Re: [jose] #103: Rename "alg" to avoid future collision problems
"jose issue tracker" <trac+jose@trac.tools.ietf.org> Wed, 02 October 2013 04:34 UTC
Return-Path: <trac+jose@trac.tools.ietf.org>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 45C4E21E82AE for <jose@ietfa.amsl.com>; Tue, 1 Oct 2013 21:34:04 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.599
X-Spam-Level:
X-Spam-Status: No, score=-102.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id z68u5+ScBQlE for <jose@ietfa.amsl.com>; Tue, 1 Oct 2013 21:33:57 -0700 (PDT)
Received: from grenache.tools.ietf.org (grenache.tools.ietf.org [IPv6:2a01:3f0:1:2::30]) by ietfa.amsl.com (Postfix) with ESMTP id 0AC3D21E829B for <jose@ietf.org>; Tue, 1 Oct 2013 21:33:52 -0700 (PDT)
Received: from localhost ([127.0.0.1]:36981 helo=grenache.tools.ietf.org ident=www-data) by grenache.tools.ietf.org with esmtp (Exim 4.80) (envelope-from <trac+jose@trac.tools.ietf.org>) id 1VRE88-00087V-2w; Wed, 02 Oct 2013 06:33:44 +0200
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: jose issue tracker <trac+jose@trac.tools.ietf.org>
X-Trac-Version: 0.12.3
Precedence: bulk
Auto-Submitted: auto-generated
X-Mailer: Trac 0.12.3, by Edgewall Software
To: draft-ietf-jose-json-web-signature@tools.ietf.org, michael.jones@microsoft.com, ietf@augustcellars.com
X-Trac-Project: jose
Date: Wed, 02 Oct 2013 04:33:44 -0000
X-URL: http://tools.ietf.org/jose/
X-Trac-Ticket-URL: http://trac.tools.ietf.org/wg/jose/trac/ticket/103#comment:2
Message-ID: <076.36d4cc7ddc3ec22b4f28cf35e64ea647@trac.tools.ietf.org>
References: <061.4073c0d8082af9579c9c6c2dbc955a50@trac.tools.ietf.org>
X-Trac-Ticket-ID: 103
In-Reply-To: <061.4073c0d8082af9579c9c6c2dbc955a50@trac.tools.ietf.org>
X-SA-Exim-Connect-IP: 127.0.0.1
X-SA-Exim-Rcpt-To: draft-ietf-jose-json-web-signature@tools.ietf.org, michael.jones@microsoft.com, ietf@augustcellars.com, jose@ietf.org
X-SA-Exim-Mail-From: trac+jose@trac.tools.ietf.org
X-SA-Exim-Scanned: No (on grenache.tools.ietf.org); SAEximRunCond expanded to false
Resent-To: mbj@microsoft.com, n-sakimura@nri.co.jp, ve7jtb@ve7jtb.com
Resent-Message-Id: <20131002043353.0AC3D21E829B@ietfa.amsl.com>
Resent-Date: Tue, 01 Oct 2013 21:33:52 -0700
Resent-From: trac+jose@trac.tools.ietf.org
Cc: jose@ietf.org
Subject: Re: [jose] #103: Rename "alg" to avoid future collision problems
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.12
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/jose>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 02 Oct 2013 04:34:04 -0000
#103: Rename "alg" to avoid future collision problems Changes (by ietf@augustcellars.com): * status: new => closed * resolution: => Postponed Comment: While I still think it is a mistake not to do the rename, I will bow to the pressure of the group in terms of the apparent problems that they have with respect to the backwards compatibility problems of doing this. It would have made things much cleaner in the future and for enforcement of what algorithms can go into what fields. This has been a problem that has been recurrent for CMS when dealing with signature algorithms as the restrictions were not cleanly stated using 1988 ASN.1 It will be possible to do the necessary logic of doing key management for MAC in a future document by the following: A new element in the signature headers is defined called recipients. This element will contain a JSON array which in turn will contain a JSON object that corresponds to a recipient element from the JWE specification. This will break stupid parsers that look for the alg string without doing the JSON parse first in order to determine if it is a JWS or JWE element as it might encounter the JWE alg element before the JWS alg element. That will be considered to be an acceptable failure mode for this change. -- -------------------------+------------------------------------------------- Reporter: | Owner: draft-ietf-jose-json-web- ietf@augustcellars.com | signature@tools.ietf.org Type: defect | Status: closed Priority: major | Milestone: Component: json-web- | Version: signature | Resolution: Postponed Severity: - | Keywords: | -------------------------+------------------------------------------------- Ticket URL: <http://trac.tools.ietf.org/wg/jose/trac/ticket/103#comment:2> jose <http://tools.ietf.org/jose/>
- [jose] #103: Rename "alg" to avoid future collisi… jose issue tracker
- Re: [jose] #103: Rename "alg" to avoid future col… jose issue tracker
- Re: [jose] #103: Rename "alg" to avoid future col… jose issue tracker