IETF Logo Mail Archive

Re: [jose] Minutes

Mike Jones <Michael.Jones@microsoft.com> Mon, 25 March 2013 01:03 UTC

Return-Path: <Michael.Jones@microsoft.com>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B6B9921F8E3E for <jose@ietfa.amsl.com>; Sun, 24 Mar 2013 18:03:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.344
X-Spam-Level:
X-Spam-Status: No, score=-2.344 tagged_above=-999 required=5 tests=[AWL=0.254, BAYES_00=-2.599, HTML_MESSAGE=0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VZQqFb8pf1Ir for <jose@ietfa.amsl.com>; Sun, 24 Mar 2013 18:03:01 -0700 (PDT)
Received: from na01-bl2-obe.outbound.protection.outlook.com (mail-bl2lp0203.outbound.protection.outlook.com [207.46.163.203]) by ietfa.amsl.com (Postfix) with ESMTP id 2E3CD21F8E23 for <jose@ietf.org>; Sun, 24 Mar 2013 18:03:01 -0700 (PDT)
Received: from BL2FFO11FD023.protection.gbl (10.173.161.200) by BL2FFO11HUB015.protection.gbl (10.173.160.107) with Microsoft SMTP Server (TLS) id 15.0.651.3; Mon, 25 Mar 2013 01:02:59 +0000
Received: from TK5EX14MLTC102.redmond.corp.microsoft.com (131.107.125.37) by BL2FFO11FD023.mail.protection.outlook.com (10.173.161.102) with Microsoft SMTP Server (TLS) id 15.0.651.3 via Frontend Transport; Mon, 25 Mar 2013 01:02:58 +0000
Received: from TK5EX14MBXC283.redmond.corp.microsoft.com ([169.254.2.224]) by TK5EX14MLTC102.redmond.corp.microsoft.com ([157.54.79.180]) with mapi id 14.02.0318.003; Mon, 25 Mar 2013 01:02:41 +0000
From: Mike Jones <Michael.Jones@microsoft.com>
To: Jim Schaad <ietf@augustcellars.com>, "jose@ietf.org" <jose@ietf.org>
Thread-Topic: [jose] Minutes
Thread-Index: Ac4nOU6Wtn5YToVESdmS7jlWKdSc2ABuH0gQ
Date: Mon, 25 Mar 2013 01:02:40 +0000
Message-ID: <4E1F6AAD24975D4BA5B168042967394367586714@TK5EX14MBXC283.redmond.corp.microsoft.com>
References: <010001ce2739$7eaae070$7c00a150$@augustcellars.com>
In-Reply-To: <010001ce2739$7eaae070$7c00a150$@augustcellars.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [157.54.51.35]
Content-Type: multipart/alternative; boundary="_000_4E1F6AAD24975D4BA5B168042967394367586714TK5EX14MBXC283r_"
MIME-Version: 1.0
X-Forefront-Antispam-Report: CIP:131.107.125.37; CTRY:US; IPV:CAL; IPV:NLI; EFV:NLI; SFV:NSPM; SFS:(377454001)(189002)(199002)(15202345001)(79102001)(69226001)(46102001)(54316002)(76482001)(49866001)(512954001)(63696002)(33656001)(5343655001)(66066001)(47976001)(71186001)(74662001)(4396001)(5343635001)(31966008)(80022001)(55846006)(51856001)(47736001)(53806001)(54356001)(77982001)(16406001)(65816001)(20776003)(44976002)(74502001)(47446002)(56776001)(56816002)(16236675001)(50986001)(59766001); DIR:OUT; SFP:; SCL:1; SRVR:BL2FFO11HUB015; H:TK5EX14MLTC102.redmond.corp.microsoft.com; RD:InfoDomainNonexistent; MX:1; A:1; LANG:en;
X-OriginatorOrg: microsoft.onmicrosoft.com
X-Forefront-PRVS: 0796EBEDE1
Subject: Re: [jose] Minutes
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/jose>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 25 Mar 2013 01:03:02 -0000

I don't believe that the minutes adequately capture the discussion on issue #4 (http://trac.tools.ietf.org/wg/jose/trac/ticket/4#).  I would revise as follows:

Data tracker issue #4 (Impossible to separate wrapped key from encrypted data) - John Bradley's slides pointed out that it *is* possible to separate wrapped keys from encrypted data when needed by using the direct encryption mode and therefore asked for this issue to be closed, as it is based upon a false premise.  Mike Jones also asked for this to be closed on this basis, and pointed out that Nat Sakimura had already described the problem with this issue in the issue tracker.  Richard asked a question about the security analysis of including the wrapped key in the integrity calculation - Does the wrapped key need to be included in the integrity check or not?  The question will be referred to CFRG but a request for possible attack modes being sent to the list is requested.

Given that the problem stated in issue #4 was demonstrated to not actually be a problem during the discussions, I would ask again that the chairs close this one, and update the minutes to reflect this.

                                                            Thank you,
                                                            -- Mike

From: jose-bounces@ietf.org [mailto:jose-bounces@ietf.org] On Behalf Of Jim Schaad
Sent: Friday, March 22, 2013 1:12 PM
To: jose@ietf.org
Subject: [jose] Minutes

Preliminary minutes have been uploaded to the site.  Please review and comment back to me if you have disagreements.

http://www.ietf.org/proceedings/86/minutes/minutes-86-jose

Note that the minutes have an action list at the bottom of them.

Jim

v2.23.0 | Report a Bug | By Email