IETF Logo Mail Archive

Re: [jose] Proposal about the SPI proposal

Anthony Nadalin <tonynad@microsoft.com> Sat, 09 February 2013 00:48 UTC

Return-Path: <tonynad@microsoft.com>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B3CC221F8C1F for <jose@ietfa.amsl.com>; Fri, 8 Feb 2013 16:48:40 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.534
X-Spam-Level:
X-Spam-Status: No, score=0.534 tagged_above=-999 required=5 tests=[AWL=-0.000, BAYES_00=-2.599, HTML_MESSAGE=0.001, UNRESOLVED_TEMPLATE=3.132]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pXmScmD2zxcs for <jose@ietfa.amsl.com>; Fri, 8 Feb 2013 16:48:39 -0800 (PST)
Received: from na01-by2-obe.outbound.protection.outlook.com (na01-by2-obe.ptr.protection.outlook.com [207.46.100.31]) by ietfa.amsl.com (Postfix) with ESMTP id B01BC21F8423 for <jose@ietf.org>; Fri, 8 Feb 2013 16:48:39 -0800 (PST)
Received: from BL2FFO11FD017.protection.gbl (10.173.161.200) by BL2FFO11HUB033.protection.gbl (10.173.161.113) with Microsoft SMTP Server (TLS) id 15.0.609.9; Sat, 9 Feb 2013 00:48:37 +0000
Received: from TK5EX14HUBC106.redmond.corp.microsoft.com (131.107.125.37) by BL2FFO11FD017.mail.protection.outlook.com (10.173.161.35) with Microsoft SMTP Server (TLS) id 15.0.609.9 via Frontend Transport; Sat, 9 Feb 2013 00:48:36 +0000
Received: from ch1outboundpool.messaging.microsoft.com (157.54.51.81) by mail.microsoft.com (157.54.80.61) with Microsoft SMTP Server (TLS) id 14.2.318.3; Sat, 9 Feb 2013 00:48:32 +0000
Received: from mail222-ch1-R.bigfish.com (10.43.68.250) by CH1EHSOBE004.bigfish.com (10.43.70.54) with Microsoft SMTP Server id 14.1.225.23; Sat, 9 Feb 2013 00:48:31 +0000
Received: from mail222-ch1 (localhost [127.0.0.1]) by mail222-ch1-R.bigfish.com (Postfix) with ESMTP id 4476D2E0345 for <jose@ietf.org.FOPE.CONNECTOR.OVERRIDE>; Sat, 9 Feb 2013 00:48:31 +0000 (UTC)
X-Forefront-Antispam-Report-Untrusted: CIP:157.56.240.21; KIP:(null); UIP:(null); (null); H:BL2PRD0310HT003.namprd03.prod.outlook.com; R:internal; EFV:INT
X-SpamScore: -17
X-BigFish: PS-17(zz9371Ic85fh4015Izz1f42h1ee6h1de0h1202h1e76h1d1ah1d2ah1082kzz18de19h1033IL17326ah8275bh8275dh18c673hz31h2a8h668h839hd24hf0ah1288h12a5h12bdh137ah1441h1504h1537h153bh162dh1631h1758h18e1h1946h19b5h19ceh9a9j1155h)
Received-SPF: softfail (mail222-ch1: transitioning domain of microsoft.com does not designate 157.56.240.21 as permitted sender) client-ip=157.56.240.21; envelope-from=tonynad@microsoft.com; helo=BL2PRD0310HT003.namprd03.prod.outlook.com ; .outlook.com ;
X-Forefront-Antispam-Report-Untrusted: SFV:SKI; SFS:; DIR:OUT; SFP:; SCL:-1; SRVR:BY2PR03MB041; H:BY2PR03MB041.namprd03.prod.outlook.com; LANG:en;
Received: from mail222-ch1 (localhost.localdomain [127.0.0.1]) by mail222-ch1 (MessageSwitch) id 1360370909286755_11550; Sat, 9 Feb 2013 00:48:29 +0000 (UTC)
Received: from CH1EHSMHS015.bigfish.com (snatpool2.int.messaging.microsoft.com [10.43.68.231]) by mail222-ch1.bigfish.com (Postfix) with ESMTP id 40CFE1800FB; Sat, 9 Feb 2013 00:48:29 +0000 (UTC)
Received: from BL2PRD0310HT003.namprd03.prod.outlook.com (157.56.240.21) by CH1EHSMHS015.bigfish.com (10.43.70.15) with Microsoft SMTP Server (TLS) id 14.1.225.23; Sat, 9 Feb 2013 00:48:29 +0000
Received: from BY2PR03MB041.namprd03.prod.outlook.com (10.255.241.145) by BL2PRD0310HT003.namprd03.prod.outlook.com (10.255.97.38) with Microsoft SMTP Server (TLS) id 14.16.263.1; Sat, 9 Feb 2013 00:48:28 +0000
Received: from BY2PR03MB041.namprd03.prod.outlook.com (10.255.241.145) by BY2PR03MB041.namprd03.prod.outlook.com (10.255.241.145) with Microsoft SMTP Server (TLS) id 15.0.620.10; Sat, 9 Feb 2013 00:48:25 +0000
Received: from BY2PR03MB041.namprd03.prod.outlook.com ([169.254.8.183]) by BY2PR03MB041.namprd03.prod.outlook.com ([169.254.8.4]) with mapi id 15.00.0620.005; Sat, 9 Feb 2013 00:48:24 +0000
From: Anthony Nadalin <tonynad@microsoft.com>
To: Brian Campbell <bcampbell@pingidentity.com>, "jose@ietf.org" <jose@ietf.org>
Thread-Topic: [jose] Proposal about the SPI proposal
Thread-Index: AQHOBlBsTBy+uMxIbUieIaoghhF3O5hwsUVw
Date: Sat, 09 Feb 2013 00:48:24 +0000
Message-ID: <bc77a9d8f8e44d25b669d7eac5a7e45f@BY2PR03MB041.namprd03.prod.outlook.com>
References: <CA+k3eCTo_=P_SQCG_ypiksVb-bfjuJ4Q9vt4r10wpuKPbFUWBg@mail.gmail.com>
In-Reply-To: <CA+k3eCTo_=P_SQCG_ypiksVb-bfjuJ4Q9vt4r10wpuKPbFUWBg@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [131.107.147.253]
Content-Type: multipart/alternative; boundary="_000_bc77a9d8f8e44d25b669d7eac5a7e45fBY2PR03MB041namprd03pro_"
MIME-Version: 1.0
X-OrganizationHeadersPreserved: BY2PR03MB041.namprd03.prod.outlook.com
X-FOPE-CONNECTOR: Id%0$Dn%*$RO%0$TLS%0$FQDN%$TlsDn%
X-FOPE-CONNECTOR: Id%59$Dn%IETF.ORG$RO%2$TLS%6$FQDN%corpf5vips-237160.customer.frontbridge.com$TlsDn%
X-FOPE-CONNECTOR: Id%59$Dn%PINGIDENTITY.COM$RO%2$TLS%6$FQDN%corpf5vips-237160.customer.frontbridge.com$TlsDn%
X-CrossPremisesHeadersPromoted: TK5EX14HUBC106.redmond.corp.microsoft.com
X-CrossPremisesHeadersFiltered: TK5EX14HUBC106.redmond.corp.microsoft.com
X-Forefront-Antispam-Report: CIP:131.107.125.37; CTRY:US; IPV:CAL; IPV:NLI; EFV:NLI; SFV:NSPM; SFS:(199002)(189002)(164054002)(377454001)(50986001)(46102001)(56776001)(20776003)(31966008)(53806001)(4396001)(5343655001)(16676001)(44976002)(51856001)(16297215001)(16236675001)(63696002)(80022001)(54316002)(74502001)(33646001)(47736001)(56816002)(5343635001)(59766001)(6806001)(74662001)(76482001)(79102001)(54356001)(47446002)(77982001)(66066001)(65816001)(15202345001)(512954001)(49866001)(47976001)(42262001)(24736002); DIR:OUT; SFP:; SCL:1; SRVR:BL2FFO11HUB033; H:TK5EX14HUBC106.redmond.corp.microsoft.com; RD:InfoDomainNonexistent; A:1; MX:1; LANG:en;
X-OriginatorOrg: microsoft.onmicrosoft.com
X-Forefront-PRVS: 07521929C1
Subject: Re: [jose] Proposal about the SPI proposal
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/jose>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 09 Feb 2013 00:48:40 -0000

+1 I think a new I-D would be appropriate as this give us additional time to review, discuss and process

From: jose-bounces@ietf.org [mailto:jose-bounces@ietf.org] On Behalf Of Brian Campbell
Sent: Friday, February 8, 2013 3:01 PM
To: jose@ietf.org
Subject: [jose] Proposal about the SPI proposal

Maybe this was apparent from my comments/questions on the SPI proposal over the last couple days[1] but I have concerns that run the gamut from operational complexity and fragility to security problems. I believe strongly that, without considerably more analysis and specification detail, the current SPI work is much too risky to consider go in the current base JOSE WG drafts.
As an alternative I'd like to request/propose that the SPI stuff be submitted as new I-D to help facilitate that additional discussion and analysis that I think it needs.

Thanks,
Brian

[1] http://www.ietf.org/mail-archive/web/jose/current/msg01500.html

v2.23.0 | Report a Bug | By Email