IETF Logo Mail Archive

Re: [jose] Feedback request on jose tracker issue #15: Should at least on key indicator be mandatory

Mike Jones <Michael.Jones@microsoft.com> Fri, 12 April 2013 05:25 UTC

Return-Path: <Michael.Jones@microsoft.com>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A36AE21F86DC for <jose@ietfa.amsl.com>; Thu, 11 Apr 2013 22:25:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.598
X-Spam-Level:
X-Spam-Status: No, score=-2.598 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SUWwoQan3sCp for <jose@ietfa.amsl.com>; Thu, 11 Apr 2013 22:25:20 -0700 (PDT)
Received: from na01-by2-obe.outbound.protection.outlook.com (mail-by2lp0235.outbound.protection.outlook.com [207.46.163.235]) by ietfa.amsl.com (Postfix) with ESMTP id 5FA4C21F86B2 for <jose@ietf.org>; Thu, 11 Apr 2013 22:25:20 -0700 (PDT)
Received: from BY2FFO11FD028.protection.gbl (10.1.15.202) by BY2FFO11HUB030.protection.gbl (10.1.14.115) with Microsoft SMTP Server (TLS) id 15.0.664.0; Fri, 12 Apr 2013 05:25:18 +0000
Received: from TK5EX14MLTC102.redmond.corp.microsoft.com (131.107.125.37) by BY2FFO11FD028.mail.protection.outlook.com (10.1.15.217) with Microsoft SMTP Server (TLS) id 15.0.664.0 via Frontend Transport; Fri, 12 Apr 2013 05:25:18 +0000
Received: from TK5EX14MBXC283.redmond.corp.microsoft.com ([169.254.2.224]) by TK5EX14MLTC102.redmond.corp.microsoft.com ([157.54.79.180]) with mapi id 14.02.0318.003; Fri, 12 Apr 2013 05:25:04 +0000
From: Mike Jones <Michael.Jones@microsoft.com>
To: "odonoghue@isoc.org" <odonoghue@isoc.org>, "jose@ietf.org" <jose@ietf.org>
Thread-Topic: [jose] Feedback request on jose tracker issue #15: Should at least on key indicator be mandatory
Thread-Index: AQHONxCooSd2LAEBTkqzIVwx4JWauZjSDFgA
Date: Fri, 12 Apr 2013 05:25:03 +0000
Message-ID: <4E1F6AAD24975D4BA5B168042967394367615F37@TK5EX14MBXC283.redmond.corp.microsoft.com>
References: <51674E63.3050809@isoc.org>
In-Reply-To: <51674E63.3050809@isoc.org>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [157.54.51.34]
Content-Type: multipart/alternative; boundary="_000_4E1F6AAD24975D4BA5B168042967394367615F37TK5EX14MBXC283r_"
MIME-Version: 1.0
X-Forefront-Antispam-Report: CIP:131.107.125.37; CTRY:US; IPV:CAL; IPV:NLI; EFV:NLI; SFV:NSPM; SFS:(377454001)(5383001)(189002)(199002)(74502001)(79102001)(5343635001)(55846006)(4396001)(15202345001)(81542001)(16236675001)(74662001)(54356001)(53806001)(71186001)(564824004)(47976001)(18277545001)(65816001)(33656001)(76482001)(16406001)(49866001)(59766001)(66066001)(512954001)(69226001)(16297215001)(44976002)(56776001)(46102001)(80022001)(31966008)(63696002)(81342001)(47446002)(77982001)(5343655001)(20776003)(18276755001)(54316002)(47736001)(56816002)(51856001)(50986001); DIR:OUT; SFP:; SCL:1; SRVR:BY2FFO11HUB030; H:TK5EX14MLTC102.redmond.corp.microsoft.com; RD:InfoDomainNonexistent; MX:1; A:1; LANG:en;
X-OriginatorOrg: microsoft.onmicrosoft.com
X-Forefront-PRVS: 0814A2C7A3
Subject: Re: [jose] Feedback request on jose tracker issue #15: Should at least on key indicator be mandatory
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/jose>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 12 Apr 2013 05:25:21 -0000

Reading this question, I believe that there's a possibility for the question to be misinterpreted, since the sense of the question in the subject is opposite of the sense of the question in the body.  I believe that the intent of 1 and 2 were as follows:

1.  Yes - Use cases where key information is exchanged by means other than the JWS and JWE headers ARE important.
2.  No - Use cases where key information is exchanged by means other than the JWS and JWE headers ARE NOT important.

Maybe people could reply with 1 and 2 as above, so that their answers to the question of whether these use cases are important are not are unambiguous.

                                                            -- Mike

From: jose-bounces@ietf.org [mailto:jose-bounces@ietf.org] On Behalf Of Karen O'Donoghue
Sent: Thursday, April 11, 2013 5:00 PM
To: jose@ietf.org
Subject: [jose] Feedback request on jose tracker issue #15: Should at least on key indicator be mandatory

Issue #15 http://trac.tools.ietf.org/wg/jose/trac/ticket/15. suggests requiring that a key indicator, such as a "kid" field, be required in all JWS and JWE headers. Are use cases where key information is exchanged by means other than the JWS or JWE headers important?
Which of these best describes your preferences on this issue?
1.  Yes.
2.   No.
0.  I need more information to decide.

Your reply is requested by Friday, April 19th (or earlier).

v2.23.0 | Report a Bug | By Email