RE: Gen-ART LC review of draft-ietf-jose-json-web-algorithms-31
Mike Jones <Michael.Jones@microsoft.com> Tue, 23 September 2014 23:18 UTC
Return-Path: <Michael.Jones@microsoft.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7293E1A1BCF; Tue, 23 Sep 2014 16:18:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jMMFuQIgbNzF; Tue, 23 Sep 2014 16:18:13 -0700 (PDT)
Received: from na01-bl2-obe.outbound.protection.outlook.com (mail-bl2on0129.outbound.protection.outlook.com [65.55.169.129]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5AFF01A024C; Tue, 23 Sep 2014 16:18:13 -0700 (PDT)
Received: from BN3PR0301CA0006.namprd03.prod.outlook.com (25.160.180.144) by DM2PR0301MB1216.namprd03.prod.outlook.com (25.160.219.17) with Microsoft SMTP Server (TLS) id 15.0.1034.13; Tue, 23 Sep 2014 23:18:13 +0000
Received: from BY2FFO11FD027.protection.gbl (2a01:111:f400:7c0c::193) by BN3PR0301CA0006.outlook.office365.com (2a01:111:e400:4000::16) with Microsoft SMTP Server (TLS) id 15.0.1034.13 via Frontend Transport; Tue, 23 Sep 2014 23:18:11 +0000
Received: from mail.microsoft.com (131.107.125.37) by BY2FFO11FD027.mail.protection.outlook.com (10.1.15.216) with Microsoft SMTP Server (TLS) id 15.0.1029.15 via Frontend Transport; Tue, 23 Sep 2014 23:18:10 +0000
Received: from TK5EX14MBXC286.redmond.corp.microsoft.com ([169.254.1.23]) by TK5EX14MLTC104.redmond.corp.microsoft.com ([157.54.79.159]) with mapi id 14.03.0195.002; Tue, 23 Sep 2014 23:17:31 +0000
From: Mike Jones <Michael.Jones@microsoft.com>
To: Roni Even <ron.even.tlv@gmail.com>, "draft-ietf-jose-json-web-algorithms.all@tools.ietf.org" <draft-ietf-jose-json-web-algorithms.all@tools.ietf.org>, "gen-art@ietf.org" <gen-art@ietf.org>
Subject: RE: Gen-ART LC review of draft-ietf-jose-json-web-algorithms-31
Thread-Topic: Gen-ART LC review of draft-ietf-jose-json-web-algorithms-31
Thread-Index: Ac/F2mpuDG6JcxI/SbuImTKmZa3+rwCmp0KQAAT2yQADvuHBoA==
Date: Tue, 23 Sep 2014 23:17:30 +0000
Message-ID: <4E1F6AAD24975D4BA5B16804296739439BA6F0A0@TK5EX14MBXC286.redmond.corp.microsoft.com>
References: <013201cfc5da$6c34dd60$449e9820$@gmail.com> <4E1F6AAD24975D4BA5B16804296739439AE82354@TK5EX14MBXC294.redmond.corp.microsoft.com> <02c901cfc888$e53e8160$afbb8420$@gmail.com>
In-Reply-To: <02c901cfc888$e53e8160$afbb8420$@gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [157.54.51.78]
Content-Type: multipart/alternative; boundary="_000_4E1F6AAD24975D4BA5B16804296739439BA6F0A0TK5EX14MBXC286r_"
MIME-Version: 1.0
X-EOPAttributedMessage: 0
X-Forefront-Antispam-Report: CIP:131.107.125.37; CTRY:US; IPV:NLI; IPV:NLI; EFV:NLI; SFV:NSPM; SFS:(10019020)(438002)(377424004)(377454003)(51914003)(199003)(189002)(95666004)(64706001)(77096002)(2656002)(87936001)(2201001)(92726001)(76176999)(46102003)(90102001)(76482002)(19300405004)(21056001)(85806002)(84326002)(106466001)(107046002)(86362001)(33656002)(83072002)(74662003)(230783001)(79102003)(81342003)(99396002)(85852003)(55846006)(92566001)(77982003)(80022003)(81156004)(81542003)(15202345003)(83322001)(15975445006)(66066001)(31966008)(71186001)(85306004)(16236675004)(4396001)(74502003)(512954002)(20776003)(104016003)(120916001)(19580395003)(68736004)(54356999)(50986999)(6806004)(19625215002)(19617315012)(84676001)(44976005)(19580405001)(69596002)(10300001)(97736003)(86612001); DIR:OUT; SFP:1102; SCL:1; SRVR:DM2PR0301MB1216; H:mail.microsoft.com; FPR:; MLV:sfv; PTR:InfoDomainNonexistent; A:1; MX:1; LANG:en;
X-Microsoft-Antispam: UriScan:;
X-Microsoft-Antispam: BCL:0;PCL:0;RULEID:;SRVR:DM2PR0301MB1216;
X-O365ENT-EOP-Header: Message processed by - O365_ENT: Allow from ranges (Engineering ONLY)
X-Forefront-PRVS: 0343AC1D30
Received-SPF: Pass (protection.outlook.com: domain of microsoft.com designates 131.107.125.37 as permitted sender) receiver=protection.outlook.com; client-ip=131.107.125.37; helo=mail.microsoft.com;
Authentication-Results: spf=pass (sender IP is 131.107.125.37) smtp.mailfrom=Michael.Jones@microsoft.com;
X-OriginatorOrg: microsoft.onmicrosoft.com
Archived-At: http://mailarchive.ietf.org/arch/msg/ietf/6EhgCkB5cieyFDA3QewFRS60dYs
Cc: "ietf@ietf.org" <ietf@ietf.org>, "jose@ietf.org" <jose@ietf.org>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 23 Sep 2014 23:18:17 -0000
Thanks again for your review, Roni. The resolutions discussed below have been applied in the -32 draft.
-- Mike
From: Roni Even [mailto:ron.even.tlv@gmail.com]
Sent: Thursday, September 04, 2014 2:41 PM
To: Mike Jones; draft-ietf-jose-json-web-algorithms.all@tools.ietf.org; gen-art@ietf.org
Cc: ietf@ietf.org; jose@ietf.org
Subject: RE: Gen-ART LC review of draft-ietf-jose-json-web-algorithms-31
Hi Mike,
Inline
Roni
From: Mike Jones [mailto:Michael.Jones@microsoft.com]
Sent: 04 September, 2014 10:31 PM
To: Roni Even; draft-ietf-jose-json-web-algorithms.all@tools.ietf.org<mailto:draft-ietf-jose-json-web-algorithms.all@tools.ietf.org>; gen-art@ietf.org<mailto:gen-art@ietf.org>
Cc: ietf@ietf.org<mailto:ietf@ietf.org>; jose@ietf.org<mailto:jose@ietf.org>
Subject: RE: Gen-ART LC review of draft-ietf-jose-json-web-algorithms-31
Thanks for the review, Roni. I'm also cc'ing the working group so they're aware of your review. Replies are inline below...
From: Roni Even [mailto:ron.even.tlv@gmail.com]
Sent: Monday, September 01, 2014 4:47 AM
To: draft-ietf-jose-json-web-algorithms.all@tools.ietf.org<mailto:draft-ietf-jose-json-web-algorithms.all@tools.ietf.org>; gen-art@ietf.org<mailto:gen-art@ietf.org>
Cc: ietf@ietf.org<mailto:ietf@ietf.org>
Subject: Gen-ART LC review of draft-ietf-jose-json-web-algorithms-31
I am the assigned Gen-ART reviewer for this draft. For background on Gen-ART, please see the FAQ at <http://wiki.tools.ietf.org/area/gen/trac/wiki/GenArtfaq>.
Please resolve these comments along with any other Last Call comments you may receive.
Document: draft-ietf-jose-json-web-algorithms-31
Reviewer: Roni Even
Review Date:2014-9-1
IETF LC End Date: 2014-9-3
IESG Telechat date:
Summary: This draft is ready for publication as a standard track RFC.
Major issues:
Minor issues:
Nits/editorial comments:
1. Section 4.8 "This section defines the specifies" should be "specifics"
Thanks
1. Section 5.2.2 "Section 5.2.3 and Section 5.2.5" should be "through" since 5.2.4 also defines instances.
Agreed
1. Section 5.2.2.1 in bullet 1 "the values of these parameters are specified by the AEAD algorithms (in Section 5.2.3 and Section 5.2.5)". Did you mean AEAD in which case is should be expanded and a reference is probably needed or do you need to change it to Authenticated Encryption? Also the "and" should be "through" same as previous comment.
Yes, the "AEAD" should become "Authenticated Encryption" to be consistent with the rest of the spec. And agreed about "through".
1. In section 5.2.2.1 bullet 4 for "number of bits in A" I had to go to bullet 5 to see what A is. Maybe add also here "additional authenticated data"
"A" is defined in the first sentence of 5.2.2.1 as "additional authenticated data". But there would be no harm the addition you propose. Knowing that it's defined in the first sentence, do you still want to see the addition?
[Roni Even] I think it will be good to have the definition so it is consistent with bullet 5
Thanks again,
-- Mike