | draft-ietf-ace-cbor-web-token-07 | |||
| Abstract | Abstract | |||
| CBOR Web Token (CWT) is a compact means of representing claims to be | CBOR Web Token (CWT) is a compact means of representing claims to be | |||
| transferred between two parties. The claims in a CWT are encoded in | transferred between two parties. The claims in a CWT are encoded in | |||
| the Concise Binary Object Representation (CBOR) and CBOR Object | the Concise Binary Object Representation (CBOR) and CBOR Object | |||
| Signing and Encryption (COSE) is used for added application layer | Signing and Encryption (COSE) is used for added application layer | |||
| security protection. A claim is a piece of information asserted | security protection. A claim is a piece of information asserted | |||
| about a subject and is represented as a name/value pair consisting of | about a subject and is represented as a name/value pair consisting of | |||
| a claim name and a claim value. CWT is derived from JSON Web Token | a claim name and a claim value. CWT is derived from JSON Web Token | |||
| skipping to change at page 3, line 13 ¶ | skipping to change at page 3, line 13 ¶ | |||
| A.2.1. 128-bit Symmetric Key as Hex Encoded String . . . . . 16 | A.2.1. 128-bit Symmetric Key as Hex Encoded String . . . . . 16 | |||
| A.2.2. 256-bit Symmetric Key as Hex Encoded String . . . . . 16 | A.2.2. 256-bit Symmetric Key as Hex Encoded String . . . . . 16 | |||
| A.2.3. ECDSA P-256 256-bit COSE Key . . . . . . . . . . . . 16 | A.2.3. ECDSA P-256 256-bit COSE Key . . . . . . . . . . . . 16 | |||
| A.3. Example Signed CWT . . . . . . . . . . . . . . . . . . . 17 | A.3. Example Signed CWT . . . . . . . . . . . . . . . . . . . 17 | |||
| A.4. Example MACed CWT . . . . . . . . . . . . . . . . . . . . 18 | A.4. Example MACed CWT . . . . . . . . . . . . . . . . . . . . 18 | |||
| A.5. Example Encrypted CWT . . . . . . . . . . . . . . . . . . 19 | A.5. Example Encrypted CWT . . . . . . . . . . . . . . . . . . 19 | |||
| A.6. Example Nested CWT . . . . . . . . . . . . . . . . . . . 20 | A.6. Example Nested CWT . . . . . . . . . . . . . . . . . . . 20 | |||
| A.7. Example MACed CWT with a floating-point value . . . . . . 21 | A.7. Example MACed CWT with a floating-point value . . . . . . 21 | |||
| Appendix B. Acknowledgements . . . . . . . . . . . . . . . . . . 22 | Appendix B. Acknowledgements . . . . . . . . . . . . . . . . . . 22 | |||
| Appendix C. Document History . . . . . . . . . . . . . . . . . . 22 | Appendix C. Document History . . . . . . . . . . . . . . . . . . 22 | |||
| Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 23 | Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 24 | |||
| 1. Introduction | 1. Introduction | |||
| The JSON Web Token (JWT) [RFC7519] is a standardized security token | The JSON Web Token (JWT) [RFC7519] is a standardized security token | |||
| format that has found use in OAuth 2.0 and OpenID Connect | format that has found use in OAuth 2.0 and OpenID Connect | |||
| deployments, among other applications. JWT uses JSON Web Signature | deployments, among other applications. JWT uses JSON Web Signature | |||
| (JWS) [RFC7515] and JSON Web Encryption (JWE) [RFC7516] to secure the | (JWS) [RFC7515] and JSON Web Encryption (JWE) [RFC7516] to secure the | |||
| contents of the JWT, which is a set of claims represented in JSON. | contents of the JWT, which is a set of claims represented in JSON. | |||
| The use of JSON for encoding information is popular for Web and | The use of JSON for encoding information is popular for Web and | |||
| native applications, but it is considered inefficient for some | native applications, but it is considered inefficient for some | |||
| skipping to change at page 17, line 7 ¶ | skipping to change at page 17, line 7 ¶ | |||
| a622582060f7f1a780d8a783bfb7a2dd6b2796e8128dbbcef9d3d168db952997 | a622582060f7f1a780d8a783bfb7a2dd6b2796e8128dbbcef9d3d168db952997 | |||
| 1a36e7b92358206c1382765aec5358f117733d281c1c7bdc39884d04a45a1e6c | 1a36e7b92358206c1382765aec5358f117733d281c1c7bdc39884d04a45a1e6c | |||
| 67c858bc206c1903260102215820143329cce7868e416927599cf65a34f3ce2f | 67c858bc206c1903260102215820143329cce7868e416927599cf65a34f3ce2f | |||
| fda55a7eca69ed8919a394d42f0f2001 | fda55a7eca69ed8919a394d42f0f2001 | |||
| Figure 5: ECDSA 256-bit COSE Key as hex string | Figure 5: ECDSA 256-bit COSE Key as hex string | |||
| { | { | |||
| / d / -4: h'6c1382765aec5358f117733d281c1c7bdc39884d04a45a1e | / d / -4: h'6c1382765aec5358f117733d281c1c7bdc39884d04a45a1e | |||
| 6c67c858bc206c19', | 6c67c858bc206c19', | |||
| / y / -3: h'60f7f1a780d8a783bfb7a2dd6b2796e8128dbbcef9d3d168 | / y / -3: h'60f7f1a780d8a783bfb7a2dd6b2796e8128dbbcef9d3d168 | |||
| db9529971a36e7b9', | db9529971a36e7b9', | |||
| / x / -2: h'143329cce7868e416927599cf65a34f3ce2ffda55a7eca69 | / x / -2: h'143329cce7868e416927599cf65a34f3ce2ffda55a7eca69 | |||
| ed8919a394d42f0f', | ed8919a394d42f0f', | |||
| / crv / -1: 1 / P-256 / , | / crv / -1: 1 / P-256 / , | |||
| / kty / 1: 2 / EC2 / , | / kty / 1: 2 / EC2 / , | |||
| / alg / 3: -7 / ECDSA 256 / | / alg / 3: -7 / ECDSA 256 / | |||
| } | } | |||
| Figure 6: ECDSA 256-bit COSE Key in CBOR diagnostic notation | Figure 6: ECDSA 256-bit COSE Key in CBOR diagnostic notation | |||
| A.3. Example Signed CWT | A.3. Example Signed CWT | |||
| This section shows a signed CWT with a single recipient and a full | This section shows a signed CWT with a single recipient and a full | |||
| CWT Claims Set. | CWT Claims Set. | |||
| The signature is generated using the private key listed in | The signature is generated using the private key listed in | |||
| Appendix A.2.3 and it can be validated using the public key from | Appendix A.2.3 and it can be validated using the public key from | |||
| Appendix A.2.3. Line breaks are for display purposes only. | Appendix A.2.3. Line breaks are for display purposes only. | |||
| d28443a10126a05850a70175636f61703a2f2f61732e6578616d706c652e636f6 | d28443a10126a05850a70175636f61703a2f2f61732e6578616d706c652e636f6 | |||
| d02656572696b77037818636f61703a2f2f6c696768742e6578616d706c652e63 | d02656572696b77037818636f61703a2f2f6c696768742e6578616d706c652e63 | |||
| 6f6d041a5612aeb0051a5610d9f0061a5610d9f007420b715840b9b2821b6b2c2 | 6f6d041a5612aeb0051a5610d9f0061a5610d9f007420b7158405427c1ff28d23 | |||
| f9d1d984b11854dcfcee1f219746800ce76112c21f58c45dea1d7f01cec1ab394 | fbad1f29c4c7c6a555e601d6fa29f9179bc3d7438bacaca5acd08c8d4d4f96131 | |||
| 0f75c459305365210a23a9ed463b4f6fc984c2f1c08e504d90 | 680c429a01f85951ecee743a52b9b63632c57209120e1c9e30 | |||
| Figure 7: Signed CWT as hex string | Figure 7: Signed CWT as hex string | |||
| 18( | 18( | |||
| [ | [ | |||
| / protected / h'a10126' / { | / protected / h'a10126' / { | |||
| / alg / 1: -7 / ECDSA 256 / | / alg / 1: -7 / ECDSA 256 / | |||
| } / , | } / , | |||
| / unprotected / {}, | / unprotected / {}, | |||
| / payload / h'a70175636f61703a2f2f61732e6578616d706c652e63 | / payload / h'a70175636f61703a2f2f61732e6578616d706c652e63 | |||
| 6f6d02656572696b77037818636f61703a2f2f6c6967 | 6f6d02656572696b77037818636f61703a2f2f6c6967 | |||
| 68742e6578616d706c652e636f6d041a5612aeb0051a | 68742e6578616d706c652e636f6d041a5612aeb0051a | |||
| 5610d9f0061a5610d9f007420b71' / { | 5610d9f0061a5610d9f007420b71' / { | |||
| / iss / 1: "coap://as.example.com", | / iss / 1: "coap://as.example.com", | |||
| / sub / 2: "erikw", | / sub / 2: "erikw", | |||
| / aud / 3: "coap://light.example.com", | / aud / 3: "coap://light.example.com", | |||
| / exp / 4: 1444064944, | / exp / 4: 1444064944, | |||
| / nbf / 5: 1443944944, | / nbf / 5: 1443944944, | |||
| / iat / 6: 1443944944, | / iat / 6: 1443944944, | |||
| / cti / 7: h'0b71' | / cti / 7: h'0b71' | |||
| } / , | } / , | |||
| / signature / h'b9b2821b6b2c2f9d1d984b11854dcfcee1f2197468 | / signature / h'5427c1ff28d23fbad1f29c4c7c6a555e601d6fa29f | |||
| 00ce76112c21f58c45dea1d7f01cec1ab3940f75c4 | 9179bc3d7438bacaca5acd08c8d4d4f96131680c42 | |||
| 59305365210a23a9ed463b4f6fc984c2f1c08e504d | 9a01f85951ecee743a52b9b63632c57209120e1c9e | |||
| 90' | 30' | |||
| ] | ] | |||
| ) | ) | |||
| Figure 8: Signed CWT in CBOR diagnostic notation | Figure 8: Signed CWT in CBOR diagnostic notation | |||
| A.4. Example MACed CWT | A.4. Example MACed CWT | |||
| This section shows a MACed CWT with a single recipient, a full CWT | This section shows a MACed CWT with a single recipient, a full CWT | |||
| Claims Set, and a CWT tag. | Claims Set, and a CWT tag. | |||
| skipping to change at page 19, line 13 ¶ | skipping to change at page 19, line 13 ¶ | |||
| Figure 9: MACed CWT with CWT tag as hex string | Figure 9: MACed CWT with CWT tag as hex string | |||
| 61( | 61( | |||
| 17( | 17( | |||
| [ | [ | |||
| / protected / h'a10104' / { | / protected / h'a10104' / { | |||
| / alg / 1: 4 / HMAC 256/64 / | / alg / 1: 4 / HMAC 256/64 / | |||
| } / , | } / , | |||
| / unprotected / {}, | / unprotected / {}, | |||
| / payload / h'a70175636f61703a2f2f61732e6578616d706c652e636f | / payload / h'a70175636f61703a2f2f61732e6578616d706c652e636f | |||
| 6d02656572696b77037818636f61703a2f2f6c69676874 | 6d02656572696b77037818636f61703a2f2f6c69676874 | |||
| 2e6578616d706c652e636f6d041a5612aeb0051a5610d9 | 2e6578616d706c652e636f6d041a5612aeb0051a5610d9 | |||
| f0061a5610d9f007420b71' / { | f0061a5610d9f007420b71' / { | |||
| / iss / 1: "coap://as.example.com", | / iss / 1: "coap://as.example.com", | |||
| / sub / 2: "erikw", | / sub / 2: "erikw", | |||
| / aud / 3: "coap://light.example.com", | / aud / 3: "coap://light.example.com", | |||
| / exp / 4: 1444064944, | / exp / 4: 1444064944, | |||
| / nbf / 5: 1443944944, | / nbf / 5: 1443944944, | |||
| / iat / 6: 1443944944, | / iat / 6: 1443944944, | |||
| / cti / 7: h'0b71' | / cti / 7: h'0b71' | |||
| } / , | } / , | |||
| / tag / h'093101ef6d789200' | / tag / h'093101ef6d789200' | |||
| ] | ] | |||
| skipping to change at page 19, line 40 ¶ | skipping to change at page 19, line 40 ¶ | |||
| A.5. Example Encrypted CWT | A.5. Example Encrypted CWT | |||
| This section shows an encrypted CWT with a single recipient and a | This section shows an encrypted CWT with a single recipient and a | |||
| full CWT Claims Set. | full CWT Claims Set. | |||
| The encryption is done with AES-CCM mode using the 128-bit symmetric | The encryption is done with AES-CCM mode using the 128-bit symmetric | |||
| key from Appendix A.2.1 with a 64-bit tag and 13-byte nonce, i.e., | key from Appendix A.2.1 with a 64-bit tag and 13-byte nonce, i.e., | |||
| COSE AES-CCM-16-64-128. Line breaks are for display purposes only. | COSE AES-CCM-16-64-128. Line breaks are for display purposes only. | |||
| d08343a1010aa1054d3d9624bfb90a612bdcfc5077c45858e06d4b57cf3b3c9d | d08343a1010aa1054d99a0d7846e762c49ffe8a63e0b5858b918a11fd81e438b | |||
| a3a16325dadcb9d2a0748f00ecd728f4b79030b56a292ee9cc8cc75349c120fc | 7f973d9e2e119bcb22424ba0f38a80f27562f400ee1d0d6c0fdb559c02421fd3 | |||
| 1ba5d67ee29affde28df75a20f344812453ff68270ad5f46295660558168e1d1 | 84fc2ebe22d7071378b0ea7428fff157444d45f7e6afcda1aae5f6495830c586 | |||
| 85cb308226cdad0a50417dcd4a8d4b47 | 27087fc5b4974f319a8707a635dd643b | |||
| Figure 11: Encrypted CWT as hex string | Figure 11: Encrypted CWT as hex string | |||
| 16( | 16( | |||
| [ | [ | |||
| / protected / h'a1010a' / { | / protected / h'a1010a' / { | |||
| / alg / 1: 10 / AES-CCM-16-64-128 / | / alg / 1: 10 / AES-CCM-16-64-128 / | |||
| } /, | } /, | |||
| / unprotected / { | / unprotected / { | |||
| / iv / 5: h'3d9624bfb90a612bdcfc5077c4' | / iv / 5: h'99a0d7846e762c49ffe8a63e0b' | |||
| }, | }, | |||
| / ciphertext / h'e06d4b57cf3b3c9da3a16325dadcb9d2a0748f00ecd | / ciphertext / h'b918a11fd81e438b7f973d9e2e119bcb22424ba0f38 | |||
| 728f4b79030b56a292ee9cc8cc75349c120fc1ba5d6 | a80f27562f400ee1d0d6c0fdb559c02421fd384fc2e | |||
| 7ee29affde28df75a20f344812453ff68270ad5f462 | be22d7071378b0ea7428fff157444d45f7e6afcda1a | |||
| 95660558168e1d185cb308226cdad0a50417dcd4a8d | ae5f6495830c58627087fc5b4974f319a8707a635dd | |||
| 4b47' | 643b' | |||
| ] | ] | |||
| ) | ) | |||
| Figure 12: Encrypted CWT in CBOR diagnostic notation | Figure 12: Encrypted CWT in CBOR diagnostic notation | |||
| A.6. Example Nested CWT | A.6. Example Nested CWT | |||
| This section shows a Nested CWT, signed and then encrypted, with a | This section shows a Nested CWT, signed and then encrypted, with a | |||
| single recipient and a full CWT Claims Set. | single recipient and a full CWT Claims Set. | |||
| skipping to change at page 20, line 40 ¶ | skipping to change at page 20, line 40 ¶ | |||
| from Appendix A.2.3. The encryption is done with AES-CCM mode using | from Appendix A.2.3. The encryption is done with AES-CCM mode using | |||
| the 128-bit symmetric key from Appendix A.2.1 with a 64-bit tag and | the 128-bit symmetric key from Appendix A.2.1 with a 64-bit tag and | |||
| 13-byte nonce, i.e., COSE AES-CCM-16-64-128. The content type is set | 13-byte nonce, i.e., COSE AES-CCM-16-64-128. The content type is set | |||
| to CWT to indicate that there are multiple layers of COSE protection | to CWT to indicate that there are multiple layers of COSE protection | |||
| before finding the CWT Claims Set. The decrypted ciphertext will be a | before finding the CWT Claims Set. The decrypted ciphertext will be a | |||
| COSE_sign1 structure. In this example, it is the same one as in | COSE_sign1 structure. In this example, it is the same one as in | |||
| Appendix A.3, i.e., a Signed CWT Claims Set. Note that there is no | Appendix A.3, i.e., a Signed CWT Claims Set. Note that there is no | |||
| limitation to the number of layers; this is an example with two | limitation to the number of layers; this is an example with two | |||
| layers. Line breaks are for display purposes only. | layers. Line breaks are for display purposes only. | |||
| d08343a1010aa1054dd3bdeeb4daaa50625a5b576cc458a3318af5c80a11e081 | d08343a1010aa1054d86bbd41cc32604396324b7f38058a372439fbff538aa7b | |||
| 91ca790b0793156451afc144e0f9f892679dff1d01cd52d7fe1e43ac8dabace0 | 601ebfb29454050a3c99fd13b27216d084556496c7355c4bb462510f8e0e8479 | |||
| f74af095f918197da1550a76d59c2a89db6331e12451fc87fef56f2ff179fb33 | dbe08722d620e96bcb7764d75140d96220f062679b46b897e7abe0c325dc2c96 | |||
| d6132ca34eb7fa8de0960d5f02a2b625792ccc8e5b3d59c0bede9d7438dc5c4f | d8bb2c8334e3b92a42c0078983e753c054e647ad5387ed149f802f52b5a95ebf | |||
| e0c403c8fc32e874fbb7516c52edddfc09d4444a762dcd0cd486895131c343ae | 5f153c4fd64854ab7531e082b7f22721f939d257c94f8bc248e1d9cf04f9dd4e | |||
| 040620cdd4448c6ce0b7803022ff3d7877a83c345c05a57b36105a | 5de7ab62df37842fabec230a657d4abf7162bc786345ebb8eb3af0 | |||
| Figure 13: Signed and Encrypted CWT as hex string | Figure 13: Signed and Encrypted CWT as hex string | |||
| 16( | 16( | |||
| [ | [ | |||
| / protected / h'a203183d010a' / { | / protected / h'a203183d010a' / { | |||
| / alg / 1: 10 / AES-CCM-16-64-128 / | / alg / 1: 10 / AES-CCM-16-64-128 / | |||
| } / , | } / , | |||
| / unprotected / { | / unprotected / { | |||
| / iv / 5: h'd3bdeeb4daaa50625a5b576cc4' | / iv / 5: h'86bbd41cc32604396324b7f380' | |||
| }, | }, | |||
| / ciphertext / h'318af5c80a11e08191ca790b0793156451afc144e0f | / ciphertext / h'72439fbff538aa7b601ebfb29454050a3c99fd13b27 | |||
| 9f892679dff1d01cd52d7fe1e43ac8dabace0f74af0 | 216d084556496c7355c4bb462510f8e0e8479dbe087 | |||
| 95f918197da1550a76d59c2a89db6331e12451fc87f | 22d620e96bcb7764d75140d96220f062679b46b897e | |||
| ef56f2ff179fb33d6132ca34eb7fa8de0960d5f02a2 | 7abe0c325dc2c96d8bb2c8334e3b92a42c0078983e7 | |||
| b625792ccc8e5b3d59c0bede9d7438dc5c4fe0c403c | 53c054e647ad5387ed149f802f52b5a95ebf5f153c4 | |||
| 8fc32e874fbb7516c52edddfc09d4444a762dcd0cd4 | fd64854ab7531e082b7f22721f939d257c94f8bc248 | |||
| 86895131c343ae040620cdd4448c6ce0b7803022ff3 | e1d9cf04f9dd4e5de7ab62df37842fabec230a657d4 | |||
| d7877a83c345c05a57b36105a' | abf7162bc786345ebb8eb3af0' | |||
| ] | ] | |||
| ) | ) | |||
| Figure 14: Signed and Encrypted CWT in CBOR diagnostic notation | Figure 14: Signed and Encrypted CWT in CBOR diagnostic notation | |||
| A.7. Example MACed CWT with a floating-point value | A.7. Example MACed CWT with a floating-point value | |||
| This section shows a MACed CWT with a single recipient and a simple | This section shows a MACed CWT with a single recipient and a simple | |||
| CWT Claims Set. The CWT Claims Set with a floating-point 'iat' value. | CWT Claims Set. The CWT Claims Set with a floating-point 'iat' value. | |||
| skipping to change at page 22, line 32 ¶ | skipping to change at page 22, line 32 ¶ | |||
| This specification is based on JSON Web Token (JWT) [RFC7519], the | This specification is based on JSON Web Token (JWT) [RFC7519], the | |||
| authors of which also include Nat Sakimura and John Bradley. It also | authors of which also include Nat Sakimura and John Bradley. It also | |||
| incorporates suggestions made by many people, notably Carsten | incorporates suggestions made by many people, notably Carsten | |||
| Bormann, Jim Schaad, Ludwig Seitz, and Goeran Selander. | Bormann, Jim Schaad, Ludwig Seitz, and Goeran Selander. | |||
| Appendix C. Document History | Appendix C. Document History | |||
| [[ to be removed by the RFC Editor before publication as an RFC ]] | [[ to be removed by the RFC Editor before publication as an RFC ]] | |||
| -07 | ||||
| o Updated examples for signing and encryption. Signatures are now | ||||
| deterministic as recommended by COSE specification. | ||||
| -06 | -06 | |||
| o Addressed review comments by Carsten Bormann and Jim Schaad. All | o Addressed review comments by Carsten Bormann and Jim Schaad. All | |||
| changes were editorial in nature. | changes were editorial in nature. | |||
| -05 | -05 | |||
| o Addressed working group last call comments with the following | o Addressed working group last call comments with the following | |||
| changes: | changes: | |||
| End of changes. 16 change blocks. | ||||
| 43 lines changed or deleted | 48 lines changed or added | |||
This html diff was produced by rfcdiff 1.45. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||