Re: [jose] Richard Barnes' Discuss on draft-ietf-jose-json-web-encryption-33: (with DISCUSS and COMMENT)

"Jim Schaad" <ietf@augustcellars.com> Tue, 21 October 2014 16:53 UTC

Return-Path: <ietf@augustcellars.com>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 36C9D1A8AA1; Tue, 21 Oct 2014 09:53:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vJsKq7V64dYd; Tue, 21 Oct 2014 09:53:54 -0700 (PDT)
Received: from smtp4.pacifier.net (smtp4.pacifier.net [64.255.237.176]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id ACBDB1A8A7E; Tue, 21 Oct 2014 09:53:54 -0700 (PDT)
Received: from Philemon (winery.augustcellars.com [206.212.239.129]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) (Authenticated sender: jimsch@nwlink.com) by smtp4.pacifier.net (Postfix) with ESMTPSA id 09FE438F32; Tue, 21 Oct 2014 09:53:52 -0700 (PDT)
From: Jim Schaad <ietf@augustcellars.com>
To: 'Martin Thomson' <martin.thomson@gmail.com>, '? Matt Miller' <mamille2@cisco.com>
References: <20141002033659.31345.52942.idtracker@ietfa.amsl.com> <4E1F6AAD24975D4BA5B16804296739439BAFAE6C@TK5EX14MBXC286.redmond.corp.microsoft.com> <CAL02cgQh8cW_ye-E16fYYKDMco7W8q-sHVDFpvUUeS+CqPm30Q@mail.gmail.com> <54453E25.3030705@cisco.com> <CABkgnnUoiB1WWT-jCD6LZpxtXMEztOX0Y0emqazb_C_ZcMZ4bg@mail.gmail.com>
In-Reply-To: <CABkgnnUoiB1WWT-jCD6LZpxtXMEztOX0Y0emqazb_C_ZcMZ4bg@mail.gmail.com>
Date: Tue, 21 Oct 2014 09:51:14 -0700
Message-ID: <045201cfed4f$3a6412f0$af2c38d0$@augustcellars.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Mailer: Microsoft Outlook 14.0
Thread-Index: AQI2iuSzfPh/83e1hQa8+wKIT/GIrAI3YsrVAOpOqOsB9lfuOAIdnHc/mzPbKWA=
Content-Language: en-us
Archived-At: http://mailarchive.ietf.org/arch/msg/jose/ioS1ulBwaqOrW8imDmhtUTnxWak
Cc: jose-chairs@tools.ietf.org, 'Richard Barnes' <rlb@ipv.sx>, draft-ietf-jose-json-web-encryption@tools.ietf.org, 'Mike Jones' <Michael.Jones@microsoft.com>, 'The IESG' <iesg@ietf.org>, jose@ietf.org
Subject: Re: [jose] Richard Barnes' Discuss on draft-ietf-jose-json-web-encryption-33: (with DISCUSS and COMMENT)
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/jose/>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 21 Oct 2014 16:53:56 -0000


> -----Original Message-----
> From: jose [mailto:jose-bounces@ietf.org] On Behalf Of Martin Thomson
> Sent: Tuesday, October 21, 2014 1:03 AM
> To: ? Matt Miller
> Cc: jose-chairs@tools.ietf.org; Richard Barnes; draft-ietf-jose-json-web-
> encryption@tools.ietf.org; Mike Jones; The IESG; jose@ietf.org
> Subject: Re: [jose] Richard Barnes' Discuss on draft-ietf-jose-json-web-
> encryption-33: (with DISCUSS and COMMENT)
> 
> On 20 October 2014 09:53, ? Matt Miller <mamille2@cisco.com> wrote:
> > As I think I've said in previous discussions about the JSON
> > serialization, I can live with something verbose *BUT* would rather
> > like a lighter syntax for the single-encrypt JSON serialization.
> > While multiple recipients is not quite as rare in encryption as it is
> > for signing, single-encrypt is still the more common usecase, and so
> > optimizing for it seems like a good thing.
> 
> I've had a similar concern.  Multiple recipients is more the exception.

How much multiple recipients is the exception depends on the frequency of encrypting both for the recipient and for the sender or just for the recipient.  S/MIME always has at least two recipients for encryption because the sender gets a copy as well.  It is the case that single signing is the most common case in S/MIME.

Jim

> 
> _______________________________________________
> jose mailing list
> jose@ietf.org
> https://www.ietf.org/mailman/listinfo/jose