draft-ietf-ace-cbor-web-token-06.txt   draft-ietf-ace-cbor-web-token-07.txt 
skipping to change at page 1, line 14 skipping to change at page 1, line 14
Internet-Draft Microsoft Internet-Draft Microsoft
Intended status: Standards Track E. Wahlstroem Intended status: Standards Track E. Wahlstroem
Expires: December 31, 2017 Expires: December 31, 2017
S. Erdtman S. Erdtman
Spotify AB Spotify AB
H. Tschofenig H. Tschofenig
ARM Ltd. ARM Ltd.
June 29, 2017 June 29, 2017
CBOR Web Token (CWT) CBOR Web Token (CWT)
draft-ietf-ace-cbor-web-token-06 draft-ietf-ace-cbor-web-token-07
Abstract Abstract
CBOR Web Token (CWT) is a compact means of representing claims to be CBOR Web Token (CWT) is a compact means of representing claims to be
transferred between two parties. The claims in a CWT are encoded in transferred between two parties. The claims in a CWT are encoded in
the Concise Binary Object Representation (CBOR) and CBOR Object the Concise Binary Object Representation (CBOR) and CBOR Object
Signing and Encryption (COSE) is used for added application layer Signing and Encryption (COSE) is used for added application layer
security protection. A claim is a piece of information asserted security protection. A claim is a piece of information asserted
about a subject and is represented as a name/value pair consisting of about a subject and is represented as a name/value pair consisting of
a claim name and a claim value. CWT is derived from JSON Web Token a claim name and a claim value. CWT is derived from JSON Web Token
skipping to change at page 3, line 13 skipping to change at page 3, line 13
A.2.1. 128-bit Symmetric Key as Hex Encoded String . . . . . 16 A.2.1. 128-bit Symmetric Key as Hex Encoded String . . . . . 16
A.2.2. 256-bit Symmetric Key as Hex Encoded String . . . . . 16 A.2.2. 256-bit Symmetric Key as Hex Encoded String . . . . . 16
A.2.3. ECDSA P-256 256-bit COSE Key . . . . . . . . . . . . 16 A.2.3. ECDSA P-256 256-bit COSE Key . . . . . . . . . . . . 16
A.3. Example Signed CWT . . . . . . . . . . . . . . . . . . . 17 A.3. Example Signed CWT . . . . . . . . . . . . . . . . . . . 17
A.4. Example MACed CWT . . . . . . . . . . . . . . . . . . . . 18 A.4. Example MACed CWT . . . . . . . . . . . . . . . . . . . . 18
A.5. Example Encrypted CWT . . . . . . . . . . . . . . . . . . 19 A.5. Example Encrypted CWT . . . . . . . . . . . . . . . . . . 19
A.6. Example Nested CWT . . . . . . . . . . . . . . . . . . . 20 A.6. Example Nested CWT . . . . . . . . . . . . . . . . . . . 20
A.7. Example MACed CWT with a floating-point value . . . . . . 21 A.7. Example MACed CWT with a floating-point value . . . . . . 21
Appendix B. Acknowledgements . . . . . . . . . . . . . . . . . . 22 Appendix B. Acknowledgements . . . . . . . . . . . . . . . . . . 22
Appendix C. Document History . . . . . . . . . . . . . . . . . . 22 Appendix C. Document History . . . . . . . . . . . . . . . . . . 22
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 23 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 24
1. Introduction 1. Introduction
The JSON Web Token (JWT) [RFC7519] is a standardized security token The JSON Web Token (JWT) [RFC7519] is a standardized security token
format that has found use in OAuth 2.0 and OpenID Connect format that has found use in OAuth 2.0 and OpenID Connect
deployments, among other applications. JWT uses JSON Web Signature deployments, among other applications. JWT uses JSON Web Signature
(JWS) [RFC7515] and JSON Web Encryption (JWE) [RFC7516] to secure the (JWS) [RFC7515] and JSON Web Encryption (JWE) [RFC7516] to secure the
contents of the JWT, which is a set of claims represented in JSON. contents of the JWT, which is a set of claims represented in JSON.
The use of JSON for encoding information is popular for Web and The use of JSON for encoding information is popular for Web and
native applications, but it is considered inefficient for some native applications, but it is considered inefficient for some
skipping to change at page 17, line 7 skipping to change at page 17, line 7
a622582060f7f1a780d8a783bfb7a2dd6b2796e8128dbbcef9d3d168db952997 a622582060f7f1a780d8a783bfb7a2dd6b2796e8128dbbcef9d3d168db952997
1a36e7b92358206c1382765aec5358f117733d281c1c7bdc39884d04a45a1e6c 1a36e7b92358206c1382765aec5358f117733d281c1c7bdc39884d04a45a1e6c
67c858bc206c1903260102215820143329cce7868e416927599cf65a34f3ce2f 67c858bc206c1903260102215820143329cce7868e416927599cf65a34f3ce2f
fda55a7eca69ed8919a394d42f0f2001 fda55a7eca69ed8919a394d42f0f2001
Figure 5: ECDSA 256-bit COSE Key as hex string Figure 5: ECDSA 256-bit COSE Key as hex string
{ {
/ d / -4: h'6c1382765aec5358f117733d281c1c7bdc39884d04a45a1e / d / -4: h'6c1382765aec5358f117733d281c1c7bdc39884d04a45a1e
6c67c858bc206c19', 6c67c858bc206c19',
/ y / -3: h'60f7f1a780d8a783bfb7a2dd6b2796e8128dbbcef9d3d168 / y / -3: h'60f7f1a780d8a783bfb7a2dd6b2796e8128dbbcef9d3d168
db9529971a36e7b9', db9529971a36e7b9',
/ x / -2: h'143329cce7868e416927599cf65a34f3ce2ffda55a7eca69 / x / -2: h'143329cce7868e416927599cf65a34f3ce2ffda55a7eca69
ed8919a394d42f0f', ed8919a394d42f0f',
/ crv / -1: 1 / P-256 / , / crv / -1: 1 / P-256 / ,
/ kty / 1: 2 / EC2 / , / kty / 1: 2 / EC2 / ,
/ alg / 3: -7 / ECDSA 256 / / alg / 3: -7 / ECDSA 256 /
} }
Figure 6: ECDSA 256-bit COSE Key in CBOR diagnostic notation Figure 6: ECDSA 256-bit COSE Key in CBOR diagnostic notation
A.3. Example Signed CWT A.3. Example Signed CWT
This section shows a signed CWT with a single recipient and a full This section shows a signed CWT with a single recipient and a full
CWT Claims Set. CWT Claims Set.
The signature is generated using the private key listed in The signature is generated using the private key listed in
Appendix A.2.3 and it can be validated using the public key from Appendix A.2.3 and it can be validated using the public key from
Appendix A.2.3. Line breaks are for display purposes only. Appendix A.2.3. Line breaks are for display purposes only.
d28443a10126a05850a70175636f61703a2f2f61732e6578616d706c652e636f6 d28443a10126a05850a70175636f61703a2f2f61732e6578616d706c652e636f6
d02656572696b77037818636f61703a2f2f6c696768742e6578616d706c652e63 d02656572696b77037818636f61703a2f2f6c696768742e6578616d706c652e63
6f6d041a5612aeb0051a5610d9f0061a5610d9f007420b715840b9b2821b6b2c2 6f6d041a5612aeb0051a5610d9f0061a5610d9f007420b7158405427c1ff28d23
f9d1d984b11854dcfcee1f219746800ce76112c21f58c45dea1d7f01cec1ab394 fbad1f29c4c7c6a555e601d6fa29f9179bc3d7438bacaca5acd08c8d4d4f96131
0f75c459305365210a23a9ed463b4f6fc984c2f1c08e504d90 680c429a01f85951ecee743a52b9b63632c57209120e1c9e30
Figure 7: Signed CWT as hex string Figure 7: Signed CWT as hex string
18( 18(
[ [
/ protected / h'a10126' / { / protected / h'a10126' / {
/ alg / 1: -7 / ECDSA 256 / / alg / 1: -7 / ECDSA 256 /
} / , } / ,
/ unprotected / {}, / unprotected / {},
/ payload / h'a70175636f61703a2f2f61732e6578616d706c652e63 / payload / h'a70175636f61703a2f2f61732e6578616d706c652e63
6f6d02656572696b77037818636f61703a2f2f6c6967 6f6d02656572696b77037818636f61703a2f2f6c6967
68742e6578616d706c652e636f6d041a5612aeb0051a 68742e6578616d706c652e636f6d041a5612aeb0051a
5610d9f0061a5610d9f007420b71' / { 5610d9f0061a5610d9f007420b71' / {
/ iss / 1: "coap://as.example.com", / iss / 1: "coap://as.example.com",
/ sub / 2: "erikw", / sub / 2: "erikw",
/ aud / 3: "coap://light.example.com", / aud / 3: "coap://light.example.com",
/ exp / 4: 1444064944, / exp / 4: 1444064944,
/ nbf / 5: 1443944944, / nbf / 5: 1443944944,
/ iat / 6: 1443944944, / iat / 6: 1443944944,
/ cti / 7: h'0b71' / cti / 7: h'0b71'
} / , } / ,
/ signature / h'b9b2821b6b2c2f9d1d984b11854dcfcee1f2197468 / signature / h'5427c1ff28d23fbad1f29c4c7c6a555e601d6fa29f
00ce76112c21f58c45dea1d7f01cec1ab3940f75c4 9179bc3d7438bacaca5acd08c8d4d4f96131680c42
59305365210a23a9ed463b4f6fc984c2f1c08e504d 9a01f85951ecee743a52b9b63632c57209120e1c9e
90' 30'
] ]
) )
Figure 8: Signed CWT in CBOR diagnostic notation Figure 8: Signed CWT in CBOR diagnostic notation
A.4. Example MACed CWT A.4. Example MACed CWT
This section shows a MACed CWT with a single recipient, a full CWT This section shows a MACed CWT with a single recipient, a full CWT
Claims Set, and a CWT tag. Claims Set, and a CWT tag.
skipping to change at page 19, line 13 skipping to change at page 19, line 13
Figure 9: MACed CWT with CWT tag as hex string Figure 9: MACed CWT with CWT tag as hex string
61( 61(
17( 17(
[ [
/ protected / h'a10104' / { / protected / h'a10104' / {
/ alg / 1: 4 / HMAC 256/64 / / alg / 1: 4 / HMAC 256/64 /
} / , } / ,
/ unprotected / {}, / unprotected / {},
/ payload / h'a70175636f61703a2f2f61732e6578616d706c652e636f / payload / h'a70175636f61703a2f2f61732e6578616d706c652e636f
6d02656572696b77037818636f61703a2f2f6c69676874 6d02656572696b77037818636f61703a2f2f6c69676874
2e6578616d706c652e636f6d041a5612aeb0051a5610d9 2e6578616d706c652e636f6d041a5612aeb0051a5610d9
f0061a5610d9f007420b71' / { f0061a5610d9f007420b71' / {
/ iss / 1: "coap://as.example.com", / iss / 1: "coap://as.example.com",
/ sub / 2: "erikw", / sub / 2: "erikw",
/ aud / 3: "coap://light.example.com", / aud / 3: "coap://light.example.com",
/ exp / 4: 1444064944, / exp / 4: 1444064944,
/ nbf / 5: 1443944944, / nbf / 5: 1443944944,
/ iat / 6: 1443944944, / iat / 6: 1443944944,
/ cti / 7: h'0b71' / cti / 7: h'0b71'
} / , } / ,
/ tag / h'093101ef6d789200' / tag / h'093101ef6d789200'
] ]
skipping to change at page 19, line 40 skipping to change at page 19, line 40
A.5. Example Encrypted CWT A.5. Example Encrypted CWT
This section shows an encrypted CWT with a single recipient and a This section shows an encrypted CWT with a single recipient and a
full CWT Claims Set. full CWT Claims Set.
The encryption is done with AES-CCM mode using the 128-bit symmetric The encryption is done with AES-CCM mode using the 128-bit symmetric
key from Appendix A.2.1 with a 64-bit tag and 13-byte nonce, i.e., key from Appendix A.2.1 with a 64-bit tag and 13-byte nonce, i.e.,
COSE AES-CCM-16-64-128. Line breaks are for display purposes only. COSE AES-CCM-16-64-128. Line breaks are for display purposes only.
d08343a1010aa1054d3d9624bfb90a612bdcfc5077c45858e06d4b57cf3b3c9d d08343a1010aa1054d99a0d7846e762c49ffe8a63e0b5858b918a11fd81e438b
a3a16325dadcb9d2a0748f00ecd728f4b79030b56a292ee9cc8cc75349c120fc 7f973d9e2e119bcb22424ba0f38a80f27562f400ee1d0d6c0fdb559c02421fd3
1ba5d67ee29affde28df75a20f344812453ff68270ad5f46295660558168e1d1 84fc2ebe22d7071378b0ea7428fff157444d45f7e6afcda1aae5f6495830c586
85cb308226cdad0a50417dcd4a8d4b47 27087fc5b4974f319a8707a635dd643b
Figure 11: Encrypted CWT as hex string Figure 11: Encrypted CWT as hex string
16( 16(
[ [
/ protected / h'a1010a' / { / protected / h'a1010a' / {
/ alg / 1: 10 / AES-CCM-16-64-128 / / alg / 1: 10 / AES-CCM-16-64-128 /
} /, } /,
/ unprotected / { / unprotected / {
/ iv / 5: h'3d9624bfb90a612bdcfc5077c4' / iv / 5: h'99a0d7846e762c49ffe8a63e0b'
}, },
/ ciphertext / h'e06d4b57cf3b3c9da3a16325dadcb9d2a0748f00ecd / ciphertext / h'b918a11fd81e438b7f973d9e2e119bcb22424ba0f38
728f4b79030b56a292ee9cc8cc75349c120fc1ba5d6 a80f27562f400ee1d0d6c0fdb559c02421fd384fc2e
7ee29affde28df75a20f344812453ff68270ad5f462 be22d7071378b0ea7428fff157444d45f7e6afcda1a
95660558168e1d185cb308226cdad0a50417dcd4a8d ae5f6495830c58627087fc5b4974f319a8707a635dd
4b47' 643b'
] ]
) )
Figure 12: Encrypted CWT in CBOR diagnostic notation Figure 12: Encrypted CWT in CBOR diagnostic notation
A.6. Example Nested CWT A.6. Example Nested CWT
This section shows a Nested CWT, signed and then encrypted, with a This section shows a Nested CWT, signed and then encrypted, with a
single recipient and a full CWT Claims Set. single recipient and a full CWT Claims Set.
skipping to change at page 20, line 40 skipping to change at page 20, line 40
from Appendix A.2.3. The encryption is done with AES-CCM mode using from Appendix A.2.3. The encryption is done with AES-CCM mode using
the 128-bit symmetric key from Appendix A.2.1 with a 64-bit tag and the 128-bit symmetric key from Appendix A.2.1 with a 64-bit tag and
13-byte nonce, i.e., COSE AES-CCM-16-64-128. The content type is set 13-byte nonce, i.e., COSE AES-CCM-16-64-128. The content type is set
to CWT to indicate that there are multiple layers of COSE protection to CWT to indicate that there are multiple layers of COSE protection
before finding the CWT Claims Set. The decrypted ciphertext will be a before finding the CWT Claims Set. The decrypted ciphertext will be a
COSE_sign1 structure. In this example, it is the same one as in COSE_sign1 structure. In this example, it is the same one as in
Appendix A.3, i.e., a Signed CWT Claims Set. Note that there is no Appendix A.3, i.e., a Signed CWT Claims Set. Note that there is no
limitation to the number of layers; this is an example with two limitation to the number of layers; this is an example with two
layers. Line breaks are for display purposes only. layers. Line breaks are for display purposes only.
d08343a1010aa1054dd3bdeeb4daaa50625a5b576cc458a3318af5c80a11e081 d08343a1010aa1054d86bbd41cc32604396324b7f38058a372439fbff538aa7b
91ca790b0793156451afc144e0f9f892679dff1d01cd52d7fe1e43ac8dabace0 601ebfb29454050a3c99fd13b27216d084556496c7355c4bb462510f8e0e8479
f74af095f918197da1550a76d59c2a89db6331e12451fc87fef56f2ff179fb33 dbe08722d620e96bcb7764d75140d96220f062679b46b897e7abe0c325dc2c96
d6132ca34eb7fa8de0960d5f02a2b625792ccc8e5b3d59c0bede9d7438dc5c4f d8bb2c8334e3b92a42c0078983e753c054e647ad5387ed149f802f52b5a95ebf
e0c403c8fc32e874fbb7516c52edddfc09d4444a762dcd0cd486895131c343ae 5f153c4fd64854ab7531e082b7f22721f939d257c94f8bc248e1d9cf04f9dd4e
040620cdd4448c6ce0b7803022ff3d7877a83c345c05a57b36105a 5de7ab62df37842fabec230a657d4abf7162bc786345ebb8eb3af0
Figure 13: Signed and Encrypted CWT as hex string Figure 13: Signed and Encrypted CWT as hex string
16( 16(
[ [
/ protected / h'a203183d010a' / { / protected / h'a203183d010a' / {
/ alg / 1: 10 / AES-CCM-16-64-128 / / alg / 1: 10 / AES-CCM-16-64-128 /
} / , } / ,
/ unprotected / { / unprotected / {
/ iv / 5: h'd3bdeeb4daaa50625a5b576cc4' / iv / 5: h'86bbd41cc32604396324b7f380'
}, },
/ ciphertext / h'318af5c80a11e08191ca790b0793156451afc144e0f / ciphertext / h'72439fbff538aa7b601ebfb29454050a3c99fd13b27
9f892679dff1d01cd52d7fe1e43ac8dabace0f74af0 216d084556496c7355c4bb462510f8e0e8479dbe087
95f918197da1550a76d59c2a89db6331e12451fc87f 22d620e96bcb7764d75140d96220f062679b46b897e
ef56f2ff179fb33d6132ca34eb7fa8de0960d5f02a2 7abe0c325dc2c96d8bb2c8334e3b92a42c0078983e7
b625792ccc8e5b3d59c0bede9d7438dc5c4fe0c403c 53c054e647ad5387ed149f802f52b5a95ebf5f153c4
8fc32e874fbb7516c52edddfc09d4444a762dcd0cd4 fd64854ab7531e082b7f22721f939d257c94f8bc248
86895131c343ae040620cdd4448c6ce0b7803022ff3 e1d9cf04f9dd4e5de7ab62df37842fabec230a657d4
d7877a83c345c05a57b36105a' abf7162bc786345ebb8eb3af0'
] ]
) )
Figure 14: Signed and Encrypted CWT in CBOR diagnostic notation Figure 14: Signed and Encrypted CWT in CBOR diagnostic notation
A.7. Example MACed CWT with a floating-point value A.7. Example MACed CWT with a floating-point value
This section shows a MACed CWT with a single recipient and a simple This section shows a MACed CWT with a single recipient and a simple
CWT Claims Set. The CWT Claims Set with a floating-point 'iat' value. CWT Claims Set. The CWT Claims Set with a floating-point 'iat' value.
skipping to change at page 22, line 32 skipping to change at page 22, line 32
This specification is based on JSON Web Token (JWT) [RFC7519], the This specification is based on JSON Web Token (JWT) [RFC7519], the
authors of which also include Nat Sakimura and John Bradley. It also authors of which also include Nat Sakimura and John Bradley. It also
incorporates suggestions made by many people, notably Carsten incorporates suggestions made by many people, notably Carsten
Bormann, Jim Schaad, Ludwig Seitz, and Goeran Selander. Bormann, Jim Schaad, Ludwig Seitz, and Goeran Selander.
Appendix C. Document History Appendix C. Document History
[[ to be removed by the RFC Editor before publication as an RFC ]] [[ to be removed by the RFC Editor before publication as an RFC ]]
-07
o Updated examples for signing and encryption. Signatures are now
deterministic as recommended by COSE specification.
-06 -06
o Addressed review comments by Carsten Bormann and Jim Schaad. All o Addressed review comments by Carsten Bormann and Jim Schaad. All
changes were editorial in nature. changes were editorial in nature.
-05 -05
o Addressed working group last call comments with the following o Addressed working group last call comments with the following
changes: changes:
 End of changes. 16 change blocks. 
43 lines changed or deleted 48 lines changed or added

This html diff was produced by rfcdiff 1.45. The latest version is available from http://tools.ietf.org/tools/rfcdiff/