Re: [jose] Ben Campbell's No Objection on draft-ietf-jose-jws-signing-input-options-07: (with COMMENT)

Mike Jones <Michael.Jones@microsoft.com> Wed, 23 December 2015 16:22 UTC

Return-Path: <Michael.Jones@microsoft.com>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 40FAA1A1B3C; Wed, 23 Dec 2015 08:22:03 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.002
X-Spam-Level:
X-Spam-Status: No, score=-2.002 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eQP0IRzl0bsi; Wed, 23 Dec 2015 08:22:01 -0800 (PST)
Received: from na01-by2-obe.outbound.protection.outlook.com (mail-by2on0104.outbound.protection.outlook.com [207.46.100.104]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 213FA1A00BB; Wed, 23 Dec 2015 08:22:00 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector1; h=From:To:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=hpoqKKw/UQgIDcSqvoCDbTtpJW0L4ayHH6xReKn5G5A=; b=ZYfcZiPu+kVKExnLAglEY/3482tTjKpjt+tZ1hDi06Z8EWPmXHFMcQxgmeL88uHypIVlnFaZhX2FCFlSjWjzOOX8t5VY4XJOvvCIjusYavkcf1cHhB7X51gPEnN4IQMrGJVICXUemgdFW2qVACd2wNKP74wmtm/H1vxDatdS64A=
Received: from BY2PR03MB442.namprd03.prod.outlook.com (10.141.141.145) by BY2PR03MB444.namprd03.prod.outlook.com (10.141.141.154) with Microsoft SMTP Server (TLS) id 15.1.361.13; Wed, 23 Dec 2015 16:21:58 +0000
Received: from BY2PR03MB442.namprd03.prod.outlook.com ([10.141.141.145]) by BY2PR03MB442.namprd03.prod.outlook.com ([10.141.141.145]) with mapi id 15.01.0361.006; Wed, 23 Dec 2015 16:21:58 +0000
From: Mike Jones <Michael.Jones@microsoft.com>
To: Ben Campbell <ben@nostrum.com>, The IESG <iesg@ietf.org>
Thread-Topic: Ben Campbell's No Objection on draft-ietf-jose-jws-signing-input-options-07: (with COMMENT)
Thread-Index: AQHROFfKWGQxcPcTvkOVafGo9krzSp7OVxgQgAp0NvA=
Date: Wed, 23 Dec 2015 16:21:58 +0000
Message-ID: <BY2PR03MB442AA17ADEDC3ABDAF900F7F5E60@BY2PR03MB442.namprd03.prod.outlook.com>
References: <20151216231624.29134.40161.idtracker@ietfa.amsl.com> <BL2PR03MB433BCAE9592760A4EEDC544F5E00@BL2PR03MB433.namprd03.prod.outlook.com>
In-Reply-To: <BL2PR03MB433BCAE9592760A4EEDC544F5E00@BL2PR03MB433.namprd03.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=Michael.Jones@microsoft.com;
x-originating-ip: [50.47.85.157]
x-microsoft-exchange-diagnostics: 1; BY2PR03MB444; 5:u+YqAwhZ3Y5SXjO1WMNaOWuI66eLifQFRbL9lmh6f55gwWPaNIzYRee+0ZgKuanBg0jrR2yqp9i3C9Ulw9QRW9zJoB/Dl3yUhyBeWeQfk953f3u17OJ3q20/qkbj09XFwBkhCdmoZQREVmK88HFd5w==; 24:zQqTrbbeYHIrnsLJcvVwB+vs8Bisiqp9PjjSAeZNiOv3dKD8DStGBS4JVaKicWIdiG+MiB4As+UnpPz/VA3dSqTMZFABiDGi1tsvMCpZdN4=
x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:BY2PR03MB444;
x-microsoft-antispam-prvs: <BY2PR03MB44421C739CCDDD8BA8B1E4AF5E60@BY2PR03MB444.namprd03.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:;
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(61425038)(601004)(2401047)(5005006)(520078)(8121501046)(10201501046)(3002001)(61426038)(61427038); SRVR:BY2PR03MB444; BCL:0; PCL:0; RULEID:; SRVR:BY2PR03MB444;
x-forefront-prvs: 0799B1B2D7
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(6009001)(69234005)(189002)(13464003)(43784003)(52044002)(199003)(377454003)(74316001)(86362001)(122556002)(106356001)(99286002)(105586002)(92566002)(8990500004)(106116001)(86612001)(586003)(10090500001)(5005710100001)(10400500002)(5003600100002)(87936001)(10290500002)(5002640100001)(189998001)(11100500001)(5008740100001)(5001770100001)(1096002)(102836003)(1220700001)(3846002)(5001960100002)(5004730100002)(6116002)(97736004)(66066001)(54356999)(76176999)(50986999)(40100003)(77096005)(2900100001)(15975445007)(33656002)(2950100001)(101416001)(230783001)(19580405001)(19580395003)(76576001)(81156007); DIR:OUT; SFP:1102; SCL:1; SRVR:BY2PR03MB444; H:BY2PR03MB442.namprd03.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:1; LANG:en;
received-spf: None (protection.outlook.com: microsoft.com does not designate permitted sender hosts)
spamdiagnosticoutput: 1:23
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
X-MS-Exchange-CrossTenant-originalarrivaltime: 23 Dec 2015 16:21:58.1029 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BY2PR03MB444
Archived-At: <http://mailarchive.ietf.org/arch/msg/jose/CA6NrRzjD0-JQUhaMecDXrxTDlc>
Cc: "ietf@augustcellars.com" <ietf@augustcellars.com>, "jose-chairs@ietf.org" <jose-chairs@ietf.org>, "draft-ietf-jose-jws-signing-input-options@ietf.org" <draft-ietf-jose-jws-signing-input-options@ietf.org>, "jose@ietf.org" <jose@ietf.org>
Subject: Re: [jose] Ben Campbell's No Objection on draft-ietf-jose-jws-signing-input-options-07: (with COMMENT)
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/jose/>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 23 Dec 2015 16:22:03 -0000

FYI, Ben, "crit" is now required with "b64", as you'd requested.

-----Original Message-----
From: Mike Jones [mailto:Michael.Jones@microsoft.com] 
Sent: Wednesday, December 16, 2015 5:01 PM
To: Ben Campbell <ben@nostrum.com>; The IESG <iesg@ietf.org>
Cc: draft-ietf-jose-jws-signing-input-options@ietf.org; Jim Schaad <ietf@augustcellars.com>; jose-chairs@ietf.org; ietf@augustcellars.com; jose@ietf.org
Subject: RE: Ben Campbell's No Objection on draft-ietf-jose-jws-signing-input-options-07: (with COMMENT)

Hi Ben.  Thanks for your useful review.

> -----Original Message-----
> From: Ben Campbell [mailto:ben@nostrum.com]
> Sent: Thursday, December 17, 2015 12:16 AM
> To: The IESG <iesg@ietf.org>
> Cc: draft-ietf-jose-jws-signing-input-options@ietf.org; Mike Jones 
> <Michael.Jones@microsoft.com>; Jim Schaad <ietf@augustcellars.com>; 
> jose-chairs@ietf.org; ietf@augustcellars.com; jose@ietf.org
> Subject: Ben Campbell's No Objection on 
> draft-ietf-jose-jws-signing-input-
> options-07: (with COMMENT)
> 
> Ben Campbell has entered the following ballot position for
> draft-ietf-jose-jws-signing-input-options-07: No Objection
> 
> When responding, please keep the subject line intact and reply to all 
> email addresses included in the To and CC lines. (Feel free to cut 
> this introductory paragraph, however.)
> 
> 
> Please refer to 
> https://www.ietf.org/iesg/statement/discuss-criteria.html
> for more information about IESG DISCUSS and COMMENT positions.
> 
> 
> The document, along with other ballot positions, can be found here:
> https://datatracker.ietf.org/doc/draft-ietf-jose-jws-signing-input-opt
> ions/
> 
> 
> 
> ----------------------------------------------------------------------
> COMMENT:
> ----------------------------------------------------------------------
> 
> -7, last paragraph:
> 
> " Thus, method 1 -
>    requiring support for this extension - is the preferred approach and
>    the only means for this extension to be practically useful to
>    applications."
> 
> One might wonder why method 2 and 3 are included. I assume it is to 
> allow existing apps to migrate to method 1 over time? If so, some 
> guidance on app migration might be useful.

Methods 2 and 3 are not about application functionality migration.  In both of these cases, the application doesn't work if it doesn't support the extension, so there's no migration path enabled by them.  They're there strictly to describe how to ensure that JWSs that would be misunderstood by recipients not implementing the extension are cleanly rejected by those implementations, rather being processed with incorrect payloads.  I'll look into adding text to that effect in the draft.

> Editorial:
> 
> -6, last paragraph:
> It’s confusing to see "(JWT) [JWT]" . I suggest either removing (JWT), 
> or changing the anchor for the citation to use [RFC7519]

Barry made the same observation. :-)  Will do.

				Thanks again,
				-- Mike