On Thu, Jan 04, 2018 at 12:07:34AM +0100, Jörn Heissler wrote: > Hello and happy new Year! > > I've found an inaccuracy in the ACME specs. > > https://tools.ietf.org/html/rfc7515#section-7 states: > > Applications using this specification need to specify what serialization > and serialization features are used for that application. > > Although this is neither a "SHOULD" nor a "MUST", I think ACME should specify > which serialization formats need to be supported by server implementations. > > RFC7515 defines four serialization formats: > > * JWS Compact Serialization > * General JWS JSON Serialization Syntax > * One signature only > * Multiple signatures > * Flattened JWS JSON Serialization Syntax > > https://ietf-wg-acme.github.io/acme/draft-ietf-acme-acme.html#rfc.section.6.2 > states: > > In the examples below, JWS objects are shown in the JSON or > flattened JSON serialization > > All examples in the ACME specification use only the flattened serialization. > Depending on the clarification above, this might need to be amended too. > > Best regards > Jörn Heissler
I am the author of a JOSE library, and have had to deal with interoperability issues arising from the multiple serialisations and underspecified applications/protocols. Please heed my advice. Where there is a choice of JSON serialisation (i.e. exactly one signature), JOSE does not require or recommend a particular serialisation be used. Not does the specification require or recommend that there be a mechanism for telling a library what JSON serialisation to use. The outcome of this is that there are: - implementations that unconditionally produce the General JSON serialisation - implementations that unconditionally produce the Flattened JSON serialisation (and do not support multiple signatures at all) - implementations that produce the Flattened serialisation when there is a single signature, and the General JSON serialisation otherwise Therefore for interoperability and to avoid situations where a conforming JOSE library cannot be used for ACME, I suggest that ACME adopt the following regime: - Conforming ACME implementations MUST process JWS objects using the Flattened JWS JSON Serialization and SHOULD process JWS objects using the General JWS JSON Serialization. - Conforming ACME implementations MAY refuse to process JWS objects with multiple signatures. If an implementation accepts multiple-signature JWS objects, it MUST validate at least one signature using the account's public key. Cheers, Fraser
signature.asc
Description: PGP signature
_______________________________________________ Acme mailing list [email protected] https://www.ietf.org/mailman/listinfo/acme
