IETF Logo Mail Archive

Re: [jose] #41: Add key wrap to the "use" member in key containers

"jose issue tracker" <trac+jose@trac.tools.ietf.org> Sun, 18 August 2013 23:42 UTC

Return-Path: <trac+jose@trac.tools.ietf.org>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id ACE6A11E80AD for <jose@ietfa.amsl.com>; Sun, 18 Aug 2013 16:42:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.594
X-Spam-Level:
X-Spam-Status: No, score=-102.594 tagged_above=-999 required=5 tests=[AWL=0.005, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xOgDru9nBcoX for <jose@ietfa.amsl.com>; Sun, 18 Aug 2013 16:42:28 -0700 (PDT)
Received: from grenache.tools.ietf.org (grenache.tools.ietf.org [IPv6:2a01:3f0:1:2::30]) by ietfa.amsl.com (Postfix) with ESMTP id 9359811E815F for <jose@ietf.org>; Sun, 18 Aug 2013 16:42:27 -0700 (PDT)
Received: from localhost ([127.0.0.1]:35064 helo=grenache.tools.ietf.org ident=www-data) by grenache.tools.ietf.org with esmtp (Exim 4.80) (envelope-from <trac+jose@trac.tools.ietf.org>) id 1VBCbv-0000Dw-Fn; Mon, 19 Aug 2013 01:42:16 +0200
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: jose issue tracker <trac+jose@trac.tools.ietf.org>
X-Trac-Version: 0.12.3
Precedence: bulk
Auto-Submitted: auto-generated
X-Mailer: Trac 0.12.3, by Edgewall Software
To: draft-ietf-jose-json-web-key@tools.ietf.org, ve7jtb@ve7jtb.com, ietf@augustcellars.com
X-Trac-Project: jose
Date: Sun, 18 Aug 2013 23:42:14 -0000
X-URL: http://tools.ietf.org/jose/
X-Trac-Ticket-URL: https://grenache.tools.ietf.org/wg/jose/trac/ticket/41#comment:2
Message-ID: <076.ae03f38d15a12c22546b62d8eb27e54e@trac.tools.ietf.org>
References: <061.3ac2c88594826472dd34063b0f79aa50@trac.tools.ietf.org>
X-Trac-Ticket-ID: 41
In-Reply-To: <061.3ac2c88594826472dd34063b0f79aa50@trac.tools.ietf.org>
X-SA-Exim-Connect-IP: 127.0.0.1
X-SA-Exim-Rcpt-To: draft-ietf-jose-json-web-key@tools.ietf.org, ve7jtb@ve7jtb.com, ietf@augustcellars.com, jose@ietf.org
X-SA-Exim-Mail-From: trac+jose@trac.tools.ietf.org
X-SA-Exim-Scanned: No (on grenache.tools.ietf.org); SAEximRunCond expanded to false
Resent-To: mbj@microsoft.com
Resent-Message-Id: <20130818234227.9359811E815F@ietfa.amsl.com>
Resent-Date: Sun, 18 Aug 2013 16:42:27 -0700
Resent-From: trac+jose@trac.tools.ietf.org
Cc: jose@ietf.org
Subject: Re: [jose] #41: Add key wrap to the "use" member in key containers
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.12
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/jose>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 19 Aug 2013 23:23:25 -0000

#41: Add key wrap to the "use" member in key containers


Comment (by ietf@augustcellars.com):

 Recap of a conversation that I had with John @ Berlin

 It would be possible to avoid defining a new keywrap key usage if we allow
 the enc key usage to have two different meanings with the meaning being
 selected by the algorithm.

 enc could be one of either encrypt data or encrypt key but would never be
 both.  This would imply something that we probably want to be true, that
 you cannot use an RSA key to encrypt both data and keys, but have not
 currently explicitly stated.  We have gone in this direction with the
 assignment of GCM algorithms to be either data encryption or a key
 encryption algorithm.

 This approach would work, however there are three issues to be considered:
 1.  It would need to be explicitly documented
 2.  This would not match the way that the WebCrypto group is thinking of
 things
 3.  It is harder on novices to understand the difference between
 encrypting data and encrypting keys so that being explicit on the string
 would make the Joes of the world happier.

-- 
-------------------------+-------------------------------------------------
 Reporter:               |       Owner:  draft-ietf-jose-json-web-
  ietf@augustcellars.com |  key@tools.ietf.org
     Type:  defect       |      Status:  new
 Priority:  major        |   Milestone:
Component:  json-web-    |     Version:
  key                    |  Resolution:
 Severity:  -            |
 Keywords:               |
-------------------------+-------------------------------------------------

Ticket URL: <https://grenache.tools.ietf.org/wg/jose/trac/ticket/41#comment:2>
jose <http://tools.ietf.org/jose/>

v2.23.0 | Report a Bug | By Email