Re: [jose] Extensibility (was "Criticality")
Mike Jones <Michael.Jones@microsoft.com> Tue, 11 December 2012 02:30 UTC
Return-Path: <Michael.Jones@microsoft.com>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B5C4621F8735 for <jose@ietfa.amsl.com>; Mon, 10 Dec 2012 18:30:36 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.099
X-Spam-Level:
X-Spam-Status: No, score=-3.099 tagged_above=-999 required=5 tests=[AWL=-0.500, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id p6sPZCzVmLQJ for <jose@ietfa.amsl.com>; Mon, 10 Dec 2012 18:30:35 -0800 (PST)
Received: from na01-bl2-obe.outbound.protection.outlook.com (na01-bl2-obe.ptr.protection.outlook.com [65.55.169.31]) by ietfa.amsl.com (Postfix) with ESMTP id 4336B21F86BE for <jose@ietf.org>; Mon, 10 Dec 2012 18:30:34 -0800 (PST)
Received: from BL2FFO11FD008.protection.gbl (10.173.161.202) by BL2FFO11HUB027.protection.gbl (10.173.161.51) with Microsoft SMTP Server (TLS) id 15.0.578.12; Tue, 11 Dec 2012 02:30:27 +0000
Received: from TK5EX14MLTC101.redmond.corp.microsoft.com (131.107.125.37) by BL2FFO11FD008.mail.protection.outlook.com (10.173.161.4) with Microsoft SMTP Server (TLS) id 15.0.578.12 via Frontend Transport; Tue, 11 Dec 2012 02:30:27 +0000
Received: from TK5EX14MBXC283.redmond.corp.microsoft.com ([169.254.2.240]) by TK5EX14MLTC101.redmond.corp.microsoft.com ([157.54.79.178]) with mapi id 14.02.0318.003; Tue, 11 Dec 2012 02:30:25 +0000
From: Mike Jones <Michael.Jones@microsoft.com>
To: Hannes Tschofenig <hannes.tschofenig@gmx.net>, "jose@ietf.org" <jose@ietf.org>
Thread-Topic: [jose] Extensibility (was "Criticality")
Thread-Index: AQHNy8Za1POjZo7ZrECvrKwCKF1CXpgS9lHw
Date: Tue, 11 Dec 2012 02:30:24 +0000
Message-ID: <4E1F6AAD24975D4BA5B168042967394366924E63@TK5EX14MBXC283.redmond.corp.microsoft.com>
References: <F8EBC273-9C8E-4D2E-B26C-3F88B9CE1298@gmx.net>
In-Reply-To: <F8EBC273-9C8E-4D2E-B26C-3F88B9CE1298@gmx.net>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [157.54.51.71]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-Forefront-Antispam-Report: CIP:131.107.125.37; CTRY:US; IPV:CAL; IPV:NLI; EFV:NLI; SFV:NSPM; SFS:(43784002)(13464002)(377454001)(59766001)(56776001)(46102001)(44976002)(53806001)(76482001)(54316002)(31966008)(54356001)(47776002)(51856001)(56816002)(33656001)(55846006)(47976001)(4396001)(16406001)(47736001)(46406002)(74662001)(50986001)(50466001)(23726001)(47446002)(77982001)(74502001)(49866001)(5343655001); DIR:OUT; SFP:; SCL:1; SRVR:BL2FFO11HUB027; LANG:en;
X-OriginatorOrg: microsoft.onmicrosoft.com
X-Forefront-PRVS: 069255B8B8
Subject: Re: [jose] Extensibility (was "Criticality")
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/jose>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 11 Dec 2012 02:30:37 -0000
As I think you know, there's an open issue in the JOSE working group about whether all header fields must be understood or whether a mechanism should be defined to specify which header fields may be safely ignored if not understood. John Bradley and Richard Barnes and I have been drafting a note about these choices to the JOSE working group, which I expect should go out any day now. Per my reply to your note on the OAuth list, the intended meaning is "The use of this header parameter is OPTIONAL." I'll plan to clarify this in the next version of the specifications. Thanks again, -- Mike -----Original Message----- From: jose-bounces@ietf.org [mailto:jose-bounces@ietf.org] On Behalf Of Hannes Tschofenig Sent: Monday, November 26, 2012 3:07 AM To: jose@ietf.org Cc: Hannes Tschofenig Subject: [jose] Extensibility (was "Criticality") Hi all, doing my shepherd writeup of some of the OAuth WG documents I was wondering how the extensibility story for these JSON-based documents should look like given a statement like this: "Implementations MUST understand the entire contents of the header; otherwise, the JWS MUST be rejected." Absent a "feature discovery" mechanism I am curious whether any extension is actually possible. (Funny enough then all individual parameters then say "This header parameter is OPTIONAL.") Since this type of extensibility feature does not seem to a be a new concept I am curious how it has been handled (successfully) in other specifications. Ciao Hannes PS: I remember that this has been discussed during the meeting but I do not know what the outcome of the discussion was. The meeting minutes do not seem to be available yet. _______________________________________________ jose mailing list jose@ietf.org https://www.ietf.org/mailman/listinfo/jose
- [jose] Extensibility (was "Criticality") Hannes Tschofenig
- Re: [jose] Extensibility (was "Criticality") Mike Jones
- Re: [jose] Extensibility (was "Criticality") Mike Jones