Currently, the spec dictates that signing libraries should default to 1 hour expiry, unless explicitly opting out. I think it would be more natural and simpler to require that validating libraries instead default received claims to 1 hour of activity and reject tokens where expiry cannot be inferred. If validating libraries are not checking a PASeTos active window, then a default by the issuer is hopeless anyway. By doing more in the validating libraries, signing libraries can safely do less.
Essentially the spec would look something like this for validation:
if iat, nbf, and exp claims are all missing, the token is rejected
if only the iat claim is present, set nbf := iat and exp := iat + 1 hour
if only the nbf claim is present, set iat := nbf and exp := nbf + 1 hour
if only the iat claim is missing, set iat := nbf
if only the nbf claim is missing, set nbf := iat
if only the exp claim is missing, set exp := nbf + 1 hour
check that iat <= nbf <= now < exp
If desired, library authors could allow users to alter default flow for their own (and should recommend to their users not to do so).
With this flow, non-expiring PASeTos can only be simulated with extremely far reaching dates (it's trivial to make them last thousands of years). This means that libraries and users that do things wrong by accident either make tokens that only last an hour or are never accepted at all. Users who do things wrong must purposefully make errors otherwise.
If this validation is accidentally skipped by a library or user, then all is lost anyway.
Curious to get thoughts on this, and again happy to take a stab at a PR here. Cheers!
Currently, the spec dictates that signing libraries should default to 1 hour expiry, unless explicitly opting out. I think it would be more natural and simpler to require that validating libraries instead default received claims to 1 hour of activity and reject tokens where expiry cannot be inferred. If validating libraries are not checking a PASeTos active window, then a default by the issuer is hopeless anyway. By doing more in the validating libraries, signing libraries can safely do less.
Essentially the spec would look something like this for validation:
iat,nbf, andexpclaims are all missing, the token is rejectediatclaim is present, setnbf:=iatandexp:=iat+ 1 hournbfclaim is present, setiat:=nbfandexp:=nbf+ 1 houriatclaim is missing, setiat:=nbfnbfclaim is missing, setnbf:=iatexpclaim is missing, setexp:=nbf+ 1 houriat<=nbf<=now<expIf desired, library authors could allow users to alter default flow for their own (and should recommend to their users not to do so).
With this flow, non-expiring PASeTos can only be simulated with extremely far reaching dates (it's trivial to make them last thousands of years). This means that libraries and users that do things wrong by accident either make tokens that only last an hour or are never accepted at all. Users who do things wrong must purposefully make errors otherwise.
If this validation is accidentally skipped by a library or user, then all is lost anyway.
Curious to get thoughts on this, and again happy to take a stab at a PR here. Cheers!