Re: [jose] #16: URI identifying a specific key in a JWK set
"jose issue tracker" <trac+jose@trac.tools.ietf.org> Sat, 30 March 2013 23:19 UTC
Return-Path: <trac+jose@trac.tools.ietf.org>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 50EF621F85A0 for <jose@ietfa.amsl.com>; Sat, 30 Mar 2013 16:19:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.599
X-Spam-Level:
X-Spam-Status: No, score=-102.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Fic4xMO5uxVi for <jose@ietfa.amsl.com>; Sat, 30 Mar 2013 16:19:21 -0700 (PDT)
Received: from grenache.tools.ietf.org (grenache.tools.ietf.org [IPv6:2a01:3f0:1:2::30]) by ietfa.amsl.com (Postfix) with ESMTP id A87AA21F857A for <jose@ietf.org>; Sat, 30 Mar 2013 16:19:20 -0700 (PDT)
Received: from localhost ([127.0.0.1]:50731 helo=grenache.tools.ietf.org ident=www-data) by grenache.tools.ietf.org with esmtp (Exim 4.80) (envelope-from <trac+jose@trac.tools.ietf.org>) id 1UM53K-0000wg-UU; Sun, 31 Mar 2013 00:19:14 +0100
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: jose issue tracker <trac+jose@trac.tools.ietf.org>
X-Trac-Version: 0.12.3
Precedence: bulk
Auto-Submitted: auto-generated
X-Mailer: Trac 0.12.3, by Edgewall Software
To: draft-ietf-jose-json-web-key@tools.ietf.org, michael.jones@microsoft.com
X-Trac-Project: jose
Date: Sat, 30 Mar 2013 23:19:14 -0000
X-URL: http://tools.ietf.org/jose/
X-Trac-Ticket-URL: http://trac.tools.ietf.org/wg/jose/trac/ticket/16#comment:1
Message-ID: <073.97f52f55118bcf1f267077e78a7fa163@trac.tools.ietf.org>
References: <058.7d398c285ac07c1a4b2f1bfd0d8b7312@trac.tools.ietf.org>
X-Trac-Ticket-ID: 16
In-Reply-To: <058.7d398c285ac07c1a4b2f1bfd0d8b7312@trac.tools.ietf.org>
X-SA-Exim-Connect-IP: 127.0.0.1
X-SA-Exim-Rcpt-To: draft-ietf-jose-json-web-key@tools.ietf.org, michael.jones@microsoft.com, jose@ietf.org
X-SA-Exim-Mail-From: trac+jose@trac.tools.ietf.org
X-SA-Exim-Scanned: No (on grenache.tools.ietf.org); SAEximRunCond expanded to false
Resent-To: mbj@microsoft.com
Resent-Message-Id: <20130330231921.A87AA21F857A@ietfa.amsl.com>
Resent-Date: Sat, 30 Mar 2013 16:19:20 -0700
Resent-From: trac+jose@trac.tools.ietf.org
Cc: jose@ietf.org
Subject: Re: [jose] #16: URI identifying a specific key in a JWK set
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.12
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/jose>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 30 Mar 2013 23:19:22 -0000
#16: URI identifying a specific key in a JWK set Comment (by michael.jones@microsoft.com): First, having just a "jku" value is often sufficient to determine which key to use, as other parameters in the JWK Set such as the "use" or "alg" parameters may be used to unambiguously determine which key to use. There may also be only one key in the set. Second, we already support more than one means of disambiguating keys within JWK Sets, including using the "kty", "kid", "use", and "alg" values as inputs to this decision. And once the spec says that other fields must be ignored if not understood, I'm sure that people will use other key properties they'll invent such as ("current": true) to aid in the key selection process for their applications. I understand that the request may seem simple on the face of it, but doing this in a general way would involve more than just using a "kid" value as a fragment identifier for a "jku" value. As such, the proposal seems underspecified to me. Furthermore, if all that's being conveyed is a "jku" value and a "kid" value pair - we already have a straightforward way of doing that - include both parameters in the header. Whereas requiring implementations to support two ways of accepting the same information doesn't seem like a good cost/benefit tradeoff. -- -------------------------+------------------------------------------------- Reporter: | Owner: draft-ietf-jose-json-web- james@manger.com.au | key@tools.ietf.org Type: defect | Status: new Priority: major | Milestone: Component: json-web- | Version: key | Resolution: Severity: - | Keywords: | -------------------------+------------------------------------------------- Ticket URL: <http://trac.tools.ietf.org/wg/jose/trac/ticket/16#comment:1> jose <http://tools.ietf.org/jose/>
- [jose] #16: URI identifying a specific key in a J… jose issue tracker
- Re: [jose] #16: URI identifying a specific key in… Brian Campbell
- Re: [jose] #16: URI identifying a specific key in… Richard Barnes
- Re: [jose] #16: URI identifying a specific key in… Manger, James H
- Re: [jose] #16: URI identifying a specific key in… Richard Barnes
- Re: [jose] #16: URI identifying a specific key in… Peck, Michael A
- Re: [jose] #16: URI identifying a specific key in… jose issue tracker
- Re: [jose] #16: URI identifying a specific key in… Dick Hardt
- Re: [jose] #16: URI identifying a specific key in… Manger, James H
- Re: [jose] #16: URI identifying a specific key in… jose issue tracker
- Re: [jose] #16: URI identifying a specific key in… Manger, James H
- Re: [jose] #16: URI identifying a specific key in… Justin Richer
- Re: [jose] #16: URI identifying a specific key in… Mike Jones
- Re: [jose] #16: URI identifying a specific key in… Manger, James H
- Re: [jose] #16: URI identifying a specific key in… jose issue tracker