IETF Logo Mail Archive

Re: [jose] Feedback request on jose tracker issue #15: Should at least on key indicator be mandatory

Anthony Nadalin <tonynad@microsoft.com> Mon, 15 April 2013 16:46 UTC

Return-Path: <tonynad@microsoft.com>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 976C421F95B4 for <jose@ietfa.amsl.com>; Mon, 15 Apr 2013 09:46:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.533
X-Spam-Level:
X-Spam-Status: No, score=0.533 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, UNRESOLVED_TEMPLATE=3.132]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xU4c4z15Vy7Z for <jose@ietfa.amsl.com>; Mon, 15 Apr 2013 09:46:50 -0700 (PDT)
Received: from na01-bl2-obe.outbound.protection.outlook.com (mail-bl2lp0211.outbound.protection.outlook.com [207.46.163.211]) by ietfa.amsl.com (Postfix) with ESMTP id B420E21F9615 for <jose@ietf.org>; Mon, 15 Apr 2013 09:46:49 -0700 (PDT)
Received: from BY2FFO11FD019.protection.gbl (10.1.15.200) by BY2FFO11HUB032.protection.gbl (10.1.14.177) with Microsoft SMTP Server (TLS) id 15.0.664.0; Mon, 15 Apr 2013 16:47:18 +0000
Received: from TK5EX14HUBC102.redmond.corp.microsoft.com (131.107.125.37) by BY2FFO11FD019.mail.protection.outlook.com (10.1.14.107) with Microsoft SMTP Server (TLS) id 15.0.675.0 via Frontend Transport; Mon, 15 Apr 2013 16:46:47 +0000
Received: from ch1outboundpool.messaging.microsoft.com (157.54.51.81) by mail.microsoft.com (157.54.7.154) with Microsoft SMTP Server (TLS) id 14.2.318.3; Mon, 15 Apr 2013 16:46:34 +0000
Received: from mail187-ch1-R.bigfish.com (10.43.68.248) by CH1EHSOBE009.bigfish.com (10.43.70.59) with Microsoft SMTP Server id 14.1.225.23; Mon, 15 Apr 2013 16:45:26 +0000
Received: from mail187-ch1 (localhost [127.0.0.1]) by mail187-ch1-R.bigfish.com (Postfix) with ESMTP id 429812013D for <jose@ietf.org.FOPE.CONNECTOR.OVERRIDE>; Mon, 15 Apr 2013 16:45:26 +0000 (UTC)
X-Forefront-Antispam-Report-Untrusted: CIP:157.56.240.21; KIP:(null); UIP:(null); (null); H:BL2PRD0310HT001.namprd03.prod.outlook.com; R:internal; EFV:INT
X-SpamScore: -37
X-BigFish: PS-37(z21aILz9371I542Izz1f42h1fc6h1ee6h1de0h1fdah1202h1e76h1d1ah1d2ah1082kz97hz1033IL17326ah8275bh8275dhz31h2a8h668h839h944hd24hf0ah1220h1288h12a5h12a9h12bdh137ah13b6h1441h1504h1537h153bh162dh1631h1758h18e1h1946h19b5h19ceh1ad9h1b0ah9a9j1155h)
Received-SPF: softfail (mail187-ch1: transitioning domain of microsoft.com does not designate 157.56.240.21 as permitted sender) client-ip=157.56.240.21; envelope-from=tonynad@microsoft.com; helo=BL2PRD0310HT001.namprd03.prod.outlook.com ; .outlook.com ;
X-Forefront-Antispam-Report-Untrusted: SFV:SKI; SFS:; DIR:OUT; SFP:; SCL:-1; SRVR:BY2PR03MB043; H:BY2PR03MB041.namprd03.prod.outlook.com; LANG:en;
Received: from mail187-ch1 (localhost.localdomain [127.0.0.1]) by mail187-ch1 (MessageSwitch) id 1366044324547250_18718; Mon, 15 Apr 2013 16:45:24 +0000 (UTC)
Received: from CH1EHSMHS043.bigfish.com (snatpool1.int.messaging.microsoft.com [10.43.68.254]) by mail187-ch1.bigfish.com (Postfix) with ESMTP id 80E9B46004F; Mon, 15 Apr 2013 16:45:24 +0000 (UTC)
Received: from BL2PRD0310HT001.namprd03.prod.outlook.com (157.56.240.21) by CH1EHSMHS043.bigfish.com (10.43.69.252) with Microsoft SMTP Server (TLS) id 14.1.225.23; Mon, 15 Apr 2013 16:45:24 +0000
Received: from BY2PR03MB043.namprd03.prod.outlook.com (10.255.241.147) by BL2PRD0310HT001.namprd03.prod.outlook.com (10.255.97.36) with Microsoft SMTP Server (TLS) id 14.16.299.2; Mon, 15 Apr 2013 16:45:21 +0000
Received: from BY2PR03MB041.namprd03.prod.outlook.com (10.255.241.145) by BY2PR03MB043.namprd03.prod.outlook.com (10.255.241.147) with Microsoft SMTP Server (TLS) id 15.0.670.13; Mon, 15 Apr 2013 16:45:19 +0000
Received: from BY2PR03MB041.namprd03.prod.outlook.com ([169.254.8.206]) by BY2PR03MB041.namprd03.prod.outlook.com ([169.254.8.18]) with mapi id 15.00.0670.000; Mon, 15 Apr 2013 16:45:19 +0000
From: Anthony Nadalin <tonynad@microsoft.com>
To: Mike Jones <Michael.Jones@microsoft.com>, "odonoghue@isoc.org" <odonoghue@isoc.org>
Thread-Topic: [jose] Feedback request on jose tracker issue #15: Should at least on key indicator be mandatory
Thread-Index: AQHONxC5wP3auePN60uUMbzexd7pcJjSDgmAgANZPYCAAgVLgIAAFoBw
Date: Mon, 15 Apr 2013 16:45:18 +0000
Message-ID: <074f8f5e0dad44509e5fe16b3b9ad818@BY2PR03MB041.namprd03.prod.outlook.com>
References: <51674E63.3050809@isoc.org> <4E1F6AAD24975D4BA5B168042967394367615F37@TK5EX14MBXC283.redmond.corp.microsoft.com> <AB5C7306-21DE-40FA-BBC6-114BCD3DADFD@adm.umu.se> <4E1F6AAD24975D4BA5B168042967394367641294@TK5EX14MBXC283.redmond.corp.microsoft.com>
In-Reply-To: <4E1F6AAD24975D4BA5B168042967394367641294@TK5EX14MBXC283.redmond.corp.microsoft.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [77.48.62.186]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OrganizationHeadersPreserved: BY2PR03MB043.namprd03.prod.outlook.com
X-FOPE-CONNECTOR: Id%0$Dn%*$RO%0$TLS%0$FQDN%$TlsDn%
X-FOPE-CONNECTOR: Id%59$Dn%IETF.ORG$RO%2$TLS%6$FQDN%corpf5vips-237160.customer.frontbridge.com$TlsDn%
X-FOPE-CONNECTOR: Id%59$Dn%ISOC.ORG$RO%2$TLS%6$FQDN%corpf5vips-237160.customer.frontbridge.com$TlsDn%
X-CrossPremisesHeadersPromoted: TK5EX14HUBC102.redmond.corp.microsoft.com
X-CrossPremisesHeadersFiltered: TK5EX14HUBC102.redmond.corp.microsoft.com
X-Forefront-Antispam-Report: CIP:131.107.125.37; CTRY:US; IPV:CAL; IPV:NLI; EFV:NLI; SFV:NSPM; SFS:(189002)(5383001)(377454001)(199002)(13464002)(77982001)(47736001)(46102001)(54316002)(33646001)(47776003)(20776003)(47446002)(5343655001)(47976001)(53806001)(46406003)(76482001)(50986001)(65816001)(63696002)(50466001)(79102001)(69226001)(44976003)(15202345002)(56776001)(6806002)(80022001)(23726002)(16676001)(74502001)(51856001)(56816002)(81342001)(5343635001)(4396001)(49866001)(74662001)(31966008)(81542001)(54356001)(59766001)(66066001)(1511001)(42262001)(24736002); DIR:OUT; SFP:; SCL:1; SRVR:BY2FFO11HUB032; H:TK5EX14HUBC102.redmond.corp.microsoft.com; RD:InfoDomainNonexistent; MX:1; A:1; LANG:en;
X-OriginatorOrg: microsoft.onmicrosoft.com
X-Forefront-PRVS: 0817737FD1
Cc: "jose@ietf.org" <jose@ietf.org>
Subject: Re: [jose] Feedback request on jose tracker issue #15: Should at least on key indicator be mandatory
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/jose>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 15 Apr 2013 16:46:50 -0000

1.  Yes - Use cases where key information is exchanged by means other than the JWS and JWE headers ARE important.

-----Original Message-----
From: jose-bounces@ietf.org [mailto:jose-bounces@ietf.org] On Behalf Of Mike Jones
Sent: Monday, April 15, 2013 8:25 AM
To: odonoghue@isoc.org
Cc: jose@ietf.org
Subject: Re: [jose] Feedback request on jose tracker issue #15: Should at least on key indicator be mandatory

1.  Yes - Use cases where key information is exchanged by means other than the JWS and JWE headers ARE important.

-----Original Message-----
From: Roland Hedberg [mailto:roland.hedberg@adm.umu.se] 
Sent: Sunday, April 14, 2013 1:33 AM
To: odonoghue@isoc.org
Cc: jose@ietf.org; Mike Jones
Subject: Re: [jose] Feedback request on jose tracker issue #15: Should at least on key indicator be mandatory

I support 1 as defined by Mike.

12 apr 2013 kl. 07:25 skrev Mike Jones <Michael.Jones@microsoft.com>:

> 1.  Yes - Use cases where key information is exchanged by means other than the JWS and JWE headers ARE important

-- Roland

From: Mike Jones 
Sent: Thursday, April 11, 2013 10:25 PM
To: 'odonoghue@isoc.org'; jose@ietf.org
Subject: RE: [jose] Feedback request on jose tracker issue #15: Should at least on key indicator be mandatory

Reading this question, I believe that there's a possibility for the question to be misinterpreted, since the sense of the question in the subject is opposite of the sense of the question in the body.  I believe that the intent of 1 and 2 were as follows:

1.  Yes - Use cases where key information is exchanged by means other than the JWS and JWE headers ARE important.
2.  No - Use cases where key information is exchanged by means other than the JWS and JWE headers ARE NOT important.

Maybe people could reply with 1 and 2 as above, so that their answers to the question of whether these use cases are important are not are unambiguous.

                                                            -- Mike

From: jose-bounces@ietf.org [mailto:jose-bounces@ietf.org] On Behalf Of Karen O'Donoghue
Sent: Thursday, April 11, 2013 5:00 PM
To: jose@ietf.org
Subject: [jose] Feedback request on jose tracker issue #15: Should at least on key indicator be mandatory

Issue #15 http://trac.tools.ietf.org/wg/jose/trac/ticket/15. suggests requiring that a key indicator, such as a "kid" field, be required in all JWS and JWE headers. Are use cases where key information is exchanged by means other than the JWS or JWE headers important? 
Which of these best describes your preferences on this issue?
1.  Yes.
2.   No. 
0.  I need more information to decide.
 
Your reply is requested by Friday, April 19th (or earlier).
_______________________________________________
jose mailing list
jose@ietf.org
https://www.ietf.org/mailman/listinfo/jose

v2.23.0 | Report a Bug | By Email