Re: [jose] Opsdir review of draft-ietf-jose-jwk-thumbprint-05
Sarah Banks <sbanks@encrypted.net> Tue, 23 June 2015 21:22 UTC
Return-Path: <sbanks@encrypted.net>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 357641A1B19; Tue, 23 Jun 2015 14:22:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.909
X-Spam-Level:
X-Spam-Status: No, score=-1.909 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dJaGnn_7dYeu; Tue, 23 Jun 2015 14:22:12 -0700 (PDT)
Received: from firefly.encrypted.net (firefly.encrypted.net [72.13.81.186]) by ietfa.amsl.com (Postfix) with ESMTP id A0B6B1A1AE6; Tue, 23 Jun 2015 14:22:11 -0700 (PDT)
Received: from firefly.encrypted.net (localhost [127.0.0.1]) by firefly.encrypted.net (Postfix) with ESMTP id 7DA4233D65; Tue, 23 Jun 2015 14:22:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at encrypted.net
Received: from firefly.encrypted.net ([127.0.0.1]) by firefly.encrypted.net (firefly.encrypted.net [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cb17VAcyZUiV; Tue, 23 Jun 2015 14:22:11 -0700 (PDT)
Received: from [192.168.243.89] (66-7-254-66.static-ip.telepacific.net [66.7.254.66]) by firefly.encrypted.net (Postfix) with ESMTPSA id CA75633D0A; Tue, 23 Jun 2015 14:22:10 -0700 (PDT)
Content-Type: multipart/alternative; boundary="Apple-Mail=_45F95D63-AE2C-43E9-9ABA-DA77A765CC84"
Mime-Version: 1.0 (Mac OS X Mail 8.2 \(2098\))
From: Sarah Banks <sbanks@encrypted.net>
In-Reply-To: <BLUPR03MB43772C035417DEEB3DA3BF5F5A00@BLUPR03MB437.namprd03.prod.outlook.com>
Date: Tue, 23 Jun 2015 14:22:10 -0700
Message-Id: <6EB2A812-7CAF-45C8-BB2B-D01B17436E2B@encrypted.net>
References: <545A3564-B70F-40A4-A787-B582DFDD5D53@encrypted.net> <BLUPR03MB437271C9E968FD842B376A4F5A00@BLUPR03MB437.namprd03.prod.outlook.com> <71A19E5A-166C-48B6-86B8-9530E65948FF@encrypted.net> <BLUPR03MB43772C035417DEEB3DA3BF5F5A00@BLUPR03MB437.namprd03.prod.outlook.com>
To: Mike Jones <Michael.Jones@microsoft.com>
X-Mailer: Apple Mail (2.2098)
Archived-At: <http://mailarchive.ietf.org/arch/msg/jose/WcKskq9XXm0JcBNJFQALJNbH2bg>
Cc: "<ops-dir@ietf.org>" <ops-dir@ietf.org>, "draft-ietf-jose-jwk-thumbprint.all@tools.ietf.org" <draft-ietf-jose-jwk-thumbprint.all@tools.ietf.org>, "jose@ietf.org" <jose@ietf.org>
Subject: Re: [jose] Opsdir review of draft-ietf-jose-jwk-thumbprint-05
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/jose/>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 23 Jun 2015 21:22:15 -0000
Hi Mike, My apologies, I didn't realize you were looking for a cut/paste of the comments - they were minor details to resolve anyhow. Regarding the standards/informational, no problem, it was just a comment from an outside reader, that's all. Thanks Sarah > On Jun 23, 2015, at 12:51 PM, Mike Jones <Michael.Jones@microsoft.com> wrote: > > Thanks, Sarah. Here’s the output of the tool and responses to it: > > -- Looks like a reference, but probably isn't: '1' on line 413 > > -- Looks like a reference, but probably isn't: '0' on line 413 > > == Missing Reference: 'specified ' is mentioned on line 412, but not defined > > The lines referenced by the output above are: > 411 [JWA].) For example, if an RSA key were to use "e":"AAEAAQ" > 412 (representing [0, 1, 0, 1]) rather than the specified correct > 413 representation of "e":"AQAB" (representing [1, 0, 1]), a different > > All of these three nits are false positives in the tool output. > > -- Possible downref: Non-RFC (?) normative reference: ref. 'SHS' > > -- Possible downref: Non-RFC (?) normative reference: ref. 'UNICODE' > > It’s appropriate for both of these references to be normative, for the same reasons that they are in http://tools.ietf.org/html/rfc7518#section-10.1 <http://tools.ietf.org/html/rfc7518#section-10.1>. > > Also, about whether the draft is standards-track or informational, this was discussed by the working group and because it’s being normatively referenced by other specs, the decision was to leave it standards-track. > > Best wishes, > -- Mike > > From: Sarah Banks [mailto:sbanks@encrypted.net <mailto:sbanks@encrypted.net>] > Sent: Tuesday, June 23, 2015 12:30 PM > To: Mike Jones > Cc: draft-ietf-jose-jwk-thumbprint.all@tools.ietf.org <mailto:draft-ietf-jose-jwk-thumbprint.all@tools.ietf.org>; <ops-dir@ietf.org <mailto:ops-dir@ietf.org>>; jose@ietf.org <mailto:jose@ietf.org> > Subject: Re: Opsdir review of draft-ietf-jose-jwk-thumbprint-05 > > Hey Mike, they were from the nits checker within tools, and click on the "nits" button. Here's the (long) URL to it from my browser: > > https://www.ietf.org/tools/idnits?url=https://www.ietf.org/archive/id/draft-ietf-jose-jwk-thumbprint-05.txt <https://www.ietf.org/tools/idnits?url=https://www.ietf.org/archive/id/draft-ietf-jose-jwk-thumbprint-05.txt> > > Thanks > Sarah > > On Jun 23, 2015, at 11:43 AM, Mike Jones <Michael.Jones@microsoft.com <mailto:Michael.Jones@microsoft.com>> wrote: > > Thanks for the review, Sarah. Could you send us a link to the review comments in the tools? (I poked around, including athttps://svn.tools.ietf.org/area/ops/trac/wiki/Directorates <https://svn.tools.ietf.org/area/ops/trac/wiki/Directorates>, and couldn't find the review comments.) > > Thanks, > -- Mike > > -----Original Message----- > From: Sarah Banks [mailto:sbanks@encrypted.net <mailto:sbanks@encrypted.net>] > Sent: Tuesday, June 23, 2015 11:36 AM > To: draft-ietf-jose-jwk-thumbprint.all@tools.ietf.org <mailto:draft-ietf-jose-jwk-thumbprint.all@tools.ietf.org>; <ops-dir@ietf.org <mailto:ops-dir@ietf.org>> > Subject: Opsdir review of draft-ietf-jose-jwk-thumbprint-05 > > I have reviewed this document as part of the Operational directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written with the intent of improving the operational aspects of the IETF drafts. Comments that are not addressed in last call may be included in AD reviews during the IESG review. Document editors and WG chairs should treat these comments just like any other last call comments. > > Document reviewed: draft-ietf-jose-jwk-thumbprint-05 > > Summary: Ready to go, no nits, 5 comments (see tools). > > Overall, if I were implementing this in code, I'd appreciate the preamble, thanks for the clear description. I also appreciate that the security section was well considered and discussed. I have no major comments, other than that it read like .. an algorithm to me, and I was a bit surprised to see it on the Standards track, rather than informational, but that's just a comment, not a nit or problem. The draft is ready to go. > > Thanks > Sarah