Re: [jose] Draft -10 of the JOSE Specifications
Mike Jones <Michael.Jones@microsoft.com> Fri, 26 April 2013 09:02 UTC
Return-Path: <Michael.Jones@microsoft.com>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D3A0B21F984F for <jose@ietfa.amsl.com>; Fri, 26 Apr 2013 02:02:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.381
X-Spam-Level:
X-Spam-Status: No, score=-2.381 tagged_above=-999 required=5 tests=[AWL=0.217, BAYES_00=-2.599, HTML_MESSAGE=0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HKBInuTkTid3 for <jose@ietfa.amsl.com>; Fri, 26 Apr 2013 02:02:07 -0700 (PDT)
Received: from na01-by2-obe.outbound.protection.outlook.com (mail-by2lp0236.outbound.protection.outlook.com [207.46.163.236]) by ietfa.amsl.com (Postfix) with ESMTP id B327421F97C9 for <jose@ietf.org>; Fri, 26 Apr 2013 02:02:07 -0700 (PDT)
Received: from BL2FFO11FD015.protection.gbl (10.173.161.200) by BL2FFO11HUB037.protection.gbl (10.173.160.241) with Microsoft SMTP Server (TLS) id 15.0.675.0; Fri, 26 Apr 2013 09:02:05 +0000
Received: from TK5EX14HUBC103.redmond.corp.microsoft.com (131.107.125.37) by BL2FFO11FD015.mail.protection.outlook.com (10.173.160.223) with Microsoft SMTP Server (TLS) id 15.0.675.0 via Frontend Transport; Fri, 26 Apr 2013 09:02:05 +0000
Received: from TK5EX14MBXC283.redmond.corp.microsoft.com ([169.254.2.161]) by TK5EX14HUBC103.redmond.corp.microsoft.com ([157.54.86.9]) with mapi id 14.02.0318.003; Fri, 26 Apr 2013 09:01:04 +0000
From: Mike Jones <Michael.Jones@microsoft.com>
To: nov matake <matake@gmail.com>
Thread-Topic: [jose] Draft -10 of the JOSE Specifications
Thread-Index: Ac5CV4GGnwFrDigGRRe4831w/fZ3TwAA1e8AAABb7XA=
Date: Fri, 26 Apr 2013 09:01:03 +0000
Message-ID: <4E1F6AAD24975D4BA5B1680429673943676D5286@TK5EX14MBXC283.redmond.corp.microsoft.com>
References: <4E1F6AAD24975D4BA5B1680429673943676D2022@TK5EX14MBXC283.redmond.corp.microsoft.com> <B3379778-ABC3-424E-B4BE-F37C025F1DD0@gmail.com>
In-Reply-To: <B3379778-ABC3-424E-B4BE-F37C025F1DD0@gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [157.54.51.34]
Content-Type: multipart/alternative; boundary="_000_4E1F6AAD24975D4BA5B1680429673943676D5286TK5EX14MBXC283r_"
MIME-Version: 1.0
X-Forefront-Antispam-Report: CIP:131.107.125.37; CTRY:US; IPV:CAL; IPV:NLI; EFV:NLI; SFV:NSPM; SFS:(199002)(189002)(16406001)(74366001)(512874001)(33656001)(1411001)(564824004)(49866001)(79102001)(47736001)(59766001)(63696002)(74502001)(50986001)(31966008)(71186001)(53806001)(46102001)(51856001)(81342001)(44976003)(55846006)(56816002)(20776003)(65816001)(54316002)(47976001)(81542001)(66066001)(76482001)(47446002)(80022001)(69226001)(74662001)(6806003)(56776001)(54356001)(4396001)(77982001); DIR:OUT; SFP:; SCL:1; SRVR:BL2FFO11HUB037; H:TK5EX14HUBC103.redmond.corp.microsoft.com; RD:InfoDomainNonexistent; A:1; MX:1; LANG:en;
X-OriginatorOrg: microsoft.onmicrosoft.com
X-Forefront-PRVS: 08286A0BE2
Cc: "jose@ietf.org" <jose@ietf.org>
Subject: Re: [jose] Draft -10 of the JOSE Specifications
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/jose>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 26 Apr 2013 09:02:08 -0000
Oops – the Encoded JWE Header value for the second recipient is correct – decoding to {"alg":"A128KW","enc":"A128CBC-HS256"}. But I’d failed to update the unencoded header text when I updated the example. Thanks for pointing this out, Nov. I’ll put it in my to-do list.
-- Mike
From: nov matake [mailto:matake@gmail.com]
Sent: Friday, April 26, 2013 1:49 AM
To: Mike Jones
Cc: jose@ietf.org
Subject: Re: [jose] Draft -10 of the JOSE Specifications
Hi Mike,
The 2nd recipient described in Section 7.1 uses RSA-OAEP for key encryption, but the encrypted key value seems to be encrypted using A128KW.
Isn't it?
On Apr 26, 2013, at 5:24 PM, Mike Jones <Michael.Jones@microsoft.com<mailto:Michael.Jones@microsoft.com>> wrote:
Based upon working group feedback on the -09 drafts, I’ve released an update to the JSON Object Signing and Encryption (JOSE) specifications that changes the processing rules for JWEs encrypted to multiple recipients. The new processing rules enable using AES GCM for multiple-recipient JWE objects. This update makes no changes to the single-recipient case.
The updated specification versions are:
• http://tools.ietf.org/html/draft-ietf-jose-json-web-signature-10
• http://tools.ietf.org/html/draft-ietf-jose-json-web-encryption-10
• http://tools.ietf.org/html/draft-ietf-jose-json-web-key-10
• http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-10
HTML formatted versions are also available at:
• http://self-issued.info/docs/draft-ietf-jose-json-web-signature-10.html
• http://self-issued.info/docs/draft-ietf-jose-json-web-encryption-10.html
• http://self-issued.info/docs/draft-ietf-jose-json-web-key-10.html
• http://self-issued.info/docs/draft-ietf-jose-json-web-algorithms-10.html
-- Mike
P.S. Also posted at http://self-issued.info/?p=1012.
_______________________________________________
jose mailing list
jose@ietf.org<mailto:jose@ietf.org>
https://www.ietf.org/mailman/listinfo/jose
- [jose] Draft -10 of the JOSE Specifications Mike Jones
- Re: [jose] Draft -10 of the JOSE Specifications nov matake
- Re: [jose] Draft -10 of the JOSE Specifications Mike Jones
- Re: [jose] Draft -10 of the JOSE Specifications Vladimir Dzhuvinov / NimbusDS