IETF Logo Mail Archive

Re: [Cfrg] [jose] Draft describing encrypting JWK key representations, with JWE

Yaron Sheffer <yaronf.ietf@gmail.com> Sat, 16 March 2013 20:56 UTC

Return-Path: <yaronf.ietf@gmail.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7E94821F8463 for <cfrg@ietfa.amsl.com>; Sat, 16 Mar 2013 13:56:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.214
X-Spam-Level:
X-Spam-Status: No, score=-102.214 tagged_above=-999 required=5 tests=[AWL=1.385, BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LUH0C7ov0ilx for <cfrg@ietfa.amsl.com>; Sat, 16 Mar 2013 13:56:56 -0700 (PDT)
Received: from mail-ee0-f49.google.com (mail-ee0-f49.google.com [74.125.83.49]) by ietfa.amsl.com (Postfix) with ESMTP id B403721F8464 for <cfrg@irtf.org>; Sat, 16 Mar 2013 13:56:55 -0700 (PDT)
Received: by mail-ee0-f49.google.com with SMTP id d41so2029428eek.36 for <cfrg@irtf.org>; Sat, 16 Mar 2013 13:56:54 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=x-received:message-id:date:from:user-agent:mime-version:to:cc :subject:references:in-reply-to:content-type :content-transfer-encoding; bh=CMtQu0tENXF9xpabmz19N/4fxqz/DT4VC4w3xD5W3eo=; b=oHGIGWZU2zk7RHkjqAfho8Z6QXQo/kXAq/vko2f1CnAWEazC8s832S0bI1Q94R3Qcm j534895QgMsocTm+4GqFdikR23ak9m0qvcJJkFKxM0fiYSCsEn4Zm77w5Y7t8XumbH+n Nm29YYyo7q0XG9VNocSqN2E5KtbQqFUdRVO8xeJflWEqerzQlAEZw+Kyn68WLFjf889u zpohcyy1jU/AFAxcUvWmkoVLi1ZmLL2BBvoZRbShJVz4LH7BLZN6K6lSHc0pvtPXhHxd CrgGJXl77bHLTScMbRWxTZR12RkwudPvdNqeyd8iiQLDcsqSbxWbXy1rp2P4weQw2OpK OVXw==
X-Received: by 10.14.173.196 with SMTP id v44mr31898602eel.29.1363467414763; Sat, 16 Mar 2013 13:56:54 -0700 (PDT)
Received: from [10.0.0.1] (bzq-79-181-130-250.red.bezeqint.net. [79.181.130.250]) by mx.google.com with ESMTPS id 3sm17955019eej.6.2013.03.16.13.56.52 (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Sat, 16 Mar 2013 13:56:53 -0700 (PDT)
Message-ID: <5144DC8B.9020403@gmail.com>
Date: Sat, 16 Mar 2013 22:56:43 +0200
From: Yaron Sheffer <yaronf.ietf@gmail.com>
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20130307 Thunderbird/17.0.4
MIME-Version: 1.0
To: ryan-ietf@sleevi.com
References: <mailman.4019.1363356696.3432.cfrg@irtf.org> <51433B12.1020703@gmail.com> <4E1F6AAD24975D4BA5B168042967394367526568@TK5EX14MBXC284.redmond.corp.microsoft.com> <CAL02cgQ8=yKwArwvR228Z=xi0N3U6yvoOHt6M-3EuCD_HYkyww@mail.gmail.com> <4E1F6AAD24975D4BA5B168042967394367526789@TK5EX14MBXC284.redmond.corp.microsoft.com> <CAL02cgRbh7EYLwp01t0yMMPHbhtVsQjY8379YF9_gRgGeO08eQ@mail.gmail.com> <8B4C063947CD794BB6FF90C78BAE9B321EFD5DFC@IMCMBX04.MITRE.ORG> <07c801ce21ab$f63d74b0$e2b85e10$@augustcellars.com> <6769e08f-8bae-41de-a723-409f7bfae4f2@email.android.com> <c7f88782a15ccfc55c2919aba0aece23.squirrel@webmail.dreamhost.com>
In-Reply-To: <c7f88782a15ccfc55c2919aba0aece23.squirrel@webmail.dreamhost.com>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
Cc: 'Richard Barnes' <rlb@ipv.sx>, cfrg@irtf.org, jose@ietf.org
Subject: Re: [Cfrg] [jose] Draft describing encrypting JWK key representations, with JWE
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/cfrg>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Sat, 16 Mar 2013 20:56:56 -0000

Hi Ryan,

Yes, the complete first sentence in my mail (which the listserv gobbled) 
was: "prior to the new Webcrypto API there's no way to generate a strong 
key in JavaScript." Do the JOSE specs assume this API is always available?

Thanks,
      Yaron

On 16.3.2013 22:14, Ryan Sleevi wrote:
> On Fri, March 15, 2013 12:45 pm, Yaron Sheffer wrote:
>>   no way to generate a strong key in JavaScript. So you also need a way to
>>   use a key directly. But I'm by no means a JOSE expert, they may have
>>   different assumptions.
>>
>>   Thanks, Yaron
> window.crypto.getRandomValues() ?
>
> Already implemented today by WebKit and Firefox, as part of the W3C Web
> Cryptography API -
> https://dvcs.w3.org/hg/webcrypto-api/raw-file/tip/spec/Overview.html
>

v2.23.0 | Report a Bug | By Email