Re: [jose] #28: AES-GCM should not be allowed for content encryption in combination with Direct Encryption key management mode
"jose issue tracker" <trac+jose@trac.tools.ietf.org> Mon, 19 August 2013 01:14 UTC
Return-Path: <trac+jose@trac.tools.ietf.org>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A035711E810C for <jose@ietfa.amsl.com>; Sun, 18 Aug 2013 18:14:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.594
X-Spam-Level:
X-Spam-Status: No, score=-102.594 tagged_above=-999 required=5 tests=[AWL=0.005, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fVQN0pFdGyUY for <jose@ietfa.amsl.com>; Sun, 18 Aug 2013 18:14:10 -0700 (PDT)
Received: from grenache.tools.ietf.org (grenache.tools.ietf.org [IPv6:2a01:3f0:1:2::30]) by ietfa.amsl.com (Postfix) with ESMTP id 174E711E80E8 for <jose@ietf.org>; Sun, 18 Aug 2013 18:14:09 -0700 (PDT)
Received: from localhost ([127.0.0.1]:44180 helo=grenache.tools.ietf.org ident=www-data) by grenache.tools.ietf.org with esmtp (Exim 4.80) (envelope-from <trac+jose@trac.tools.ietf.org>) id 1VBE2i-0005px-UC; Mon, 19 Aug 2013 03:14:01 +0200
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: jose issue tracker <trac+jose@trac.tools.ietf.org>
X-Trac-Version: 0.12.3
Precedence: bulk
Auto-Submitted: auto-generated
X-Mailer: Trac 0.12.3, by Edgewall Software
To: draft-ietf-jose-json-web-algorithms@tools.ietf.org, michael.jones@microsoft.com, ietf@augustcellars.com, mpeck@mitre.org
X-Trac-Project: jose
Date: Mon, 19 Aug 2013 01:14:00 -0000
X-URL: http://tools.ietf.org/jose/
X-Trac-Ticket-URL: https://grenache.tools.ietf.org/wg/jose/trac/ticket/28#comment:6
Message-ID: <069.fe6ea2aced386b36f4380b021bb022bb@trac.tools.ietf.org>
References: <054.7c33f2d20d536f291cb1402eed2d1710@trac.tools.ietf.org>
X-Trac-Ticket-ID: 28
In-Reply-To: <054.7c33f2d20d536f291cb1402eed2d1710@trac.tools.ietf.org>
X-SA-Exim-Connect-IP: 127.0.0.1
X-SA-Exim-Rcpt-To: draft-ietf-jose-json-web-algorithms@tools.ietf.org, michael.jones@microsoft.com, ietf@augustcellars.com, mpeck@mitre.org, jose@ietf.org
X-SA-Exim-Mail-From: trac+jose@trac.tools.ietf.org
X-SA-Exim-Scanned: No (on grenache.tools.ietf.org); SAEximRunCond expanded to false
Resent-To: mbj@microsoft.com
Resent-Message-Id: <20130819011410.174E711E80E8@ietfa.amsl.com>
Resent-Date: Sun, 18 Aug 2013 18:14:09 -0700
Resent-From: trac+jose@trac.tools.ietf.org
Cc: jose@ietf.org
Subject: Re: [jose] #28: AES-GCM should not be allowed for content encryption in combination with Direct Encryption key management mode
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.12
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/jose>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 19 Aug 2013 23:23:25 -0000
#28: AES-GCM should not be allowed for content encryption in combination with Direct Encryption key management mode Comment (by ietf@augustcellars.com): It is not true that there is no need to keep track in this case. An application would still need to ensure that it does not re-use the nonce value when doing the encryption. The simplest way to do this is to have a counter which can then be used to say it has been exceeded. One of the stated goals for this group is to allow crypto to be done by people who are not experts. This means that we need to ensure that there is good text that can be understood to deal with those cases where it is going to be very easy to get things wrong. This is probably one of those cases. -- -------------------------+------------------------------------------------- Reporter: | Owner: draft-ietf-jose-json-web- mpeck@mitre.org | algorithms@tools.ietf.org Type: defect | Status: new Priority: major | Milestone: Component: json-web- | Version: algorithms | Resolution: Severity: - | Keywords: | -------------------------+------------------------------------------------- Ticket URL: <https://grenache.tools.ietf.org/wg/jose/trac/ticket/28#comment:6> jose <http://tools.ietf.org/jose/>
- Re: [jose] #28: AES-GCM should not be allowed for… jose issue tracker
- [jose] #28: AES-GCM should not be allowed for con… jose issue tracker
- Re: [jose] #28: AES-GCM should not be allowed for… jose issue tracker
- Re: [jose] #28: AES-GCM should not be allowed for… jose issue tracker
- Re: [jose] #28: AES-GCM should not be allowed for… jose issue tracker
- Re: [jose] #28: AES-GCM should not be allowed for… jose issue tracker
- Re: [jose] #28: AES-GCM should not be allowed for… jose issue tracker
- Re: [jose] #28: AES-GCM should not be allowed for… jose issue tracker