Re: [jose] comments on draft-jones-json-web-signature and draft-jones-json-web-encryption
Phillip Hallam-Baker <hallam@gmail.com> Wed, 16 November 2011 20:59 UTC
Return-Path: <hallam@gmail.com>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D22FA1F0C60 for <jose@ietfa.amsl.com>; Wed, 16 Nov 2011 12:59:45 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.478
X-Spam-Level:
X-Spam-Status: No, score=-3.478 tagged_above=-999 required=5 tests=[AWL=0.120, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UNzH0nU8IyI7 for <jose@ietfa.amsl.com>; Wed, 16 Nov 2011 12:59:45 -0800 (PST)
Received: from mail-fx0-f44.google.com (mail-fx0-f44.google.com [209.85.161.44]) by ietfa.amsl.com (Postfix) with ESMTP id 0E6F81F0C38 for <jose@ietf.org>; Wed, 16 Nov 2011 12:59:44 -0800 (PST)
Received: by faap16 with SMTP id p16so2470978faa.31 for <jose@ietf.org>; Wed, 16 Nov 2011 12:59:44 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=KmYyfEbSQbcBzlZrUs3hX9kdHbUoZ0qbVppjoWi/KDY=; b=PRlL5YTovFyCGzCNzXnzBAQlQ5m3mz2pjoWF6QE3vJva9z7KI0RLJpm83fOLQTj7aG EAsXtdAuMP/Mt6HSH8j5v7dWK8YuwQXpOO4jxFaQJzqE6AUb8irn/WthGBV1sR0QMRpi 5iCx1ZsM31X2H5gIshR1xB5bFvAFrPS/w5XLU=
MIME-Version: 1.0
Received: by 10.182.111.8 with SMTP id ie8mr8592497obb.50.1321477172101; Wed, 16 Nov 2011 12:59:32 -0800 (PST)
Received: by 10.182.42.99 with HTTP; Wed, 16 Nov 2011 12:59:32 -0800 (PST)
In-Reply-To: <1B79A6CD-E6AE-4010-8152-5E83DA0CA003@ve7jtb.com>
References: <9509AB72-10CC-4BA6-A61C-AD9C4AC7944A@cisco.com> <B26C1EF377CB694EAB6BDDC8E624B6E73A8BEDC2@SN2PRD0304MB235.namprd03.prod.outlook.com> <4E1F6AAD24975D4BA5B16804296739435F7113A8@TK5EX14MBXC285.redmond.corp.microsoft.com> <109CDA9B-7427-4FB5-ADFD-4A72E82E4CAA@cisco.com> <CABzCy2Ag0vWp-G9WiDEiEfaQNYjVWhcThQME4xLnzxWySxLGAQ@mail.gmail.com> <1B79A6CD-E6AE-4010-8152-5E83DA0CA003@ve7jtb.com>
Date: Wed, 16 Nov 2011 15:59:32 -0500
Message-ID: <CAMm+Lwg-qFazTcYStssbO9jjH7iBKViHG3u_kTxQACuh8_v3kA@mail.gmail.com>
From: Phillip Hallam-Baker <hallam@gmail.com>
To: John Bradley <ve7jtb@ve7jtb.com>
Content-Type: multipart/alternative; boundary="14dae9399c996c026b04b1e06174"
Cc: Anthony Nadalin <tonynad@microsoft.com>, Mike Jones <Michael.Jones@microsoft.com>, David McGrew <mcgrew@cisco.com>, Nat Sakimura <sakimura@gmail.com>, "jose@ietf.org" <jose@ietf.org>
Subject: Re: [jose] comments on draft-jones-json-web-signature and draft-jones-json-web-encryption
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/jose>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 16 Nov 2011 20:59:45 -0000
As a legal matter, the US has legislation that recognizes someone saying 'Yes' into a telephone handset as an 'Electronic Signature'. MACs are not digital signatures but they are clearly an acceptable electronic signature under that act. So I don't see that there is really a problem including MACs in a 'signature document' provided that users understand this. The term 'signature' has several meanings in and out of the field. A legal signature has five or six different significances and digital signatures only provide equivalents for some of them. I would rather just keep the term as it is rather than rathole on it. The terms Authentication and Integrity are not synonymous either, as some people seem to be suggesting. Trying to make this wording more accurate seems to be having the opposite effect to me. A MAC and a Digital Signature always provide an integrity check but they only provide a proof of authenticity if the provenance of the verification key is established. If I buy a Ming Vase, the integrity of the vase is demonstrated by checking that it is not chipped, the authenticity of the vase depends on it actually being Ming Dynasty.
- [jose] comments on draft-jones-json-web-signature… David McGrew
- Re: [jose] comments on draft-jones-json-web-signa… Anthony Nadalin
- Re: [jose] comments on draft-jones-json-web-signa… Mike Jones
- Re: [jose] comments on draft-jones-json-web-signa… Nat Sakimura
- Re: [jose] comments on draft-jones-json-web-signa… David McGrew
- Re: [jose] comments on draft-jones-json-web-signa… Nat Sakimura
- Re: [jose] comments on draft-jones-json-web-signa… John Bradley
- Re: [jose] comments on draft-jones-json-web-signa… Jeremy Laurenson (jlaurens)
- Re: [jose] comments on draft-jones-json-web-signa… Phillip Hallam-Baker
- Re: [jose] comments on draft-jones-json-web-signa… Jim Schaad
- Re: [jose] comments on draft-jones-json-web-signa… Mike Jones
- Re: [jose] comments on draft-jones-json-web-signa… Leif Johansson
- Re: [jose] comments on draft-jones-json-web-signa… Matthew Green
- Re: [jose] comments on draft-jones-json-web-signa… John Bradley
- Re: [jose] comments on draft-jones-json-web-signa… John Bradley
- Re: [jose] comments on draft-jones-json-web-signa… Jim Schaad
- Re: [jose] comments on draft-jones-json-web-signa… John Bradley
- Re: [jose] comments on draft-jones-json-web-signa… Jim Schaad
- Re: [jose] comments on draft-jones-json-web-signa… John Bradley
- Re: [jose] comments on draft-jones-json-web-signa… Jim Schaad
- Re: [jose] comments on draft-jones-json-web-signa… Matthew Green