[jose] #12: x5c incorrect in JWE

["jose issue tracker" <trac+jose@trac.tools.ietf.org>]

#12: x5c incorrect in JWE

 No use case (that I'm aware of anyway) has been suggested for "x5c" in JWE
 that cannot be addressed in a more straightforward and efficient way using
 other available header parameters like "x5u", "kid", etc.

 I suggest "x5c" be removed from JWE.

 If it must stay, there are a couple of issues with its definition in
 http://tools.ietf.org/html/draft-ietf-jose-json-web-
 encryption-08#section-4.1.9 that need to be fixed.

 1) It states that "the certificate containing the public key of the entity
 that encrypted the JWE MUST be the first certificate" but for all the JWE
 algorithms currently defined that certificate would have to have the
 public key of the entity that corresponds to its private key which will be
 used to decrypt.

 2) It also states that "the recipient MUST verify the certificate chain
 according to [RFC5280] and reject..." which is really awkward because that
 certificate chain certifies the recipient (why would you validate your own
 cert chain?) not the sender.

 There was a message and subsequent shortish discussion thread on the list
 a while back about this too: http://www.ietf.org/mail-
 archive/web/jose/current/msg01438.html

-- 
-------------------------------------+-------------------------------------
 Reporter:                           |      Owner:  draft-ietf-jose-json-
  bcampbell@pingidentity.com         |  web-encryption@tools.ietf.org
     Type:  defect                   |     Status:  new
 Priority:  minor                    |  Milestone:
Component:  json-web-encryption      |    Version:
 Severity:  Submitted WG Document    |   Keywords:
-------------------------------------+-------------------------------------

Ticket URL: <http://tools.ietf.org/wg/jose/trac/ticket/12>
jose <http://tools.ietf.org/jose/>