Re: [Curdle] Regarding X25519 in JOSE ...
"Matthew A. Miller" <linuxwolf+ietf@outer-planes.net> Mon, 24 July 2017 17:05 UTC
Return-Path: <linuxwolf+ietf@outer-planes.net>
X-Original-To: curdle@ietfa.amsl.com
Delivered-To: curdle@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8A52C12EC2B for <curdle@ietfa.amsl.com>; Mon, 24 Jul 2017 10:05:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=outer-planes-net.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JPF_3jWnyOUs for <curdle@ietfa.amsl.com>; Mon, 24 Jul 2017 10:05:00 -0700 (PDT)
Received: from mail-yw0-x242.google.com (mail-yw0-x242.google.com [IPv6:2607:f8b0:4002:c05::242]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 78A3412ECB7 for <curdle@ietf.org>; Mon, 24 Jul 2017 10:05:00 -0700 (PDT)
Received: by mail-yw0-x242.google.com with SMTP id l82so1905209ywc.2 for <curdle@ietf.org>; Mon, 24 Jul 2017 10:05:00 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=outer-planes-net.20150623.gappssmtp.com; s=20150623; h=sender:subject:to:references:from:message-id:date:user-agent :mime-version:in-reply-to; bh=cbYWdTHhGX/zzsRLlBWUeUA+O3mmMI6lgcblOSzckJA=; b=oEbT0YKu2VhT6XXQL5ACEA39nGW36CylGmDgV1L6h3RxtNLpjcx+TeeTB4FckPzu/D XGKb+mCVcLaFo26jNSt4NqRcqH8v/ZOaTNrFzgwW19hEMuux5xgAbaYhVeJD5KoCfeho Ab14ntX9jJFSw9JLqE1419LxHFIoo75w+9Fk6UsGiSrcsQeZ+cnCKQTzXaSlg8RtW7Vl 4rM+NMsDQ5m0vZ6UBxh6qc5H8aMeSuHq8ZA4gF9fUacRPyYXEyxjLiphJzKnIF6pYhDb svaaqJVZCN36H3RFCaKAKUHcOVGCy19X9Ee+AIu/z64JvvaCLcq4g1qzqeTGLlHXPBTy KSGg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:subject:to:references:from:message-id :date:user-agent:mime-version:in-reply-to; bh=cbYWdTHhGX/zzsRLlBWUeUA+O3mmMI6lgcblOSzckJA=; b=WTPk7Gmqdg92zZVIhPYorpOjFFA8o2MdHQVakKDEebxR4Mel/8vhydjTC2cU32cpPh DP2j1Kke/0tk0M099qq3yYMdUKuUM4gZro+Gakjq5kSAch/5+ga56n8mTo7yfDgh0n/r o8BPt+YYGOGQVImGXm1lRBkbhDtfKsJkuGajpPW5VFBdoG8gq52R+BcOrHJN18k5QVsH xKgrXRXi+U70spuvwHXMreH+KU8kvFlWIyk19GtS6tfs0ZZ1vxsEvUI88BYoxXVdSaaa r2xsjc+mt3rISo+4iy3jJeO7LJ0/cSOteHzUVgGiWqacTc9c32vg36guHrkeVl8MrlDB FscA==
X-Gm-Message-State: AIVw1114CejnXdjemoP1fqdbmsfWsYQxWVr97QeGyrrI9dxvR+qQpjlR +j2gJcadtdbhybfj70fGlw==
X-Received: by 10.37.204.199 with SMTP id l190mr2618950ybf.275.1500915899484; Mon, 24 Jul 2017 10:04:59 -0700 (PDT)
Received: from [10.6.23.170] ([128.177.113.102]) by smtp.gmail.com with ESMTPSA id f62sm3227026ywd.51.2017.07.24.10.04.58 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 24 Jul 2017 10:04:58 -0700 (PDT)
Sender: Matthew Miller <linuxwolf@outer-planes.net>
To: Anders Rundgren <anders.rundgren.net@gmail.com>, curdle@ietf.org
References: <e6cc679b-02a6-7710-4651-c2b59a56c892@outer-planes.net> <1365eab6-f45a-c5e9-99bc-194b5019814e@gmail.com>
From: "Matthew A. Miller" <linuxwolf+ietf@outer-planes.net>
Message-ID: <ed67c7d3-1212-370c-ebc3-98fa902034de@outer-planes.net>
Date: Mon, 24 Jul 2017 11:04:57 -0600
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:55.0) Gecko/20100101 Thunderbird/55.0
MIME-Version: 1.0
In-Reply-To: <1365eab6-f45a-c5e9-99bc-194b5019814e@gmail.com>
Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="FLFMPtNWFluqs3mtdWdcqQoUlNpbSdQ3A"
Archived-At: <https://mailarchive.ietf.org/arch/msg/curdle/HPuyW6gEEVIgFspg9bx9uDNVauI>
Subject: Re: [Curdle] Regarding X25519 in JOSE ...
X-BeenThere: curdle@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "List for discussion of potential new security area wg." <curdle.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/curdle>, <mailto:curdle-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/curdle/>
List-Post: <mailto:curdle@ietf.org>
List-Help: <mailto:curdle-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/curdle>, <mailto:curdle-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 24 Jul 2017 17:05:02 -0000
On 17/07/24 16:38, Anders Rundgren wrote: > On 2017-07-24 16:26, Matthew A. Miller wrote: >> Hello all, >> >> It was asked if any work more work is needed to add X25519 (and X448) to >> JOSE. I believe [RFC8037] covers that, so I don't think any more work >> is necessary right now. > > Would it be possible (and not too controversial) describing why > RFC8037 didn't overload the JWK "EC" specification? The reason > for asking is because the Java camp intends reusing the EC classes > making "OKP" a JOSE-only concept. Personally, I believe OKP is just > fine (=clean) and should be adopted not only by Java, but by PKCS #11 > and .NET as well. > [ Please let's not re-litigate this decision ... ] The JOSE WG did discuss this[1] (albeit prior to its adoption as a WG item). The rough consensus was to use a different "kty" to avoid various incompatibilities (particularly with regards to the JWK thumbprint definition, although others did come up). - m&m Matthew A. Miller [1] https://mailarchive.ietf.org/arch/msg/jose/8-Mo069HvB9_WlT9M2GrgNYHvG0
- [Curdle] Regarding X25519 in JOSE ... Matthew A. Miller
- Re: [Curdle] Regarding X25519 in JOSE ... Anders Rundgren
- Re: [Curdle] Regarding X25519 in JOSE ... Matthew A. Miller
- Re: [Curdle] Regarding X25519 in JOSE ... Anders Rundgren
- Re: [Curdle] Regarding X25519 in JOSE ... Phillip Hallam-Baker
- Re: [Curdle] Regarding X25519 in JOSE ... Jim Schaad
- Re: [Curdle] Regarding X25519 in JOSE ... Jim Schaad
- Re: [Curdle] Regarding X25519 in JOSE ... Phillip Hallam-Baker