Re: [jose] Should we keep or remove the JOSE JWS and JWE MIME types?
Edmund Jay <ejay@mgi1.com> Thu, 20 June 2013 20:39 UTC
Return-Path: <edmundjay@sbcglobal.net>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B995021F9EEB for <jose@ietfa.amsl.com>; Thu, 20 Jun 2013 13:39:45 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.598
X-Spam-Level:
X-Spam-Status: No, score=-2.598 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ra70WV9s0VjZ for <jose@ietfa.amsl.com>; Thu, 20 Jun 2013 13:39:31 -0700 (PDT)
Received: from nm26-vm0.access.bullet.mail.mud.yahoo.com (nm26-vm0.access.bullet.mail.mud.yahoo.com [66.94.236.225]) by ietfa.amsl.com (Postfix) with ESMTP id CC60C21F9E62 for <jose@ietf.org>; Thu, 20 Jun 2013 13:39:30 -0700 (PDT)
Received: from [66.94.237.193] by nm26.access.bullet.mail.mud.yahoo.com with NNFMP; 20 Jun 2013 20:39:30 -0000
Received: from [66.94.237.110] by tm4.access.bullet.mail.mud.yahoo.com with NNFMP; 20 Jun 2013 20:39:29 -0000
Received: from [127.0.0.1] by omp1015.access.mail.mud.yahoo.com with NNFMP; 20 Jun 2013 20:39:29 -0000
X-Yahoo-Newman-Property: ymail-3
X-Yahoo-Newman-Id: 778444.55901.bm@omp1015.access.mail.mud.yahoo.com
Received: (qmail 22991 invoked by uid 60001); 20 Jun 2013 20:39:29 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sbcglobal.net; s=s1024; t=1371760769; bh=kErX6aK2rZ0KsVm5vfVxQpwwJgl+BdCW2XG6XG+nD+k=; h=X-YMail-OSG:Received:X-Rocket-MIMEInfo:X-RocketYMMF:X-Mailer:References:Message-ID:Date:From:Subject:To:In-Reply-To:MIME-Version:Content-Type; b=B3GavcWu4dJ9J8AKEle1gvn8aw8API2f30ddDm60j8cASPBVLsGzImNlFyR3+dOLpgAv7Y1Cdvr9srVF49Vs7xv8ADnQHG6jb5P7ftRdXvsBMh2UQIipVXYa2nCIwFiU1yKix03B8l7k5eqd3FqOaGoNErKPNb2mYWOqRgOPzWA=
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=sbcglobal.net; h=X-YMail-OSG:Received:X-Rocket-MIMEInfo:X-RocketYMMF:X-Mailer:References:Message-ID:Date:From:Subject:To:In-Reply-To:MIME-Version:Content-Type; b=C60Zf4JsSSSIIbpB5zzSEhg8na2wMpRQO7eiL4UNTV6w6VGE92KTAxR3VovT4Iqgff1nt1/2LFpvMbWCow383glHw/ryRjGP4N1eSMOxiK2aH7Zv8m0m7/Mc+QLWBLhiZHssVKJNozh29dv1TB23WGd0TMawtXvtRl34F4BOGqo=;
X-YMail-OSG: i5pvf18VM1n417sNFVxPEfWDjbK0q4WIwn0vYRmVha61G_1 AV3mxzn.mF_RN1mNS0NiM3_Wh7Q9m86QJOiN_ZQDBI7O7o9rWZHbiuWQhPTF qKBEfr93mzUQEjWBSmTwQIzjnY8G1BVEeVI7ugFQsgYgBtYdyjmiEPvO1d4g HkCx.HJgMXTFwsbipPY8PMjQMYVcjjdxOH6XdqZnu8Fi8NQtjuF_b4t32d2_ O35uzkICf3FsC1EgHx2KOBlXZObXO__ahY9vx0OJacEy8PvvwMDOagjp7Flh RNpbWskygZEoPkh5oqfhy5CccU2SBQvQ_NH7Q_o4oC8nm75HAN1OyZkiDt9f nZXZ9kbu2FVfZ_fekfrIgV2pA2h4OzSma4zIOcbzhNsEpPg54DNbVZJyJDld dKlxd.E.tmFiAhsp57of3PpB7MGUHXAG4k2FRSVMMBzDUuvp8JesPuqG9SHL .3q7OPvs_CGzisVu0Ep7LRW.XYymEC0k7R3IT1k2qTTDl8TpbXD_UcTotg4I tLkkspdTymxEkPAmN_tELLYzrx8FkWrV5vy6wgAVhi6hqljRCViM2rCk-
Received: from [70.36.254.42] by web184402.mail.bf1.yahoo.com via HTTP; Thu, 20 Jun 2013 13:39:29 PDT
X-Rocket-MIMEInfo: 002.001, KzEgaW4gZmF2b3Igb2YgZHJvcHBpbmcKCgoKX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX18KRnJvbTogTWlrZSBKb25lcyA8TWljaGFlbC5Kb25lc0BtaWNyb3NvZnQuY29tPgpUbzogImpvc2VAaWV0Zi5vcmciIDxqb3NlQGlldGYub3JnPgpTZW50OiBUdWUsIEp1bmUgMTgsIDIwMTMgNjo0MjoxNSBQTQpTdWJqZWN0OiBbam9zZV0gU2hvdWxkIHdlIGtlZXAgb3IgcmVtb3ZlIHRoZSBKT1NFIEpXUyBhbmQgSldFIE1JTUUgdHlwZXM_CgogClRoZSBKV1MgYW5kIEpXRSBkb2N1bWVudHMgY3VycmVudGwBMAEBAQE-
X-RocketYMMF: edmundjay@sbcglobal.net
X-Mailer: YahooMailRC/729 YahooMailWebService/0.8.148.554
References: <4E1F6AAD24975D4BA5B1680429673943678735D4@TK5EX14MBXC283.redmond.corp.microsoft.com>
Message-ID: <1371760769.7926.YahooMailRC@web184402.mail.bf1.yahoo.com>
Date: Thu, 20 Jun 2013 13:39:29 -0700
From: Edmund Jay <ejay@mgi1.com>
To: Mike Jones <Michael.Jones@microsoft.com>, "jose@ietf.org" <jose@ietf.org>
In-Reply-To: <4E1F6AAD24975D4BA5B1680429673943678735D4@TK5EX14MBXC283.redmond.corp.microsoft.com>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="-334495122-293771357-1371760769=:7926"
Subject: Re: [jose] Should we keep or remove the JOSE JWS and JWE MIME types?
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/jose>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 20 Jun 2013 20:39:46 -0000
+1 in favor of dropping ________________________________ From: Mike Jones <Michael.Jones@microsoft.com> To: "jose@ietf.org" <jose@ietf.org> Sent: Tue, June 18, 2013 6:42:15 PM Subject: [jose] Should we keep or remove the JOSE JWS and JWE MIME types? The JWS and JWE documents currently define these MIME types for the convenience of applications that may want to use them: application/jws application/jws+json application/jwe application/jwe+json That being said, I’m not aware of any uses of these by applications at present. Thus, I think that makes it fair game to ask whether we want to keep them or remove them – in which case, if applications ever needed them, they could define them later. Another dimension of this question for JWS and JWE is that it’s not clear that the four types application/jws, application/jws+json, application/jwe, and application/jwe+json are even the right ones. It might be more useful to have generic application/jose and application/jose+json types, which could hold either JWS or JWE objects respectively using the compact or JSON serializations (although I’m not advocating adding them at this time). Having different JWS versus JWE MIME types apparently did contribute to at least Dick’s confusion about the purpose of the “typ” field, so deleting them could help eliminate this possibility of confusion in the future. Thus, I’m increasingly convinced we should get rid of the JWS and JWE types and leave it up to applications to define the types they need, when they need them. Do people have use cases for these four MIME types now or should we leave them to future specs to define, if needed? -- Mike P.S. For completeness, I’ll add that the JWK document also defines these MIME types: application/jwk+json application/jwk-set+json There are already clear use cases for these types, so I’m not advocating deleting them, but wanted to call that out explicitly. For instance, when retrieving a JWK Set document referenced by a “jku” header parameter, I believe that the result should use the application/jwk-set+json type. (In fact, I’ll add this to the specs, unless there are any objections.) Likewise, draft-miller-jose-jwe-protected-jwk-02 already uses application/jwk+json. Both could also be as “cty” values when encrypting JWKs and JWK Sets, in contexts where that that would be useful.
- Re: [jose] Should we keep or remove the JOSE JWS … Manger, James H
- [jose] Should we keep or remove the JOSE JWS and … Mike Jones
- Re: [jose] Should we keep or remove the JOSE JWS … Jim Schaad
- Re: [jose] Should we keep or remove the JOSE JWS … Mike Jones
- Re: [jose] Should we keep or remove the JOSE JWS … Manger, James H
- Re: [jose] Should we keep or remove the JOSE JWS … Richard Barnes
- Re: [jose] Should we keep or remove the JOSE JWS … Mike Jones
- Re: [jose] Should we keep or remove the JOSE JWS … Justin Richer
- Re: [jose] Should we keep or remove the JOSE JWS … Justin Richer
- Re: [jose] Should we keep or remove the JOSE JWS … Richard Barnes
- Re: [jose] Should we keep or remove the JOSE JWS … Matt Miller (mamille2)
- Re: [jose] Should we keep or remove the JOSE JWS … Justin Richer
- Re: [jose] Should we keep or remove the JOSE JWS … Mike Jones
- Re: [jose] Should we keep or remove the JOSE JWS … Mike Jones
- Re: [jose] Should we keep or remove the JOSE JWS … Richard Barnes
- Re: [jose] Should we keep or remove the JOSE JWS … Jim Schaad
- Re: [jose] Should we keep or remove the JOSE JWS … Mike Jones
- Re: [jose] Should we keep or remove the JOSE JWS … Edmund Jay
- Re: [jose] Should we keep or remove the JOSE JWS … Richard Barnes
- Re: [jose] Should we keep or remove the JOSE JWS … Brian Campbell
- Re: [jose] Should we keep or remove the JOSE JWS … Richard Barnes
- Re: [jose] Should we keep or remove the JOSE JWS … John Bradley
- Re: [jose] Should we keep or remove the JOSE JWS … Manger, James H
- Re: [jose] Should we keep or remove the JOSE JWS … Tony Hansen