Re: [jose] #15: At least one key indicator should be mandatory

"jose issue tracker" <trac+jose@trac.tools.ietf.org> Fri, 14 June 2013 22:27 UTC

Return-Path: <trac+jose@trac.tools.ietf.org>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6F57621F99F3 for <jose@ietfa.amsl.com>; Fri, 14 Jun 2013 15:27:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.599
X-Spam-Level:
X-Spam-Status: No, score=-102.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xMZEiprYsn1G for <jose@ietfa.amsl.com>; Fri, 14 Jun 2013 15:27:33 -0700 (PDT)
Received: from grenache.tools.ietf.org (grenache.tools.ietf.org [IPv6:2a01:3f0:1:2::30]) by ietfa.amsl.com (Postfix) with ESMTP id A688C21F99D2 for <jose@ietf.org>; Fri, 14 Jun 2013 15:27:33 -0700 (PDT)
Received: from localhost ([127.0.0.1]:50166 helo=grenache.tools.ietf.org ident=www-data) by grenache.tools.ietf.org with esmtp (Exim 4.80) (envelope-from <trac+jose@trac.tools.ietf.org>) id 1UncSr-0003Ys-8s; Sat, 15 Jun 2013 00:27:25 +0200
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: "jose issue tracker" <trac+jose@trac.tools.ietf.org>
X-Trac-Version: 0.12.3
Precedence: bulk
Auto-Submitted: auto-generated
X-Mailer: Trac 0.12.3, by Edgewall Software
To: draft-ietf-jose-json-web-encryption@tools.ietf.org, ignisvulpis@gmail.com, michael.jones@microsoft.com, rlb@ipv.sx
X-Trac-Project: jose
Date: Fri, 14 Jun 2013 22:27:25 -0000
X-URL: http://tools.ietf.org/jose/
X-Trac-Ticket-URL: http://trac.tools.ietf.org/wg/jose/trac/ticket/15#comment:7
Message-ID: <064.de22d3d8e5e0ea0dd800411e031963e1@trac.tools.ietf.org>
References: <049.dec2e6a11006261f47529bfcdfa8c51d@trac.tools.ietf.org>
X-Trac-Ticket-ID: 15
In-Reply-To: <049.dec2e6a11006261f47529bfcdfa8c51d@trac.tools.ietf.org>
X-SA-Exim-Connect-IP: 127.0.0.1
X-SA-Exim-Rcpt-To: draft-ietf-jose-json-web-encryption@tools.ietf.org, ignisvulpis@gmail.com, michael.jones@microsoft.com, rlb@ipv.sx, jose@ietf.org
X-SA-Exim-Mail-From: trac+jose@trac.tools.ietf.org
X-SA-Exim-Scanned: No (on grenache.tools.ietf.org); SAEximRunCond expanded to false
Resent-To: ekr@rtfm.com, jhildebr@cisco.com, mbj@microsoft.com
Resent-Message-Id: <20130614222733.A688C21F99D2@ietfa.amsl.com>
Resent-Date: Fri, 14 Jun 2013 15:27:33 -0700 (PDT)
Resent-From: trac+jose@trac.tools.ietf.org
Cc: jose@ietf.org
Subject: Re: [jose] #15: At least one key indicator should be mandatory
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.12
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/jose>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 14 Jun 2013 22:27:34 -0000

#15: At least one key indicator should be mandatory


Comment (by michael.jones@microsoft.com):

 draft-ietf-jose-json-web-encryption-11, draft-ietf-jose-json-web-
 signature-11, and draft-ietf-jose-json-web-key-11 incorporate the
 resolution to this issue agreed to at the interim working group meeting in
 Denver.  Specifically, this new section is now present in JWS and a
 corresponding section is present in JWE:

 7.  Key Identification

    It is necessary for the recipient of a JWS to be able to determine
    the key that was employed for the digital signature or MAC operation.
    The key employed can be identified using the Header Parameter methods
    described in Section 4.1 or can be identified using methods that are
    outside the scope of this specification.  Specifically, the Header
    Parameters "jku", "jwk", "x5u", "x5t", "x5c", and "kid" can be used
    to identify the key used.  The sender SHOULD include sufficient
    information in the Header Parameters to identify the key used, unless
    the application uses another means or convention to determine the key
    used.

 Also, this text is now present in the "kid" description in JWK:

    When "kid" values are used within a JWK Set, different
    keys within the JWK Set SHOULD use distinct "kid" values.  The "kid"
    value is a case sensitive string.  Use of this member is OPTIONAL.

    When used with JWS or JWE, the "kid" value can be used to match a JWS
    or JWE "kid" header parameter value.

 Therefore, I believe that this issue should be closed as fixed.

-- 
-------------------------+-------------------------------------------------
 Reporter:  rlb@ipv.sx   |       Owner:  draft-ietf-jose-json-web-
     Type:  defect       |  encryption@tools.ietf.org
 Priority:  minor        |      Status:  new
Component:  json-web-    |   Milestone:
  encryption             |     Version:
 Severity:  -            |  Resolution:
 Keywords:               |
-------------------------+-------------------------------------------------

Ticket URL: <http://trac.tools.ietf.org/wg/jose/trac/ticket/15#comment:7>
jose <http://tools.ietf.org/jose/>