IETF Logo Mail Archive

Re: [jose] Feedback request on jose tracker issue#11: Should we use RFC 5116 and remove the JWE Integrity Value field?

nov matake <matake@gmail.com> Mon, 15 April 2013 16:01 UTC

Return-Path: <matake@gmail.com>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2BECA21F95DE for <jose@ietfa.amsl.com>; Mon, 15 Apr 2013 09:01:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.142
X-Spam-Level:
X-Spam-Status: No, score=-0.142 tagged_above=-999 required=5 tests=[AWL=2.061, BAYES_00=-2.599, MIME_QP_LONG_LINE=1.396, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hSTi4XVUWlPv for <jose@ietfa.amsl.com>; Mon, 15 Apr 2013 09:01:30 -0700 (PDT)
Received: from mail-pa0-f42.google.com (mail-pa0-f42.google.com [209.85.220.42]) by ietfa.amsl.com (Postfix) with ESMTP id 77BF521F949F for <jose@ietf.org>; Mon, 15 Apr 2013 08:59:56 -0700 (PDT)
Received: by mail-pa0-f42.google.com with SMTP id kq13so2618919pab.29 for <jose@ietf.org>; Mon, 15 Apr 2013 08:59:55 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=x-received:references:mime-version:in-reply-to:content-type :content-transfer-encoding:message-id:cc:x-mailer:from:subject:date :to; bh=inFdmUhkKV5fY7Q4US2kHVsqHGoh8VPl9W59giNayTo=; b=zImJhwxthU9f9NlL4nZBV30yWVvz7yLaOBDXMCStTYT6Fa7C9Ffxg95hRFsyq7YdoS +9uqUgNUiWT77mTWTs/QNciIfnr1KrdEK/QwEDBgmDEVXCeut7slpVnskjkwYJO9vk0S aBkr9m3VdpmjdV8B1ayUMqba54MB+EyQSy+PKixJUa8q1ru8NDsEPyw07bOd2USe2B/5 k+cAbw4UwK3rCW/y8P92Bn/zBPd73gRdPtish/43auVl8f2umiupXzvfuru0Fad5diFv JghuzBhpoV+Jwz9DvIQOC7Hx8rx9Bx0l9DnpuZAeIUxrKM3dID37E1vTiB41017duu4O NpOA==
X-Received: by 10.66.175.73 with SMTP id by9mr30017027pac.191.1366041595733; Mon, 15 Apr 2013 08:59:55 -0700 (PDT)
Received: from [192.168.1.33] (s146003.dynamic.ppp.asahi-net.or.jp. [220.157.146.3]) by mx.google.com with ESMTPS id fq1sm20781140pbb.33.2013.04.15.08.59.52 (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Mon, 15 Apr 2013 08:59:54 -0700 (PDT)
References: <51674E3D.7030004@isoc.org> <92D56D5A-C8E3-4143-9976-409D3E6975C3@adm.umu.se> <4E1F6AAD24975D4BA5B168042967394367641218@TK5EX14MBXC283.redmond.corp.microsoft.com>
Mime-Version: 1.0 (1.0)
In-Reply-To: <4E1F6AAD24975D4BA5B168042967394367641218@TK5EX14MBXC283.redmond.corp.microsoft.com>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Message-Id: <8AE6429D-18F0-4479-9D40-314C5CE87841@gmail.com>
X-Mailer: iPhone Mail (10B329)
From: nov matake <matake@gmail.com>
Date: Tue, 16 Apr 2013 00:59:52 +0900
To: Mike Jones <Michael.Jones@microsoft.com>
Cc: "jose@ietf.org" <jose@ietf.org>, "odonoghue@isoc.org" <odonoghue@isoc.org>
Subject: Re: [jose] Feedback request on jose tracker issue#11: Should we use RFC 5116 and remove the JWE Integrity Value field?
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/jose>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 15 Apr 2013 16:01:31 -0000

1

nov

On Apr 16, 2013, at 12:20 AM, Mike Jones <Michael.Jones@microsoft.com> wrote:

> 1.  Continue having separate Ciphertext, Initialization Vector, and Integrity Value values in the JWE representation.
> 
> -----Original Message-----
> From: jose-bounces@ietf.org [mailto:jose-bounces@ietf.org] On Behalf Of Roland Hedberg
> Sent: Saturday, April 13, 2013 12:19 PM
> To: odonoghue@isoc.org
> Cc: jose@ietf.org
> Subject: Re: [jose] Feedback request on jose tracker issue#11: Should we use RFC 5116 and remove the JWE Integrity Value field?
> 
> 1
> 
> 12 apr 2013 kl. 01:58 skrev Karen O'Donoghue <odonoghue@isoc.org>:
> 
> Issue #11 http://trac.tools.ietf.org/wg/jose/trac/ticket/11 proposes restructuring the JWE representation to remove the JWE Integrity Value field and instead use the RFC 5116 (AEAD) binary serialization to represent the Ciphertext, Initialization Vector, and Integrity Value values.  If this proposal is adopted, JWEs would then have three fields - the header, the encrypted key, and the RFC 5116 combination of the Ciphertext, Initialization Vector, and Integrity Value values. 
> This issue is also related to issue #3.  Note that the updated McGrew draft described there could be used whether or not we switched to using RFC 5116.
> 
> 
> Which of these best describes your preferences on this issue?
> 
> 1.  Continue having separate Ciphertext, Initialization Vector, and Integrity Value values in the JWE representation.
> 
> 2.  Switch to using the RFC 5116 (AEAD) serialization to represent the combination of these three values.
> 
> 3.  Another resolution (please specify in detail).
> 
> 0.  I need more information to decide.
> 
> 
> 
> Your reply is requested by Friday, April 19th or earlier. 
> _______________________________________________
> jose mailing list
> jose@ietf.org
> https://www.ietf.org/mailman/listinfo/jose
> 
> _______________________________________________
> jose mailing list
> jose@ietf.org
> https://www.ietf.org/mailman/listinfo/jose
> _______________________________________________
> jose mailing list
> jose@ietf.org
> https://www.ietf.org/mailman/listinfo/jose

v2.23.0 | Report a Bug | By Email