Re: [jose] Feedback request on jose tracker issue #8: Should we add a "spi" header field?
Richard Barnes <rlb@ipv.sx> Mon, 15 April 2013 18:22 UTC
Return-Path: <rlb@ipv.sx>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3C04921F9677 for <jose@ietfa.amsl.com>; Mon, 15 Apr 2013 11:22:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.425
X-Spam-Level:
X-Spam-Status: No, score=-0.425 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FH_RELAY_NODNS=1.451, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RDNS_NONE=0.1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oDzCGPpo3w3i for <jose@ietfa.amsl.com>; Mon, 15 Apr 2013 11:22:27 -0700 (PDT)
Received: from mail-ob0-x22f.google.com (mail-ob0-x22f.google.com [IPv6:2607:f8b0:4003:c01::22f]) by ietfa.amsl.com (Postfix) with ESMTP id 0180321F9676 for <jose@ietf.org>; Mon, 15 Apr 2013 11:22:26 -0700 (PDT)
Received: by mail-ob0-f175.google.com with SMTP id va7so4467669obc.34 for <jose@ietf.org>; Mon, 15 Apr 2013 11:22:26 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:x-received:x-originating-ip:in-reply-to:references :date:message-id:subject:from:to:cc:content-type:x-gm-message-state; bh=X1ywbollcjEmNTNtR6R6vSrfI4CG8JRAEqgzixP2/p4=; b=TGHFSS0CvvzUmXzbO2UQTsitUNRGsaX0b2nxhVhhJlAPzbThMzb4Fs2p+W4mcV1XSX Ruh+u1RgqeU6XJW6IhFHR2aHj06jY8DxHF0otK6pwhVp+b0/mu1UgpPTRP5RDqdp8+dl +Q/9U3xi+F2Nuj4/k875MpNnBgAuxdnu1Oi2ukknkmuD9mQfPctQTyszr7woL4T0+6gb 3oy5pGEPlh7OVf6tDj2iX/ZgO3/OvgS7FyuvJSuKNYl3QrUgmF+NbO3dxCTusMsUW7DH YAVCxFBHy3ArmIldO1fRjAUR3znVHozEld0N/xEQif2x/VxtRgADWDPerWyVCrtFLHui LvtQ==
MIME-Version: 1.0
X-Received: by 10.60.17.132 with SMTP id o4mr2895640oed.12.1366050146404; Mon, 15 Apr 2013 11:22:26 -0700 (PDT)
Received: by 10.60.25.196 with HTTP; Mon, 15 Apr 2013 11:22:26 -0700 (PDT)
X-Originating-IP: [128.89.255.241]
In-Reply-To: <4E1F6AAD24975D4BA5B16804296739436764218A@TK5EX14MBXC283.redmond.corp.microsoft.com>
References: <51674E2D.3040604@isoc.org> <CAL02cgRQf4MrFQvZ+e6wLm+UqtCZnPG7sO2i_iibb5Yia+4bVQ@mail.gmail.com> <4E1F6AAD24975D4BA5B16804296739436764218A@TK5EX14MBXC283.redmond.corp.microsoft.com>
Date: Mon, 15 Apr 2013 14:22:26 -0400
Message-ID: <CAL02cgRysCm6Vb4mY2O0LT0s5ieOfv2WZNvQiiY5jZ_m3dDz1A@mail.gmail.com>
From: Richard Barnes <rlb@ipv.sx>
To: Mike Jones <Michael.Jones@microsoft.com>
Content-Type: multipart/alternative; boundary="089e01294d0cb8d9ea04da6a55cb"
X-Gm-Message-State: ALoCoQnN10JZB9GItMe6LFY0bkcV6cb3d+Id0hxmcXZexbVLngsTDSvpVkpYy2NksAPqUXQ5bdqc
Cc: "jose@ietf.org" <jose@ietf.org>, "odonoghue@isoc.org" <odonoghue@isoc.org>
Subject: Re: [jose] Feedback request on jose tracker issue #8: Should we add a "spi" header field?
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/jose>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 15 Apr 2013 18:22:28 -0000
The "switch" does have to be a JOSE protocol element, because the JOSE protocol logic has to be self-contained. --Richard On Mon, Apr 15, 2013 at 1:44 PM, Mike Jones <Michael.Jones@microsoft.com>wrote: > Use of “spi” is one such possible “switch”. Use of the OAuth Dynamic > Client Registration specification to obtain keys or key references is > another. Other applications may choose exchange the keys other ways.**** > > ** ** > > The “switch” doesn’t have to be a JOSE protocol element. Although you > could consider the lack of a key indicator in the JOSE header to be a clear > indication in the JOSE protocol elements that the switch has been thrown, > meaning that it’s up to the application to use its logical to determine > which key(s) to use – which is a normal use case.**** > > ** ** > > -- Mike**** > > ** ** > > *From:* jose-bounces@ietf.org [mailto:jose-bounces@ietf.org] *On Behalf > Of *Richard Barnes > *Sent:* Monday, April 15, 2013 10:37 AM > > *To:* odonoghue@isoc.org > *Cc:* jose@ietf.org > *Subject:* Re: [jose] Feedback request on jose tracker issue #8: Should > we add a "spi" header field?**** > > ** ** > > 2 or 3**** > > ** ** > > All of the "1" responses are missing the point of SPI -- if you want to be > able to omit fields (as people seem to want to do), then you need a switch > to turn off "stand-alone mode". **** > > ** ** > > So responding "1" here is the same as responding "1" on the ISSUE-15 poll, > that at least one key indicator MUST be present. **** > > ** ** > > ** ** > > On Thu, Apr 11, 2013 at 7:58 PM, Karen O'Donoghue <odonoghue@isoc.org> > wrote:**** > > Issue #8 http://trac.tools.ietf.org/wg/jose/trac/ticket/8 proposes adding > an “spi” (security parameters index) header parameter to the JWS and JWE > specifications. This modification to the JOSE formats would allow for > signaling that pre-negotiated cryptographic parameters are being used, > rather than including those parameters in the JWS or JWE header. This > proposal has been written up as > http://tools.ietf.org/html/draft-barnes-jose-spi-00. **** > > **** > > Which of these best describes your preferences on this issue?**** > > 1. Have draft-barnes-jose-spi remain a separate specification that could > optionally also be supported by JWS and JWE implementations.**** > > 2. Incorporate draft-barnes-jose-spi into the JWS and JWE specifications > as a mandatory feature.**** > > 3. Incorporate draft-barnes-jose-spi into the JWS and JWE specifications > as an optional feature.**** > > 4. Another resolution (please specify in detail).**** > > 0. I need more information to decide.**** > > Your reply is requested by Friday, April 19th or earlier. **** > > > _______________________________________________ > jose mailing list > jose@ietf.org > https://www.ietf.org/mailman/listinfo/jose**** > > ** ** >
- Re: [jose] Feedback request on jose tracker issue… Dick Hardt
- [jose] Feedback request on jose tracker issue #8:… Karen O'Donoghue
- Re: [jose] Feedback request on jose tracker issue… Manger, James H
- Re: [jose] Feedback request on jose tracker issue… Axel.Nennker
- Re: [jose] Feedback request on jose tracker issue… Roland Hedberg
- Re: [jose] Feedback request on jose tracker issue… hideki nara
- Re: [jose] Feedback request on jose tracker issue… Mike Jones
- Re: [jose] Feedback request on jose tracker issue… nov matake
- Re: [jose] Feedback request on jose tracker issue… Matias Woloski
- Re: [jose] Feedback request on jose tracker issue… Anthony Nadalin
- Re: [jose] Feedback request on jose tracker issue… Richard Barnes
- Re: [jose] Feedback request on jose tracker issue… Mike Jones
- Re: [jose] Feedback request on jose tracker issue… Edmund Jay
- Re: [jose] Feedback request on jose tracker issue… Richard Barnes
- Re: [jose] Feedback request on jose tracker issue… charles.marais@orange.com
- Re: [jose] Feedback request on jose tracker issue… Sascha Preibisch
- Re: [jose] Feedback request on jose tracker issue… John Bradley
- Re: [jose] Feedback request on jose tracker issue… Javier Rojas Blum
- Re: [jose] Feedback request on jose tracker issue… Vladimir Dzhuvinov / NimbusDS
- Re: [jose] Feedback request on jose tracker issue… Russ Housley
- Re: [jose] Feedback request on jose tracker issue… Mike Jones
- Re: [jose] Feedback request on jose tracker issue… Richard Barnes
- Re: [jose] Feedback request on jose tracker issue… Russ Housley
- Re: [jose] Feedback request on jose tracker issue… Mike Jones
- Re: [jose] Feedback request on jose tracker issue… John Bradley
- Re: [jose] Feedback request on jose tracker issue… Salvatore D'Agostino
- Re: [jose] Feedback request on jose tracker issue… Vladimir Dzhuvinov / NimbusDS
- Re: [jose] Feedback request on jose tracker issue… Nat Sakimura