Re: [jose] Should we delete the "typ" header field

I'd prefer to be able to use standard libraries for creating and parsing
tokens, and not specialized libraries dependent on the use case.

I strongly think we either drop "typ" or make it required.

On Wed, May 29, 2013 at 5:03 PM, Mike Jones <Michael.Jones@microsoft.com>wrote:

>  It’s fine for your application to specify that it’s required for your
> use case.  Not applications need it, so they shouldn’t be forced to pay the
> space penalty of an unnecessary field.****
>
> ** **
>
>                                                                 -- Mike***
> *
>
> ** **
>
> *From:* jose-bounces@ietf.org [mailto:jose-bounces@ietf.org] *On Behalf
> Of *Dick Hardt
> *Sent:* Wednesday, May 29, 2013 4:56 PM
>
> *To:* Jim Schaad
> *Cc:* jose@ietf.org
> *Subject:* Re: [jose] Should we delete the "typ" header field****
>
> ** **
>
> I use it all the time and my code would barf if it was not there.****
>
> ** **
>
> I think it should be required rather than be a hint if it is going ot be
> there.****
>
> ** **
>
> On Wed, May 29, 2013 at 4:40 PM, Jim Schaad <ietf@augustcellars.com>
> wrote:****
>
> I think the values just changed****
>
>  ****
>
> However the way you are using it would be an argument to say that it
> should be a required field.  Are you just using it as a hint if it exists
> and then looking at the rest of the fields if it is not present?****
>
>  ****
>
> Jim****
>
>  ****
>
>  ****
>
> *From:* Dick Hardt [mailto:dick.hardt@gmail.com]
> *Sent:* Wednesday, May 29, 2013 3:49 PM
> *To:* Jim Schaad
> *Cc:* jose@ietf.org
> *Subject:* Re: [jose] Should we delete the "typ" header field****
>
>  ****
>
> Well, I have been using, but now realize the spec changed or I was
> confused.****
>
>  ****
>
> I had been setting "typ" to be either "JWE" or "JWS" depending on the type
> of token I was creating or parsing as it was easier than looking at "alg"*
> ***
>
>  ****
>
> As currently defined, I don't see value in "typ".****
>
>  ****
>
> -- Dick****
>
>  ****
>
>  ****
>
> On Wed, May 29, 2013 at 3:02 PM, Jim Schaad <ietf@augustcellars.com>
> wrote:****
>
> In reading the documents, I am trying to understand the justification for
> having the “typ” header parameter in the JOSE documents.****
>
>  ****
>
> The purpose of the field is to hold the type of the object.  In the past,
> I believe that values which should now be placed in the cty field (such as
> “JWT”) were placed in this field as well.  However the parameter is
> optional and an implementation cannot rely on its being present.  This
> means that for all practical purposes all of the code to determine the
> value of the type field from the values of the alg and enc fields.  If the
> field was mandatory then this code would disappear at a fairly small space
> cost and I can understand why the parameter would be present.****
>
>  ****
>
> Can anybody justify why this field should be present in the document – or
> should it just disappear?****
>
>  ****
>
> Jim****
>
>  ****
>
>
> _______________________________________________
> jose mailing list
> jose@ietf.org
> https://www.ietf.org/mailman/listinfo/jose****
>
>
>
> ****
>
>  ****
>
> --
> -- Dick ****
>
>
>
> ****
>
> ** **
>
> --
> -- Dick ****
>
> _______________________________________________
> jose mailing list
> jose@ietf.org
> https://www.ietf.org/mailman/listinfo/jose
>
>

-- 
-- Dick