[jose] Richard Barnes' Discuss on draft-ietf-jose-json-web-encryption-33: (with DISCUSS and COMMENT)

"Richard Barnes" <rlb@ipv.sx> Thu, 02 October 2014 03:37 UTC

Return-Path: <rlb@ipv.sx>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com []) by ietfa.amsl.com (Postfix) with ESMTP id 19BCE1A0048; Wed, 1 Oct 2014 20:37:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id BVfA0fun3sXy; Wed, 1 Oct 2014 20:36:59 -0700 (PDT)
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id E0DD11A0039; Wed, 1 Oct 2014 20:36:59 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Richard Barnes <rlb@ipv.sx>
To: The IESG <iesg@ietf.org>
X-Test-IDTracker: no
X-IETF-IDTracker: 5.6.3.p2
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <20141002033659.31345.52942.idtracker@ietfa.amsl.com>
Date: Wed, 01 Oct 2014 20:36:59 -0700
Archived-At: http://mailarchive.ietf.org/arch/msg/jose/kBXH-duLNboW9jOIg3nNCaaCc6U
Cc: draft-ietf-jose-json-web-encryption@tools.ietf.org, jose-chairs@tools.ietf.org, jose@ietf.org
Subject: [jose] Richard Barnes' Discuss on draft-ietf-jose-json-web-encryption-33: (with DISCUSS and COMMENT)
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.15
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/jose/>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 02 Oct 2014 03:37:01 -0000

Richard Barnes has entered the following ballot position for
draft-ietf-jose-json-web-encryption-33: Discuss

When responding, please keep the subject line intact and reply to all
email addresses included in the To and CC lines. (Feel free to cut this
introductory paragraph, however.)

Please refer to http://www.ietf.org/iesg/statement/discuss-criteria.html
for more information about IESG DISCUSS and COMMENT positions.

The document, along with other ballot positions, can be found here:


Overall, this document is in much more solid shape than when it began. 
Thanks to the WG for a lot of hard work.  I only have one remaining
concern, that should hopefully be easy to address.

Section 7.2.
I've had several implementors trying to use JWE in the JSON serialization
ask why it was necessary to include a "recipients" array in cases where
there's only one recipient.  It seems like this is going to be a major
barrier to deployment and re-use, so I would propose including the
following text:
In cases where the JWE is encrypted for only one recipient, the
"recipients" array will contain a single object.  In such cases, the
elements of the "recipients" array MAY be included at the top level of
the JWE object.  If the generator of a JWE chooses to use this
representation then all unprotected header parameters MUST be carried in
the "header" field, and the "unprotected" field MUST be absent.  A
JSON-formatted JWE that contains a "recipients" field MUST NOT contain a
"header" or "encrypted_key" field, and vice versa. 
This may also require some other changes where "recipients" is relied on,
e.g., in Section 9.


Section 3.3.
Why doesn't this example include the JSON encoding?

Section 4.1.3.
"This Header Parameter MUST be integrity protected"
Why is this the case?  There is no security reason that "zip" must be
integrity-protected, and this requirement isn't made for any other

Section 7.2.
The requirement that the "recipients" field MUST be present seems odd. 
What's the justification for this?

Appendix A seems kind of unnecessary given draft-ietf-jose-cookbook.