IETF Logo Mail Archive

Re: [jose] Feedback request on jose tracker issue #8: Should we add a "spi" header field?

Sascha Preibisch <spreibisch@layer7tech.com> Wed, 17 April 2013 19:03 UTC

Return-Path: <spreibisch@layer7tech.com>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6834C21F89D8 for <jose@ietfa.amsl.com>; Wed, 17 Apr 2013 12:03:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.264
X-Spam-Level:
X-Spam-Status: No, score=-3.264 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001, IP_NOT_FRIENDLY=0.334, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RjNg11hj4sDn for <jose@ietfa.amsl.com>; Wed, 17 Apr 2013 12:03:12 -0700 (PDT)
Received: from smtp156.dfw.emailsrvr.com (smtp156.dfw.emailsrvr.com [67.192.241.156]) by ietfa.amsl.com (Postfix) with ESMTP id CE98321F89AF for <jose@ietf.org>; Wed, 17 Apr 2013 12:03:11 -0700 (PDT)
Received: from smtp5.relay.dfw1a.emailsrvr.com (localhost.localdomain [127.0.0.1]) by smtp5.relay.dfw1a.emailsrvr.com (SMTP Server) with ESMTP id B4D0E583D5 for <jose@ietf.org>; Wed, 17 Apr 2013 15:03:10 -0400 (EDT)
X-SMTPDoctor-Processed: csmtpprox 2.7.4
Received: from localhost (localhost.localdomain [127.0.0.1]) by smtp5.relay.dfw1a.emailsrvr.com (SMTP Server) with ESMTP id 70295583E5 for <jose@ietf.org>; Wed, 17 Apr 2013 15:03:10 -0400 (EDT)
X-Virus-Scanned: OK
Received: from smtp192.mex07a.mlsrvr.com (unknown [67.192.133.128]) by smtp5.relay.dfw1a.emailsrvr.com (SMTP Server) with ESMTPS id A2977583E3 for <jose@ietf.org>; Wed, 17 Apr 2013 15:03:07 -0400 (EDT)
Received: from DFW1MBX21.mex07a.mlsrvr.com ([192.168.1.235]) by DFW1HUB09.mex07a.mlsrvr.com ([fe80::222:19ff:fe91:f83a%11]) with mapi; Wed, 17 Apr 2013 14:03:07 -0500
From: Sascha Preibisch <spreibisch@layer7tech.com>
To: "jose@ietf.org" <jose@ietf.org>
Date: Wed, 17 Apr 2013 14:03:08 -0500
Thread-Topic: [jose] Feedback request on jose tracker issue #8: Should we add a "spi" header field?
Thread-Index: Ac43EH3ej2pBU0sqSayKI+vKv2l/xQEjaVew
Message-ID: <260FAD4C9002884C89DF49EF8776EB9B2A9811513C@DFW1MBX21.mex07a.mlsrvr.com>
References: <51674E2D.3040604@isoc.org>
In-Reply-To: <51674E2D.3040604@isoc.org>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: multipart/alternative; boundary="_000_260FAD4C9002884C89DF49EF8776EB9B2A9811513CDFW1MBX21mex0_"
MIME-Version: 1.0
Subject: Re: [jose] Feedback request on jose tracker issue #8: Should we add a "spi" header field?
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/jose>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 17 Apr 2013 19:03:16 -0000

1 - It causes no problems to have spi remain in a separate spec as an optional feature

From: jose-bounces@ietf.org [mailto:jose-bounces@ietf.org] On Behalf Of Karen O'Donoghue
Sent: Thursday, April 11, 2013 4:59 PM
To: jose@ietf.org
Subject: [jose] Feedback request on jose tracker issue #8: Should we add a "spi" header field?

Issue #8 http://trac.tools.ietf.org/wg/jose/trac/ticket/8 proposes adding an "spi" (security parameters index) header parameter to the JWS and JWE specifications.  This modification to the JOSE formats would allow for signaling that pre-negotiated cryptographic parameters are being used, rather than including those parameters in the JWS or JWE header.  This proposal has been written up as http://tools.ietf.org/html/draft-barnes-jose-spi-00.

Which of these best describes your preferences on this issue?
1.  Have draft-barnes-jose-spi remain a separate specification that could optionally also be supported by JWS and JWE implementations.
2.  Incorporate draft-barnes-jose-spi into the JWS and JWE specifications as a mandatory feature.
3.  Incorporate draft-barnes-jose-spi into the JWS and JWE specifications as an optional feature.
4.  Another resolution (please specify in detail).
0.  I need more information to decide.
Your reply is requested by Friday, April 19th or earlier.

v2.23.0 | Report a Bug | By Email