Re: [jose] Feedback request on jose tracker issue #8: Should we add a "spi" header field?
"Manger, James H" <James.H.Manger@team.telstra.com> Fri, 12 April 2013 01:53 UTC
Return-Path: <James.H.Manger@team.telstra.com>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 47B8F21F86CE for <jose@ietfa.amsl.com>; Thu, 11 Apr 2013 18:53:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.9
X-Spam-Level:
X-Spam-Status: No, score=-0.9 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HELO_EQ_AU=0.377, HOST_EQ_AU=0.327, HTML_MESSAGE=0.001, RELAY_IS_203=0.994]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lZJUgdF8YdYh for <jose@ietfa.amsl.com>; Thu, 11 Apr 2013 18:53:47 -0700 (PDT)
Received: from ipxcno.tcif.telstra.com.au (ipxcno.tcif.telstra.com.au [203.35.82.208]) by ietfa.amsl.com (Postfix) with ESMTP id 0C7A221F86C5 for <jose@ietf.org>; Thu, 11 Apr 2013 18:53:44 -0700 (PDT)
X-IronPort-AV: E=Sophos; i="4.87,460,1363093200"; d="scan'208,217"; a="124750539"
Received: from unknown (HELO ipcbni.tcif.telstra.com.au) ([10.97.216.204]) by ipocni.tcif.telstra.com.au with ESMTP; 12 Apr 2013 11:53:43 +1000
X-IronPort-AV: E=McAfee;i="5400,1158,7042"; a="127041700"
Received: from wsmsg3753.srv.dir.telstra.com ([172.49.40.174]) by ipcbni.tcif.telstra.com.au with ESMTP; 12 Apr 2013 11:53:43 +1000
Received: from WSMSG3153V.srv.dir.telstra.com ([172.49.40.159]) by WSMSG3753.srv.dir.telstra.com ([172.49.40.174]) with mapi; Fri, 12 Apr 2013 11:53:42 +1000
From: "Manger, James H" <James.H.Manger@team.telstra.com>
To: "jose@ietf.org" <jose@ietf.org>
Date: Fri, 12 Apr 2013 11:53:41 +1000
Thread-Topic: [jose] Feedback request on jose tracker issue #8: Should we add a "spi" header field?
Thread-Index: Ac43EIJSEZZZDIC4TlacSkd5oe9GgQADt3fw
Message-ID: <255B9BB34FB7D647A506DC292726F6E1150C5F132E@WSMSG3153V.srv.dir.telstra.com>
References: <51674E2D.3040604@isoc.org>
In-Reply-To: <51674E2D.3040604@isoc.org>
Accept-Language: en-US, en-AU
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US, en-AU
Content-Type: multipart/alternative; boundary="_000_255B9BB34FB7D647A506DC292726F6E1150C5F132EWSMSG3153Vsrv_"
MIME-Version: 1.0
Subject: Re: [jose] Feedback request on jose tracker issue #8: Should we add a "spi" header field?
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/jose>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 12 Apr 2013 01:53:48 -0000
1b. Have “spi” as a separate (optional) spec. Change its definition so it does not change the crypto. For instance, the header that is part of the integrity check is the header with the full alg ids, and key ids — not the header with just the “spi” value. Otherwise “spi” is changing the crypto properties, not just saving bytes. -- James Manger From: jose-bounces@ietf.org [mailto:jose-bounces@ietf.org] On Behalf Of Karen O'Donoghue Sent: Friday, 12 April 2013 9:59 AM To: jose@ietf.org Subject: [jose] Feedback request on jose tracker issue #8: Should we add a "spi" header field? Issue #8 http://trac.tools.ietf.org/wg/jose/trac/ticket/8 proposes adding an “spi” (security parameters index) header parameter to the JWS and JWE specifications. This modification to the JOSE formats would allow for signaling that pre-negotiated cryptographic parameters are being used, rather than including those parameters in the JWS or JWE header. This proposal has been written up as http://tools.ietf.org/html/draft-barnes-jose-spi-00. Which of these best describes your preferences on this issue? 1. Have draft-barnes-jose-spi remain a separate specification that could optionally also be supported by JWS and JWE implementations. 2. Incorporate draft-barnes-jose-spi into the JWS and JWE specifications as a mandatory feature. 3. Incorporate draft-barnes-jose-spi into the JWS and JWE specifications as an optional feature. 4. Another resolution (please specify in detail). 0. I need more information to decide. Your reply is requested by Friday, April 19th or earlier.
- Re: [jose] Feedback request on jose tracker issue… Dick Hardt
- [jose] Feedback request on jose tracker issue #8:… Karen O'Donoghue
- Re: [jose] Feedback request on jose tracker issue… Manger, James H
- Re: [jose] Feedback request on jose tracker issue… Axel.Nennker
- Re: [jose] Feedback request on jose tracker issue… Roland Hedberg
- Re: [jose] Feedback request on jose tracker issue… hideki nara
- Re: [jose] Feedback request on jose tracker issue… Mike Jones
- Re: [jose] Feedback request on jose tracker issue… nov matake
- Re: [jose] Feedback request on jose tracker issue… Matias Woloski
- Re: [jose] Feedback request on jose tracker issue… Anthony Nadalin
- Re: [jose] Feedback request on jose tracker issue… Richard Barnes
- Re: [jose] Feedback request on jose tracker issue… Mike Jones
- Re: [jose] Feedback request on jose tracker issue… Edmund Jay
- Re: [jose] Feedback request on jose tracker issue… Richard Barnes
- Re: [jose] Feedback request on jose tracker issue… charles.marais@orange.com
- Re: [jose] Feedback request on jose tracker issue… Sascha Preibisch
- Re: [jose] Feedback request on jose tracker issue… John Bradley
- Re: [jose] Feedback request on jose tracker issue… Javier Rojas Blum
- Re: [jose] Feedback request on jose tracker issue… Vladimir Dzhuvinov / NimbusDS
- Re: [jose] Feedback request on jose tracker issue… Russ Housley
- Re: [jose] Feedback request on jose tracker issue… Mike Jones
- Re: [jose] Feedback request on jose tracker issue… Richard Barnes
- Re: [jose] Feedback request on jose tracker issue… Russ Housley
- Re: [jose] Feedback request on jose tracker issue… Mike Jones
- Re: [jose] Feedback request on jose tracker issue… John Bradley
- Re: [jose] Feedback request on jose tracker issue… Salvatore D'Agostino
- Re: [jose] Feedback request on jose tracker issue… Vladimir Dzhuvinov / NimbusDS
- Re: [jose] Feedback request on jose tracker issue… Nat Sakimura