Re: [Gen-art] review: draft-ietf-jose-jwk-thumbprint-05
Mike Jones <Michael.Jones@microsoft.com> Mon, 06 July 2015 22:29 UTC
Return-Path: <Michael.Jones@microsoft.com>
X-Original-To: gen-art@ietfa.amsl.com
Delivered-To: gen-art@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C87251A86F3 for <gen-art@ietfa.amsl.com>; Mon, 6 Jul 2015 15:29:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.902
X-Spam-Level:
X-Spam-Status: No, score=-1.902 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id V3WQHzun-b2W for <gen-art@ietfa.amsl.com>; Mon, 6 Jul 2015 15:29:50 -0700 (PDT)
Received: from na01-by2-obe.outbound.protection.outlook.com (mail-by2on0106.outbound.protection.outlook.com [207.46.100.106]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 84F6C1A1EF1 for <gen-art@ietf.org>; Mon, 6 Jul 2015 15:29:47 -0700 (PDT)
Received: from BY2PR03MB442.namprd03.prod.outlook.com (10.141.141.145) by BY2PR03MB441.namprd03.prod.outlook.com (10.141.141.142) with Microsoft SMTP Server (TLS) id 15.1.213.10; Mon, 6 Jul 2015 22:29:46 +0000
Received: from BY2PR03MB442.namprd03.prod.outlook.com ([10.141.141.145]) by BY2PR03MB442.namprd03.prod.outlook.com ([10.141.141.145]) with mapi id 15.01.0213.000; Mon, 6 Jul 2015 22:29:46 +0000
From: Mike Jones <Michael.Jones@microsoft.com>
To: Joel Halpern <jmh@joelhalpern.com>, "A. Jean Mahoney" <mahoney@nostrum.com>, General Area Review Team <gen-art@ietf.org>, "draft-ietf-jose-jwk-thumbprint.all@tools.ietf.org" <draft-ietf-jose-jwk-thumbprint.all@tools.ietf.org>
Thread-Topic: [Gen-art] review: draft-ietf-jose-jwk-thumbprint-05
Thread-Index: AQHQt/Ogk3sy0+PEW0igPXq10ylnKZ3PBK1A
Date: Mon, 06 Jul 2015 22:29:46 +0000
Message-ID: <BY2PR03MB44288F276E8462C0ECDE1BAF5930@BY2PR03MB442.namprd03.prod.outlook.com>
References: <55833892.7050802@nostrum.com> <55843E22.1060102@joelhalpern.com> <559A8020.3020700@joelhalpern.com>
In-Reply-To: <559A8020.3020700@joelhalpern.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: joelhalpern.com; dkim=none (message not signed) header.d=none;
x-originating-ip: [2001:4898:80e8:ed31::2]
x-microsoft-exchange-diagnostics: 1; BY2PR03MB441; 5:asrkzgSZDyyYJ934T2i38/YfGMEX1xW+LXQh59sutzPmBXeGkxx6+ZRPbp4E1p6h4r7TuCVQbn8t6EdvBJYfBF2L+yUiLPuz6MpDmcTkusrxVc8SpTMZl5PmZM0WCJunsOwtHKK4YDXybXTRUjDHvw==; 24:FeNlSm977OWjdqRfbtMgdCw+8U0lIY9+LImZRDRizhD/Fxf0sUhP1J6/AdEH/jAIbZ0KBsT/gGiB76q1aPVjjmIAuMw7CQoM1fxpFH8TaAI=; 20:VWp8FZknGJM5gSOCyXmEW5MiHAZPKWfNCokfw3lZACxW2mO7NYd386DSR97cDhOhqCBiQNjrgJ7S/1dM4Y34RA==
x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:BY2PR03MB441;
by2pr03mb441: X-MS-Exchange-Organization-RulesExecuted
x-microsoft-antispam-prvs: <BY2PR03MB4410EFB60B716E913242FCAF5930@BY2PR03MB441.namprd03.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:;
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(601004)(2401001)(5005006)(3002001); SRVR:BY2PR03MB441; BCL:0; PCL:0; RULEID:; SRVR:BY2PR03MB441;
x-forefront-prvs: 06290ECA9D
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(6009001)(43784003)(24454002)(51704005)(52604005)(13464003)(479174004)(377454003)(5001960100002)(5002640100001)(2501003)(107886002)(99286002)(5001770100001)(92566002)(5003600100002)(106116001)(189998001)(77096005)(46102003)(77156002)(76576001)(15975445007)(74316001)(2950100001)(40100003)(2900100001)(2656002)(19580395003)(76176999)(62966003)(86612001)(54356999)(50986999)(33656002)(87936001)(86362001)(122556002)(19580405001)(102836002)(230783001)(3826002); DIR:OUT; SFP:1102; SCL:1; SRVR:BY2PR03MB441; H:BY2PR03MB442.namprd03.prod.outlook.com; FPR:; SPF:None; MLV:sfv; LANG:en;
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
X-MS-Exchange-CrossTenant-originalarrivaltime: 06 Jul 2015 22:29:46.1704 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BY2PR03MB441
Archived-At: <http://mailarchive.ietf.org/arch/msg/gen-art/SpV4N4tc5-fWX332poX7jzvjFbM>
Subject: Re: [Gen-art] review: draft-ietf-jose-jwk-thumbprint-05
X-BeenThere: gen-art@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "GEN-ART: General Area Review Team" <gen-art.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/gen-art>, <mailto:gen-art-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/gen-art/>
List-Post: <mailto:gen-art@ietf.org>
List-Help: <mailto:gen-art-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/gen-art>, <mailto:gen-art-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 06 Jul 2015 22:29:52 -0000
Hi Joel. Thanks for looking this over again. Section 3.4 was added in response to Adam Montville's SecDir comments, in which his focus was on cases where the hash function didn't have to be known to multiple parties. I guess it's only fair that you focus on the cases where it does. ;-) Currently the case you're interested in is covered by the last sentence in 3.4, which reads: "Only if multiple parties will be reproducing the JWK Thumbprint calculation for some reason, will parties other than the original producer of the JWK Thumbprint need to know which hash function was used." I could strength this by making it its own paragraph, saying this: "However, in some cases multiple parties will be reproducing the JWK Thumbprint calculation and comparing the results. In these cases, the parties will need to know which hash function was used and use the same one." Would that work for you, or do you have alternative wording to suggest? Thanks again, -- Mike -----Original Message----- From: Joel Halpern [mailto:jmh@joelhalpern.com] Sent: Monday, July 06, 2015 6:18 AM To: A. Jean Mahoney; General Area Review Team; draft-ietf-jose-jwk-thumbprint.all@tools.ietf.org Subject: Re: [Gen-art] review: draft-ietf-jose-jwk-thumbprint-05 The document is nearly ready for publication as a Proposed Standard. Upon re-review, the addition of section 3.4 raises a question of clarity. As written, the text says that the hash function matters only to the original thumbprint provider. Should there be a little bit of text talking about the need for the hash function to be the same for thumbprints to be comparable, or, phrased alternatively, that thumbprints with different hashes must not be compared? If there were no need for consistent production of the thumbprint, there would be no need for a Proposed Standard for the document. Yours, Joel The new section 3.4 On 6/19/15 12:06 PM, Joel M. Halpern wrote: > I am the assigned Gen-ART reviewer for this draft. For background on > Gen-ART, please see the FAQ at > > <http://wiki.tools.ietf.org/area/gen/trac/wiki/GenArtfaq>. > > Please resolve these comments along with any other Last Call comments > you may receive. > > Document: draft-ietf-jose-jwk-thumbprint-05 > JSON Web Key (JWK) Thumbprint > Reviewer: Joel M. Halpern > Review Date: 19-June-2015 > IETF LC End Date: N/A > IESG Telechat date: N/A > > Summary: The internet draft is ready for publication as a Proposed > Standard. > > [Note to readers: > This review is provided because the spreadsheet said so. The draft > appears not to be in last call yet. > Also, this reviewer did not attempt to second-guess the design choices > made by the WG. The choices are well-explain, and I understand it to be > the WGs job to make them.] > > Major issues: N/A > > Minor issues: N/A > > Nits/editorial comments: N/A > > _______________________________________________ > Gen-art mailing list > Gen-art@ietf.org > https://www.ietf.org/mailman/listinfo/gen-art >
- [Gen-art] A *new* batch of IETF LC reviews - 2015… A. Jean Mahoney
- [Gen-art] review: draft-ietf-pcp-proxy-08 Joel M. Halpern
- [Gen-art] review: draft-ietf-jose-jwk-thumbprint-… Joel M. Halpern
- Re: [Gen-art] review: draft-ietf-jose-jwk-thumbpr… Joel Halpern
- Re: [Gen-art] review: draft-ietf-jose-jwk-thumbpr… Mike Jones
- Re: [Gen-art] review: draft-ietf-jose-jwk-thumbpr… Joel M. Halpern
- Re: [Gen-art] review: draft-ietf-jose-jwk-thumbpr… Jari Arkko
- Re: [Gen-art] review: draft-ietf-pcp-proxy-08 Jari Arkko