Re: [jose] Should we keep or remove the JOSE JWS and JWE MIME types?
Brian Campbell <bcampbell@pingidentity.com> Thu, 20 June 2013 20:48 UTC
Return-Path: <bcampbell@pingidentity.com>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 725B121F9F05 for <jose@ietfa.amsl.com>; Thu, 20 Jun 2013 13:48:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.976
X-Spam-Level:
X-Spam-Status: No, score=-5.976 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QJVYc5adHJBC for <jose@ietfa.amsl.com>; Thu, 20 Jun 2013 13:48:17 -0700 (PDT)
Received: from na3sys009aog118.obsmtp.com (na3sys009aog118.obsmtp.com [74.125.149.244]) by ietfa.amsl.com (Postfix) with ESMTP id 22B2321F9EF7 for <jose@ietf.org>; Thu, 20 Jun 2013 13:48:17 -0700 (PDT)
Received: from mail-ie0-f171.google.com ([209.85.223.171]) (using TLSv1) by na3sys009aob118.postini.com ([74.125.148.12]) with SMTP ID DSNKUcNqkKQlZaSAzgI7mRoR3dh6zWUKwXrW@postini.com; Thu, 20 Jun 2013 13:48:17 PDT
Received: by mail-ie0-f171.google.com with SMTP id qd12so17734986ieb.2 for <jose@ietf.org>; Thu, 20 Jun 2013 13:48:16 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type:x-gm-message-state; bh=qNM8TEQ8yCN3PHZku6bhCyHDcsZHnZ2YZQECJ1YTqi8=; b=bx08IH6M1bju2B0B+cjk/xLooqTpy1+WTvkdTjNqBlSVd/N5wtIsu7RgLhHayHuQQi Ffz85Xv/ntuCRNpUa5EDIG1Q7WlOTmUpbLzywYfVmddFoOh9u8PuBvTAX8t2xcg1jPST ddBaEAWW5WrGtIJkGBLrLHjgk3Y819XCauGKnzGkFNFGWM/7yQ626nR0+x/P1SKwnlgE Oni0SqtuyP6NoF8nqVkWx8bsxJnXwt7RfFNp3uhn7YqEXDLq+w4sE4A0wF1UAgVn04zG iFb976KhbLZC7AJfNJz1r/bwJ++qs2gUV09OaQQQUBf7rSxmUhfoVrGe19xywGzP85Zd 0Xdw==
X-Received: by 10.50.55.42 with SMTP id o10mr748927igp.28.1371761296488; Thu, 20 Jun 2013 13:48:16 -0700 (PDT)
X-Received: by 10.50.55.42 with SMTP id o10mr748921igp.28.1371761296370; Thu, 20 Jun 2013 13:48:16 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.64.41.34 with HTTP; Thu, 20 Jun 2013 13:47:46 -0700 (PDT)
In-Reply-To: <1371760769.7926.YahooMailRC@web184402.mail.bf1.yahoo.com>
References: <4E1F6AAD24975D4BA5B1680429673943678735D4@TK5EX14MBXC283.redmond.corp.microsoft.com> <1371760769.7926.YahooMailRC@web184402.mail.bf1.yahoo.com>
From: Brian Campbell <bcampbell@pingidentity.com>
Date: Thu, 20 Jun 2013 14:47:46 -0600
Message-ID: <CA+k3eCRS1Fri_fW310UKdvwBMXA1+wdxtdBBc2cnUPypQs7zBQ@mail.gmail.com>
To: Edmund Jay <ejay@mgi1.com>
Content-Type: multipart/alternative; boundary="047d7b111981c980c304df9c1085"
X-Gm-Message-State: ALoCoQmTkR7xB5LDWG+DwravH5imol3kYzTpJj14v2VuIrQb/RFX8fNE9GrPwQX6r84arrsTAhCVh1Z4WqzXjw2uu7Cyrqjz2/n0cjV6PHo5uWAvH0vHf7UJrVke3+HgeOqa1uLv87BQ
Cc: Mike Jones <Michael.Jones@microsoft.com>, "jose@ietf.org" <jose@ietf.org>
Subject: Re: [jose] Should we keep or remove the JOSE JWS and JWE MIME types?
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/jose>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 20 Jun 2013 20:48:22 -0000
I'm okay dropping them. On Thu, Jun 20, 2013 at 2:39 PM, Edmund Jay <ejay@mgi1.com> wrote: > +1 in favor of dropping > > ------------------------------ > *From:* Mike Jones <Michael.Jones@microsoft.com> > *To:* "jose@ietf.org" <jose@ietf.org> > *Sent:* Tue, June 18, 2013 6:42:15 PM > *Subject:* [jose] Should we keep or remove the JOSE JWS and JWE MIME > types? > > The JWS and JWE documents currently define these MIME types for the > convenience of applications that may want to use them: > > application/jws > > application/jws+json > > application/jwe > > application/jwe+json > > > > That being said, I’m not aware of any uses of these by applications at > present. Thus, I think that makes it fair game to ask whether we want to > keep them or remove them – in which case, if applications ever needed them, > they could define them later. > > > > Another dimension of this question for JWS and JWE is that it’s not clear > that the four types application/jws, application/jws+json, application/jwe, > and application/jwe+json are even the right ones. It might be more useful > to have generic application/jose and application/jose+json types, which > could hold either JWS or JWE objects respectively using the compact or JSON > serializations (although I’m not advocating adding them at this time). > > > > Having different JWS versus JWE MIME types apparently did contribute to at > least Dick’s confusion about the purpose of the “typ” field, so deleting > them could help eliminate this possibility of confusion in the future. > Thus, I’m increasingly convinced we should get rid of the JWS and JWE types > and leave it up to applications to define the types they need, when they > need them. > > > > Do people have use cases for these four MIME types now or should we leave > them to future specs to define, if needed? > > > > -- Mike > > > > P.S. For completeness, I’ll add that the JWK document also defines these > MIME types: > > application/jwk+json > > application/jwk-set+json > > > > There are already clear use cases for these types, so I’m not advocating > deleting them, but wanted to call that out explicitly. For instance, when > retrieving a JWK Set document referenced by a “jku” header parameter, I > believe that the result should use the application/jwk-set+json type. (In > fact, I’ll add this to the specs, unless there are any objections.) > Likewise, draft-miller-jose-jwe-protected-jwk-02 already uses > application/jwk+json. Both could also be as “cty” values when encrypting > JWKs and JWK Sets, in contexts where that that would be useful. > > > > _______________________________________________ > jose mailing list > jose@ietf.org > https://www.ietf.org/mailman/listinfo/jose > >
- Re: [jose] Should we keep or remove the JOSE JWS … Manger, James H
- [jose] Should we keep or remove the JOSE JWS and … Mike Jones
- Re: [jose] Should we keep or remove the JOSE JWS … Jim Schaad
- Re: [jose] Should we keep or remove the JOSE JWS … Mike Jones
- Re: [jose] Should we keep or remove the JOSE JWS … Manger, James H
- Re: [jose] Should we keep or remove the JOSE JWS … Richard Barnes
- Re: [jose] Should we keep or remove the JOSE JWS … Mike Jones
- Re: [jose] Should we keep or remove the JOSE JWS … Justin Richer
- Re: [jose] Should we keep or remove the JOSE JWS … Justin Richer
- Re: [jose] Should we keep or remove the JOSE JWS … Richard Barnes
- Re: [jose] Should we keep or remove the JOSE JWS … Matt Miller (mamille2)
- Re: [jose] Should we keep or remove the JOSE JWS … Justin Richer
- Re: [jose] Should we keep or remove the JOSE JWS … Mike Jones
- Re: [jose] Should we keep or remove the JOSE JWS … Mike Jones
- Re: [jose] Should we keep or remove the JOSE JWS … Richard Barnes
- Re: [jose] Should we keep or remove the JOSE JWS … Jim Schaad
- Re: [jose] Should we keep or remove the JOSE JWS … Mike Jones
- Re: [jose] Should we keep or remove the JOSE JWS … Edmund Jay
- Re: [jose] Should we keep or remove the JOSE JWS … Richard Barnes
- Re: [jose] Should we keep or remove the JOSE JWS … Brian Campbell
- Re: [jose] Should we keep or remove the JOSE JWS … Richard Barnes
- Re: [jose] Should we keep or remove the JOSE JWS … John Bradley
- Re: [jose] Should we keep or remove the JOSE JWS … Manger, James H
- Re: [jose] Should we keep or remove the JOSE JWS … Tony Hansen