Re: [jose] Draft -10 of the JOSE Specifications

nov matake <matake@gmail.com> Fri, 26 April 2013 08:48 UTC

Return-Path: <matake@gmail.com>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A509D21F97F7 for <jose@ietfa.amsl.com>; Fri, 26 Apr 2013 01:48:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.598
X-Spam-Level:
X-Spam-Status: No, score=-3.598 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JmT4EBpXM90I for <jose@ietfa.amsl.com>; Fri, 26 Apr 2013 01:48:40 -0700 (PDT)
Received: from mail-pa0-f45.google.com (mail-pa0-f45.google.com [209.85.220.45]) by ietfa.amsl.com (Postfix) with ESMTP id CAA8A21F91A2 for <jose@ietf.org>; Fri, 26 Apr 2013 01:48:40 -0700 (PDT)
Received: by mail-pa0-f45.google.com with SMTP id lf10so2380731pab.18 for <jose@ietf.org>; Fri, 26 Apr 2013 01:48:40 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=x-received:content-type:mime-version:subject:from:in-reply-to:date :cc:message-id:references:to:x-mailer; bh=GblRCtOCXh9lQeTaxIKRp/ojs47fYSxt5QvOoUHJUEM=; b=C5UfzDxX2oqISrqjZInbqsBbjqhbCScKC+ubEI5zDjr5Kjj8579YXBuu+SVEQibHPp 2Q6YwSRzejs+ZieDVqgo7DQfJBi/UeLyR+Mk/Mk5tYutyZJ3kIIv49lGOhKvkJOW0Aww XfYKP5yodklaPTWzH03PZ4FsUrq9W2+D3M4A9GfxC6ma7R4ry505VdSrD9puvCma832U EElPKpbqat1O7LrS1uwHJXstSv1HCA0mYq9jBXMT3V8hyq8EzIKrNq80cYSkB0ELbyfe 1H0vhlOstRjN8gXgBd3DkSACDYP+o3GcPt4lUdyXedDqzAZY+CQAs2966ABmD4ktpabT 19+A==
X-Received: by 10.66.152.173 with SMTP id uz13mr30051192pab.73.1366966120630; Fri, 26 Apr 2013 01:48:40 -0700 (PDT)
Received: from air.dev.gree.jp (124x35x46x13.ap124.ftth.ucom.ne.jp. [124.35.46.13]) by mx.google.com with ESMTPSA id w8sm2518079pbo.9.2013.04.26.01.48.37 for <multiple recipients> (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Fri, 26 Apr 2013 01:48:38 -0700 (PDT)
Content-Type: multipart/alternative; boundary="Apple-Mail=_16383831-BADF-461D-8322-FE67169D36E4"
Mime-Version: 1.0 (Mac OS X Mail 6.3 \(1503\))
From: nov matake <matake@gmail.com>
In-Reply-To: <4E1F6AAD24975D4BA5B1680429673943676D2022@TK5EX14MBXC283.redmond.corp.microsoft.com>
Date: Fri, 26 Apr 2013 17:48:40 +0900
Message-Id: <B3379778-ABC3-424E-B4BE-F37C025F1DD0@gmail.com>
References: <4E1F6AAD24975D4BA5B1680429673943676D2022@TK5EX14MBXC283.redmond.corp.microsoft.com>
To: Mike Jones <Michael.Jones@microsoft.com>
X-Mailer: Apple Mail (2.1503)
Cc: "jose@ietf.org" <jose@ietf.org>
Subject: Re: [jose] Draft -10 of the JOSE Specifications
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/jose>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 26 Apr 2013 08:48:41 -0000

Hi Mike,

The 2nd recipient described in Section 7.1 uses RSA-OAEP for key encryption, but the encrypted key value seems to be encrypted using A128KW.
Isn't it?

On Apr 26, 2013, at 5:24 PM, Mike Jones <Michael.Jones@microsoft.com> wrote:

> Based upon working group feedback on the -09 drafts, I’ve released an update to the JSON Object Signing and Encryption (JOSE) specifications that changes the processing rules for JWEs encrypted to multiple recipients.  The new processing rules enable using AES GCM for multiple-recipient JWE objects.  This update makes no changes to the single-recipient case.
>  
> The updated specification versions are:
> ·        http://tools.ietf.org/html/draft-ietf-jose-json-web-signature-10
> ·        http://tools.ietf.org/html/draft-ietf-jose-json-web-encryption-10
> ·        http://tools.ietf.org/html/draft-ietf-jose-json-web-key-10
> ·        http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-10
>  
> HTML formatted versions are also available at:
> ·        http://self-issued.info/docs/draft-ietf-jose-json-web-signature-10.html
> ·        http://self-issued.info/docs/draft-ietf-jose-json-web-encryption-10.html
> ·        http://self-issued.info/docs/draft-ietf-jose-json-web-key-10.html
> ·        http://self-issued.info/docs/draft-ietf-jose-json-web-algorithms-10.html
>  
>                                                             -- Mike
>  
> P.S.  Also posted at http://self-issued.info/?p=1012.
>  
> _______________________________________________
> jose mailing list
> jose@ietf.org
> https://www.ietf.org/mailman/listinfo/jose