Re: [jose] Field Matrix
Richard Barnes <rlb@ipv.sx> Thu, 20 June 2013 20:52 UTC
Return-Path: <rlb@ipv.sx>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BAA2D21F9FDC for <jose@ietfa.amsl.com>; Thu, 20 Jun 2013 13:52:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 1.563
X-Spam-Level: *
X-Spam-Status: No, score=1.563 tagged_above=-999 required=5 tests=[AWL=0.206, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_DUL=0.877, RDNS_NONE=0.1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id IwA+HKF-bI3w for <jose@ietfa.amsl.com>; Thu, 20 Jun 2013 13:52:01 -0700 (PDT)
Received: from mail-ob0-x233.google.com (mail-ob0-x233.google.com [IPv6:2607:f8b0:4003:c01::233]) by ietfa.amsl.com (Postfix) with ESMTP id E0D0E21F9E5C for <jose@ietf.org>; Thu, 20 Jun 2013 13:51:44 -0700 (PDT)
Received: by mail-ob0-f179.google.com with SMTP id xk17so7686718obc.38 for <jose@ietf.org>; Thu, 20 Jun 2013 13:51:44 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:x-originating-ip:in-reply-to:references:date :message-id:subject:from:to:cc:content-type:x-gm-message-state; bh=h17woPSJ3jph/jzVv4fwd7GLs0QYvIULjUrgeB+GTLU=; b=o2H3ub2GbfnCq+QC3etX/+Xaoh13JKUp4PYJeabzDubwd7xqijrHNTafWNd8rAoW8p lUUpM2RmD2p2RNO5XQqYg/GVwWKIskQ+mevSzdZAL/hyZEEkqeBGPiSSPwo5PLjSl/1g qJkqX5zk2udOrhpjHWE6d9T1oLok3oktfcBfOYr2Y3wDlRpJU3z9STY6TFRJVEg2+/ap o6Xir8dEzvk7Rm8EbfW0G8q8x9AxeZ1SDJ86Tyv53Xd1lLkMOu6LAflqmwcS1FmybP/q 1CgCc41USQ4u+HVi1KWNDwJGKRMcA6i9O5OvhrSc/yDIw2o/jBWxtEVgC12xktfHauxQ v0Tg==
MIME-Version: 1.0
X-Received: by 10.60.161.206 with SMTP id xu14mr5067838oeb.109.1371761504405; Thu, 20 Jun 2013 13:51:44 -0700 (PDT)
Received: by 10.60.26.135 with HTTP; Thu, 20 Jun 2013 13:51:44 -0700 (PDT)
X-Originating-IP: [108.18.40.68]
In-Reply-To: <053f01ce6de7$8ed108e0$ac731aa0$@augustcellars.com>
References: <053f01ce6de7$8ed108e0$ac731aa0$@augustcellars.com>
Date: Thu, 20 Jun 2013 16:51:44 -0400
Message-ID: <CAL02cgTVfWU_Ly1txm_k6s+omX8ZzUHTbp58HK03_EZ0qg_7cA@mail.gmail.com>
From: Richard Barnes <rlb@ipv.sx>
To: Jim Schaad <ietf@augustcellars.com>
Content-Type: multipart/alternative; boundary="089e01176a6d2fd91304df9c1dcc"
X-Gm-Message-State: ALoCoQl5xUjhzU+OuG/EKd0y8PzJjaPcHE7WAnW3MJ6Q+6/8YfdZ4dRzipHdxrchWDA1Zgw8TEfe
Cc: "jose@ietf.org" <jose@ietf.org>
Subject: Re: [jose] Field Matrix
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/jose>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 20 Jun 2013 20:52:26 -0000
You can eliminate the "protection required" field, because there aren't any
of those.
Or there shouldn't be: The only security case we have is algorithm
dependent ("alg" must be protected if "alg" == "PS256", "PS512"). The only
fields for which the specs currently require integrity protection are "zip"
and "crit". Neither of these have the property that changing them would
cause a security violation, except in some application-dependent sense. So
the choice of integrity protection should be left to applications, not
fixed in the spec.
--Richard
On Thu, Jun 20, 2013 at 2:54 PM, Jim Schaad <ietf@augustcellars.com> wrote:
> <no hat>****
>
> ** **
>
> Having just started looking at a design implementation, I am now more than
> ever interested in seeing this matrix of fields. At the present time I
> think the following columns are probably of interest:****
>
> ** **
>
> Name, must understand, use required, common vs specific, protection
> required****
>
> ** **
>
> I was just looking at the alg and enc fields for JWE and realized that one
> was specific – so it should be one location – and one was common – so it
> should be in a different location. And then I needed to start thinking
> about where it goes in terms of compacted vs one recipient vs two
> recipients.****
>
> ** **
>
> Do you have an idea of when this matrix might show up?****
>
> ** **
>
> Jim****
>
> ** **
>
- [jose] Field Matrix Jim Schaad
- Re: [jose] Field Matrix Richard Barnes
- Re: [jose] Field Matrix Mike Jones
- Re: [jose] Field Matrix Richard Barnes
- Re: [jose] Field Matrix Peck, Michael A
- Re: [jose] Field Matrix Richard Barnes