[jose] #8: Direct mode for key agreement needs security analysis
"jose issue tracker" <trac+jose@trac.tools.ietf.org> Fri, 18 January 2013 23:24 UTC
Return-Path: <trac+jose@trac.tools.ietf.org>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F305E21F8698 for <jose@ietfa.amsl.com>; Fri, 18 Jan 2013 15:24:08 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.599
X-Spam-Level:
X-Spam-Status: No, score=-102.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RaQkWZ50-u7I for <jose@ietfa.amsl.com>; Fri, 18 Jan 2013 15:24:08 -0800 (PST)
Received: from grenache.tools.ietf.org (grenache.tools.ietf.org [IPv6:2a01:3f0:1:2::30]) by ietfa.amsl.com (Postfix) with ESMTP id 63C6821F872C for <jose@ietf.org>; Fri, 18 Jan 2013 15:24:08 -0800 (PST)
Received: from localhost ([127.0.0.1]:39136 helo=grenache.tools.ietf.org ident=www-data) by grenache.tools.ietf.org with esmtp (Exim 4.80) (envelope-from <trac+jose@trac.tools.ietf.org>) id 1TwLI3-000142-Tj; Sat, 19 Jan 2013 00:24:03 +0100
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: jose issue tracker <trac+jose@trac.tools.ietf.org>
X-Trac-Version: 0.12.3
Precedence: bulk
Auto-Submitted: auto-generated
X-Mailer: Trac 0.12.3, by Edgewall Software
To: draft-ietf-jose-json-web-encryption@tools.ietf.org, rbarnes@bbn.com
X-Trac-Project: jose
Date: Fri, 18 Jan 2013 23:24:03 -0000
X-URL: http://tools.ietf.org/jose/
X-Trac-Ticket-URL: http://trac.tools.ietf.org/wg/jose/trac/ticket/8
Message-ID: <054.96c0b71d4934f695a54309d767dbf877@trac.tools.ietf.org>
X-Trac-Ticket-ID: 8
X-SA-Exim-Connect-IP: 127.0.0.1
X-SA-Exim-Rcpt-To: draft-ietf-jose-json-web-encryption@tools.ietf.org, rbarnes@bbn.com, jose@ietf.org
X-SA-Exim-Mail-From: trac+jose@trac.tools.ietf.org
X-SA-Exim-Scanned: No (on grenache.tools.ietf.org); SAEximRunCond expanded to false
Resent-To: ekr@rtfm.com, jhildebr@cisco.com, mbj@microsoft.com
Resent-Message-Id: <20130118232408.63C6821F872C@ietfa.amsl.com>
Resent-Date: Fri, 18 Jan 2013 15:24:08 -0800
Resent-From: trac+jose@trac.tools.ietf.org
X-Mailman-Approved-At: Fri, 18 Jan 2013 15:43:29 -0800
Cc: jose@ietf.org
Subject: [jose] #8: Direct mode for key agreement needs security analysis
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.12
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/jose>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 18 Jan 2013 23:24:09 -0000
#8: Direct mode for key agreement needs security analysis JWE specifies a "direct encryption" method, in which the output of key agreement is used for content encryption instead of key wrapping. This scheme is not used in other IETF security protocols that use key agreement, e.g., CMS or IPsec. CMS uses the agreed key for wrapping. IPsec uses it to key the IKE SA, which covers further key agreement. The security considerations needs to justify why this scheme is secure, and any relevant constraints (e.g., lifetime of DH keys). -- -------------------------+------------------------------------------------- Reporter: | Owner: draft-ietf-jose-json-web- rbarnes@bbn.com | encryption@tools.ietf.org Type: defect | Status: new Priority: major | Milestone: Component: json-web- | Version: encryption | Keywords: Severity: Active WG | Document | -------------------------+------------------------------------------------- Ticket URL: <http://trac.tools.ietf.org/wg/jose/trac/ticket/8> jose <http://tools.ietf.org/jose/>
- [jose] #8: Direct mode for key agreement needs se… jose issue tracker
- Re: [jose] #8: Direct mode for key agreement need… Eric Rescorla
- Re: [jose] #8: Direct mode for key agreement need… jose issue tracker
- Re: [jose] #8: Direct mode for key agreement need… jose issue tracker
- Re: [jose] #8: Direct mode for key agreement need… jose issue tracker