Re: [jose] #15: At least one key indicator should be mandatory
"jose issue tracker" <trac+jose@trac.tools.ietf.org> Fri, 14 June 2013 22:27 UTC
Return-Path: <trac+jose@trac.tools.ietf.org>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6F57621F99F3 for <jose@ietfa.amsl.com>; Fri, 14 Jun 2013 15:27:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.599
X-Spam-Level:
X-Spam-Status: No, score=-102.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xMZEiprYsn1G for <jose@ietfa.amsl.com>; Fri, 14 Jun 2013 15:27:33 -0700 (PDT)
Received: from grenache.tools.ietf.org (grenache.tools.ietf.org [IPv6:2a01:3f0:1:2::30]) by ietfa.amsl.com (Postfix) with ESMTP id A688C21F99D2 for <jose@ietf.org>; Fri, 14 Jun 2013 15:27:33 -0700 (PDT)
Received: from localhost ([127.0.0.1]:50166 helo=grenache.tools.ietf.org ident=www-data) by grenache.tools.ietf.org with esmtp (Exim 4.80) (envelope-from <trac+jose@trac.tools.ietf.org>) id 1UncSr-0003Ys-8s; Sat, 15 Jun 2013 00:27:25 +0200
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: jose issue tracker <trac+jose@trac.tools.ietf.org>
X-Trac-Version: 0.12.3
Precedence: bulk
Auto-Submitted: auto-generated
X-Mailer: Trac 0.12.3, by Edgewall Software
To: draft-ietf-jose-json-web-encryption@tools.ietf.org, ignisvulpis@gmail.com, michael.jones@microsoft.com, rlb@ipv.sx
X-Trac-Project: jose
Date: Fri, 14 Jun 2013 22:27:25 -0000
X-URL: http://tools.ietf.org/jose/
X-Trac-Ticket-URL: http://trac.tools.ietf.org/wg/jose/trac/ticket/15#comment:7
Message-ID: <064.de22d3d8e5e0ea0dd800411e031963e1@trac.tools.ietf.org>
References: <049.dec2e6a11006261f47529bfcdfa8c51d@trac.tools.ietf.org>
X-Trac-Ticket-ID: 15
In-Reply-To: <049.dec2e6a11006261f47529bfcdfa8c51d@trac.tools.ietf.org>
X-SA-Exim-Connect-IP: 127.0.0.1
X-SA-Exim-Rcpt-To: draft-ietf-jose-json-web-encryption@tools.ietf.org, ignisvulpis@gmail.com, michael.jones@microsoft.com, rlb@ipv.sx, jose@ietf.org
X-SA-Exim-Mail-From: trac+jose@trac.tools.ietf.org
X-SA-Exim-Scanned: No (on grenache.tools.ietf.org); SAEximRunCond expanded to false
Resent-To: ekr@rtfm.com, jhildebr@cisco.com, mbj@microsoft.com
Resent-Message-Id: <20130614222733.A688C21F99D2@ietfa.amsl.com>
Resent-Date: Fri, 14 Jun 2013 15:27:33 -0700
Resent-From: trac+jose@trac.tools.ietf.org
Cc: jose@ietf.org
Subject: Re: [jose] #15: At least one key indicator should be mandatory
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.12
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/jose>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 14 Jun 2013 22:27:34 -0000
#15: At least one key indicator should be mandatory Comment (by michael.jones@microsoft.com): draft-ietf-jose-json-web-encryption-11, draft-ietf-jose-json-web- signature-11, and draft-ietf-jose-json-web-key-11 incorporate the resolution to this issue agreed to at the interim working group meeting in Denver. Specifically, this new section is now present in JWS and a corresponding section is present in JWE: 7. Key Identification It is necessary for the recipient of a JWS to be able to determine the key that was employed for the digital signature or MAC operation. The key employed can be identified using the Header Parameter methods described in Section 4.1 or can be identified using methods that are outside the scope of this specification. Specifically, the Header Parameters "jku", "jwk", "x5u", "x5t", "x5c", and "kid" can be used to identify the key used. The sender SHOULD include sufficient information in the Header Parameters to identify the key used, unless the application uses another means or convention to determine the key used. Also, this text is now present in the "kid" description in JWK: When "kid" values are used within a JWK Set, different keys within the JWK Set SHOULD use distinct "kid" values. The "kid" value is a case sensitive string. Use of this member is OPTIONAL. When used with JWS or JWE, the "kid" value can be used to match a JWS or JWE "kid" header parameter value. Therefore, I believe that this issue should be closed as fixed. -- -------------------------+------------------------------------------------- Reporter: rlb@ipv.sx | Owner: draft-ietf-jose-json-web- Type: defect | encryption@tools.ietf.org Priority: minor | Status: new Component: json-web- | Milestone: encryption | Version: Severity: - | Resolution: Keywords: | -------------------------+------------------------------------------------- Ticket URL: <http://trac.tools.ietf.org/wg/jose/trac/ticket/15#comment:7> jose <http://tools.ietf.org/jose/>
- Re: [jose] #15: At least one key indicator should… jose issue tracker
- [jose] #15: Broken examples in JWE / JWS jose issue tracker
- Re: [jose] #15: Broken examples in JWE / JWS jose issue tracker
- Re: [jose] #15: Broken examples in JWE / JWS Jim Schaad
- Re: [jose] #15: Broken examples in JWE / JWS Richard Barnes
- Re: [jose] #15: Broken examples in JWE / JWS jose issue tracker
- Re: [jose] #15: Broken examples in JWE / JWS Richard Barnes
- Re: [jose] #15: Broken examples in JWE / JWS Jim Schaad
- Re: [jose] #15: At least one key indicator should… jose issue tracker
- Re: [jose] #15: Broken examples in JWE / JWS Richard Barnes
- Re: [jose] #15: At least one key indicator should… jose issue tracker
- Re: [jose] #15: Broken examples in JWE / JWS Brian Campbell
- Re: [jose] #15: Broken examples in JWE / JWS Richard Barnes
- Re: [jose] #15: Broken examples in JWE / JWS Mike Jones
- Re: [jose] #15: Broken examples in JWE / JWS Jim Schaad
- Re: [jose] #15: Broken examples in JWE / JWS Richard Barnes
- Re: [jose] #15: Broken examples in JWE / JWS Dick Hardt
- Re: [jose] #15: Broken examples in JWE / JWS Mike Jones
- Re: [jose] #15: Broken examples in JWE / JWS Dick Hardt
- Re: [jose] #15: Broken examples in JWE / JWS Dick Hardt
- Re: [jose] #15: At least one key indicator should… jose issue tracker
- Re: [jose] #15: At least one key indicator should… jose issue tracker
- Re: [jose] #15: At least one key indicator should… jose issue tracker