Re: [jose] Allow compression of plain and JWS too?
"Manger, James H" <James.H.Manger@team.telstra.com> Mon, 04 June 2012 01:38 UTC
Return-Path: <James.H.Manger@team.telstra.com>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 733D221F87FA for <jose@ietfa.amsl.com>; Sun, 3 Jun 2012 18:38:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.744
X-Spam-Level:
X-Spam-Status: No, score=-1.744 tagged_above=-999 required=5 tests=[AWL=1.157, BAYES_00=-2.599, GB_I_LETTER=-2, HELO_EQ_AU=0.377, HOST_EQ_AU=0.327, RELAY_IS_203=0.994]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sN-Y3eCesBZF for <jose@ietfa.amsl.com>; Sun, 3 Jun 2012 18:38:51 -0700 (PDT)
Received: from ipxcvo.tcif.telstra.com.au (ipxcvo.tcif.telstra.com.au [203.35.135.208]) by ietfa.amsl.com (Postfix) with ESMTP id BB1F321F87FB for <jose@ietf.org>; Sun, 3 Jun 2012 18:38:48 -0700 (PDT)
X-IronPort-AV: E=Sophos;i="4.75,710,1330866000"; d="scan'208";a="78617092"
Received: from unknown (HELO ipccvi.tcif.telstra.com.au) ([10.97.217.208]) by ipocvi.tcif.telstra.com.au with ESMTP; 04 Jun 2012 11:38:48 +1000
X-IronPort-AV: E=McAfee;i="5400,1158,6731"; a="66740534"
Received: from wsmsg3756.srv.dir.telstra.com ([172.49.40.84]) by ipccvi.tcif.telstra.com.au with ESMTP; 04 Jun 2012 11:38:47 +1000
Received: from WSMSG3153V.srv.dir.telstra.com ([172.49.40.159]) by wsmsg3756.srv.dir.telstra.com ([172.49.40.84]) with mapi; Mon, 4 Jun 2012 11:38:47 +1000
From: "Manger, James H" <James.H.Manger@team.telstra.com>
To: John Bradley <ve7jtb@ve7jtb.com>, Vladimir Dzhuvinov / NimbusDS <vladimir@nimbusds.com>
Date: Mon, 04 Jun 2012 11:38:46 +1000
Thread-Topic: [jose] Allow compression of plain and JWS too?
Thread-Index: Ac1B76uKXUIODGf9Qf6GHGw9RYRsSAAACWdw
Message-ID: <255B9BB34FB7D647A506DC292726F6E114F51D2712@WSMSG3153V.srv.dir.telstra.com>
References: <20120531050148.cc40c4f3d92d2001859047cd8cabb9ab.af6dca8411.wbe@email07.europe.secureserver.net> <BF44F421-BA42-445B-8AC8-DA5BDDAB8F2D@ve7jtb.com>
In-Reply-To: <BF44F421-BA42-445B-8AC8-DA5BDDAB8F2D@ve7jtb.com>
Accept-Language: en-US, en-AU
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US, en-AU
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Cc: "jose@ietf.org" <jose@ietf.org>
Subject: Re: [jose] Allow compression of plain and JWS too?
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/jose>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 04 Jun 2012 01:38:52 -0000
> Compression is required before encryption as your can't encrypt after > (if your encryption is any good). > > With signing you can always leave it to transport or some other process > to compress it if required. Compressing text after base64url-encoding (eg by the transport) is not nearly as effective as compressing the actual text. > We did note that the http layer supports compression as well. > > We previously came to the conclusion that compression for signing is > unnecessary and only adds extra code to be tested. > > I actually had to argue quite strongly at the time to get compression > as a option with encryption due to the additional complexity. If you support compression with encryption, there is no additional complexity to support compression with signing. Only scenarios that will only ever do signing -- with no possibility of ever needing encryption -- can potentially save some complexity. I doubt those scenarios will be common. > So on the basis that the more mandatory to implement things we add, the > less likely we are to get adoption, and previous discussions around > some of the input documents, I am opposed to adding compression for > signing. The JWS spec starts by saying it is a compact format intended for space constrained environments. It chooses terse 3-letter header element names. It defines it own alg names, partly because they are shorter than existing names. I am strongly in favour of including compression consistently across all the modes that a JOSE message supports (encrypted, signed, unprotected...). -- James Manger
- [jose] Allow compression of plain and JWS too? Vladimir Dzhuvinov / NimbusDS
- Re: [jose] Allow compression of plain and JWS too? Manger, James H
- Re: [jose] Allow compression of plain and JWS too? Vladimir Dzhuvinov / NimbusDS
- Re: [jose] Allow compression of plain and JWS too? John Bradley
- Re: [jose] Allow compression of plain and JWS too? John Bradley
- Re: [jose] Allow compression of plain and JWS too? Manger, James H
- Re: [jose] Allow compression of plain and JWS too? John Bradley