Re: [jose] #17: add 'aud' and 'iss' to 4.1 Reserved Header Parameter Names
"jose issue tracker" <trac+jose@trac.tools.ietf.org> Wed, 03 April 2013 20:03 UTC
Return-Path: <trac+jose@trac.tools.ietf.org>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 55DFE21F8B97 for <jose@ietfa.amsl.com>; Wed, 3 Apr 2013 13:03:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.599
X-Spam-Level:
X-Spam-Status: No, score=-102.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RU+sumfo3ym0 for <jose@ietfa.amsl.com>; Wed, 3 Apr 2013 13:03:58 -0700 (PDT)
Received: from grenache.tools.ietf.org (grenache.tools.ietf.org [IPv6:2a01:3f0:1:2::30]) by ietfa.amsl.com (Postfix) with ESMTP id B678E21F8A91 for <jose@ietf.org>; Wed, 3 Apr 2013 13:03:58 -0700 (PDT)
Received: from localhost ([127.0.0.1]:45660 helo=grenache.tools.ietf.org ident=www-data) by grenache.tools.ietf.org with esmtp (Exim 4.80) (envelope-from <trac+jose@trac.tools.ietf.org>) id 1UNTuR-000682-C7; Wed, 03 Apr 2013 22:03:51 +0200
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
From: jose issue tracker <trac+jose@trac.tools.ietf.org>
X-Trac-Version: 0.12.3
Precedence: bulk
Auto-Submitted: auto-generated
X-Mailer: Trac 0.12.3, by Edgewall Software
To: draft-ietf-jose-json-web-encryption@tools.ietf.org, michael.jones@microsoft.com
X-Trac-Project: jose
Date: Wed, 03 Apr 2013 20:03:51 -0000
X-URL: http://tools.ietf.org/jose/
X-Trac-Ticket-URL: http://trac.tools.ietf.org/wg/jose/trac/ticket/17#comment:1
Message-ID: <074.0ab64512938724c4d95e33c537c743e4@trac.tools.ietf.org>
References: <059.28920e1fc6703f74a91ab3b3829a8a57@trac.tools.ietf.org>
X-Trac-Ticket-ID: 17
In-Reply-To: <059.28920e1fc6703f74a91ab3b3829a8a57@trac.tools.ietf.org>
X-SA-Exim-Connect-IP: 127.0.0.1
X-SA-Exim-Rcpt-To: draft-ietf-jose-json-web-encryption@tools.ietf.org, michael.jones@microsoft.com, jose@ietf.org
X-SA-Exim-Mail-From: trac+jose@trac.tools.ietf.org
X-SA-Exim-Scanned: No (on grenache.tools.ietf.org); SAEximRunCond expanded to false
Resent-To: ekr@rtfm.com, jhildebr@cisco.com, mbj@microsoft.com
Resent-Message-Id: <20130403200358.B678E21F8A91@ietfa.amsl.com>
Resent-Date: Wed, 03 Apr 2013 13:03:58 -0700
Resent-From: trac+jose@trac.tools.ietf.org
Cc: jose@ietf.org
Subject: Re: [jose] #17: add 'aud' and 'iss' to 4.1 Reserved Header Parameter Names
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.12
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/jose>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 03 Apr 2013 20:03:59 -0000
#17: add 'aud' and 'iss' to 4.1 Reserved Header Parameter Names Comment (by michael.jones@microsoft.com): I believe that this is a JWT issue – not a JOSE issue. I'd suggest that you re-file this issue to be considered for the JWT spec, Dick, and close it here, as it's JWT-specific. The OAuth issue tracker (which can be used for the JWT spec, since it's in the OAuth working group) is at http://trac.tools.ietf.org/wg/oauth/trac/. I think the real change you're requesting is to have the JWT spec add the "iss" and "aud" claims, which it defines, to the list of reserved JWE header parameter values, and to say that the "iss" and "aud" claim values defined by the JWT spec may appear in the JWE header. The JWT spec *can* reserve JOSE header fields. (Any spec can, through use of the IANA registry.) This doesn't have to be done in the JWE spec. A processing question you'd need to answer is whether, if present in the JWE header, these claim values must also appear in the JWT Claims Set with identical values, or whether it's your intent to allow or require them to appear in exactly one of the two locations. -- -------------------------+------------------------------------------------- Reporter: | Owner: draft-ietf-jose-json-web- dick.hardt@gmail.com | encryption@tools.ietf.org Type: enhancement | Status: new Priority: major | Milestone: Component: json-web- | Version: encryption | Resolution: Severity: - | Keywords: | -------------------------+------------------------------------------------- Ticket URL: <http://trac.tools.ietf.org/wg/jose/trac/ticket/17#comment:1> jose <http://tools.ietf.org/jose/>
- [jose] #17: add 'aud' and 'iss' to 4.1 Reserved H… jose issue tracker
- Re: [jose] #17: add 'aud' and 'iss' to 4.1 Reserv… jose issue tracker
- Re: [jose] #17: add 'aud' and 'iss' to 4.1 Reserv… Dick Hardt
- Re: [jose] #17: add 'aud' and 'iss' to 4.1 Reserv… jose issue tracker
- Re: [jose] #17: add 'aud' and 'iss' to 4.1 Reserv… Dick Hardt
- Re: [jose] #17: add 'aud' and 'iss' to 4.1 Reserv… Mike Jones
- Re: [jose] #17: add 'aud' and 'iss' to 4.1 Reserv… Mike Jones
- Re: [jose] #17: add 'aud' and 'iss' to 4.1 Reserv… John Bradley
- Re: [jose] #17: add 'aud' and 'iss' to 4.1 Reserv… Dick Hardt
- Re: [jose] #17: add 'aud' and 'iss' to 4.1 Reserv… Dick Hardt
- Re: [jose] #17: add 'aud' and 'iss' to 4.1 Reserv… Dick Hardt
- Re: [jose] #17: add 'aud' and 'iss' to 4.1 Reserv… Mike Jones
- Re: [jose] #17: add 'aud' and 'iss' to 4.1 Reserv… Dick Hardt
- Re: [jose] #17: add 'aud' and 'iss' to 4.1 Reserv… Jim Schaad
- Re: [jose] #17: add 'aud' and 'iss' to 4.1 Reserv… Mike Jones
- Re: [jose] #17: add 'aud' and 'iss' to 4.1 Reserv… Matt Miller (mamille2)
- Re: [jose] #17: add 'aud' and 'iss' to 4.1 Reserv… jose issue tracker