[jose] question regarding JWE header "kid"' attribute

"Andrew Biggs (adb)" <adb@cisco.com> Tue, 07 October 2014 03:43 UTC

Return-Path: <adb@cisco.com>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A443C1A911B for <jose@ietfa.amsl.com>; Mon, 6 Oct 2014 20:43:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -15.026
X-Spam-Level:
X-Spam-Status: No, score=-15.026 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, HTML_OBFUSCATE_05_10=0.26, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-0.786, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pLsErFIKKein for <jose@ietfa.amsl.com>; Mon, 6 Oct 2014 20:43:19 -0700 (PDT)
Received: from rcdn-iport-1.cisco.com (rcdn-iport-1.cisco.com [173.37.86.72]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4A4AD1A9119 for <jose@ietf.org>; Mon, 6 Oct 2014 20:43:19 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=2156; q=dns/txt; s=iport; t=1412653399; x=1413862999; h=from:to:subject:date:message-id:mime-version; bh=rfIsL8lqqKeWSa3asNjMjYw4I6uxKSmEovw+gz/Z4mI=; b=OYypNMVoXkaidpDZcX/9clOkQCP6+jSTHoRg0CSa6lgDfEClMomz1c6d jjLRYhHhauMeQq1rgBg55KlvWXIkledR6ugIeIErR/RnHPVOQnwBg3SPK pXWsmKS/lJ5CvdehWoKMLQzXDr4A2XVGBJEhnd5PqdZtIBMr6YkcFW+ma 8=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AiwGANZgM1StJA2L/2dsb2JhbABfgkhGgS/VHhYBcgmECoELAQwBcycEiFGcYaQ6GJUXBZF0i0qWAINjgjSBAgEBAQ
X-IronPort-AV: E=Sophos;i="5.04,667,1406592000"; d="scan'208,217";a="360950110"
Received: from alln-core-6.cisco.com ([173.36.13.139]) by rcdn-iport-1.cisco.com with ESMTP; 07 Oct 2014 03:43:18 +0000
Received: from xhc-rcd-x10.cisco.com (xhc-rcd-x10.cisco.com [173.37.183.84]) by alln-core-6.cisco.com (8.14.5/8.14.5) with ESMTP id s973hIT3022438 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL) for <jose@ietf.org>; Tue, 7 Oct 2014 03:43:18 GMT
Received: from xmb-aln-x06.cisco.com ([169.254.1.175]) by xhc-rcd-x10.cisco.com ([173.37.183.84]) with mapi id 14.03.0195.001; Mon, 6 Oct 2014 22:43:18 -0500
From: "Andrew Biggs (adb)" <adb@cisco.com>
To: "jose@ietf.org" <jose@ietf.org>
Thread-Topic: question regarding JWE header "kid"' attribute
Thread-Index: AQHP4eDUUhhndZORSU6+UJUGUxaYzw==
Date: Tue, 07 Oct 2014 03:43:17 +0000
Message-ID: <D058BD72.2D9EC%adb@cisco.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/14.4.3.140616
x-originating-ip: [10.21.148.110]
Content-Type: multipart/alternative; boundary="_000_D058BD722D9ECadbciscocom_"
MIME-Version: 1.0
Archived-At: http://mailarchive.ietf.org/arch/msg/jose/XnjubGyCgih8FoDwAhWS4HwSr8U
Subject: [jose] question regarding JWE header "kid"' attribute
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/jose/>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 07 Oct 2014 03:43:20 -0000

Section 4.1.6 of the JWE draft describes the “kid” attribute of the JWE header as a "hint [that] references the public key to which the JWE was encrypted”.  If the JWE were encrypted in direct key agreement mode, would it be incorrect for the “kid” attribute to reference the CEK used in the JWE?

Thanks,
Andrew