IETF Logo Mail Archive

Re: [jose] Feedback request on jose tracker issue #8: Should we add a "spi" header field?

Richard Barnes <rlb@ipv.sx> Mon, 15 April 2013 17:37 UTC

Return-Path: <rlb@ipv.sx>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 65D0321F9628 for <jose@ietfa.amsl.com>; Mon, 15 Apr 2013 10:37:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.725
X-Spam-Level:
X-Spam-Status: No, score=0.725 tagged_above=-999 required=5 tests=[AWL=1.150, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RDNS_NONE=0.1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YxJrgo7ZyISG for <jose@ietfa.amsl.com>; Mon, 15 Apr 2013 10:37:12 -0700 (PDT)
Received: from mail-ob0-x22a.google.com (mail-ob0-x22a.google.com [IPv6:2607:f8b0:4003:c01::22a]) by ietfa.amsl.com (Postfix) with ESMTP id 5626121F9588 for <jose@ietf.org>; Mon, 15 Apr 2013 10:37:12 -0700 (PDT)
Received: by mail-ob0-f170.google.com with SMTP id x4so2135774obh.1 for <jose@ietf.org>; Mon, 15 Apr 2013 10:37:11 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:x-received:x-originating-ip:in-reply-to:references :date:message-id:subject:from:to:cc:content-type:x-gm-message-state; bh=c42z6Ez4l1kbgkzHd1Qvpdn2EwL6CBVCNkTAlM7sXFE=; b=AhhnclHzrHnLz2dcWNGYWgB4+G8oM9CnU0NnbHJwFXSHJRj8Kznbei4cowW5INz0We CxfXctyuxRw7Qvj1FBx1paVVK+f5OA+YJHBaLDCg17104p8Jr+xSY6m8KK5tkOlEKK8D En49/vrws59IscU3rhFGlKQjVGbJ/XYlP45lbCCFJi4a3+Mgy5tadEvSjX/Pvr9ew+dh /o1rRukhRrJYb7X5X09TUFrDUWvSuKYbnGxC8RFJm3wsWSnPxHmGCHObCviroI22CUlJ PJ+8hd+Kmdj1ufdL2jy9GULviROtMo0zqL4U2hI5oDx/4CZniSby6sHeKmjkBfP2FHyF vdZA==
MIME-Version: 1.0
X-Received: by 10.182.96.1 with SMTP id do1mr7719744obb.17.1366047431631; Mon, 15 Apr 2013 10:37:11 -0700 (PDT)
Received: by 10.60.25.196 with HTTP; Mon, 15 Apr 2013 10:37:11 -0700 (PDT)
X-Originating-IP: [137.54.9.111]
In-Reply-To: <51674E2D.3040604@isoc.org>
References: <51674E2D.3040604@isoc.org>
Date: Mon, 15 Apr 2013 13:37:11 -0400
Message-ID: <CAL02cgRQf4MrFQvZ+e6wLm+UqtCZnPG7sO2i_iibb5Yia+4bVQ@mail.gmail.com>
From: Richard Barnes <rlb@ipv.sx>
To: odonoghue@isoc.org
Content-Type: multipart/alternative; boundary="001a11c2fa02e8ba7b04da69b36e"
X-Gm-Message-State: ALoCoQlp47cTXBzIqT05PWTWnBFbtL3kLUqL2CI88tgM4AEbuuE/nGAEHjdCgv3Qahxpev/mJuRx
Cc: jose@ietf.org
Subject: Re: [jose] Feedback request on jose tracker issue #8: Should we add a "spi" header field?
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/jose>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 15 Apr 2013 17:37:13 -0000

2 or 3

All of the "1" responses are missing the point of SPI -- if you want to be
able to omit fields (as people seem to want to do), then you need a switch
to turn off "stand-alone mode".

So responding "1" here is the same as responding "1" on the ISSUE-15 poll,
that at least one key indicator MUST be present.



On Thu, Apr 11, 2013 at 7:58 PM, Karen O'Donoghue <odonoghue@isoc.org>wrote:

>  ****Issue #8 http://trac.tools.ietf.org/wg/jose/trac/ticket/8 proposes
> adding an “spi” (security parameters index) header parameter to the JWS and
> JWE specifications.  This modification to the JOSE formats would allow for
> signaling that pre-negotiated cryptographic parameters are being used,
> rather than including those parameters in the JWS or JWE header.  This
> proposal has been written up as
> http://tools.ietf.org/html/draft-barnes-jose-spi-00.****
>
> ** **
>
> Which of these best describes your preferences on this issue?****
>
> 1.  Have draft-barnes-jose-spi remain a separate specification that could
> optionally also be supported by JWS and JWE implementations.****
>
> 2.  Incorporate draft-barnes-jose-spi into the JWS and JWE specifications
> as a mandatory feature.****
>
> 3.  Incorporate draft-barnes-jose-spi into the JWS and JWE specifications
> as an optional feature.****
>
> 4.  Another resolution (please specify in detail).****
>
> 0.  I need more information to decide.****
> Your reply is requested by Friday, April 19th or earlier.
>
> _______________________________________________
> jose mailing list
> jose@ietf.org
> https://www.ietf.org/mailman/listinfo/jose
>
>

v2.23.0 | Report a Bug | By Email