Re: [jose] #23: Make crypto independent of binary encoding (base64)

"jose issue tracker" <trac+jose@trac.tools.ietf.org> Tue, 11 June 2013 19:50 UTC

MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: jose issue tracker <trac+jose@trac.tools.ietf.org>
Precedence: bulk
Auto-Submitted: auto-generated
To: draft-ietf-jose-json-web-encryption@tools.ietf.org, rlb@ipv.sx
Date: Tue, 11 Jun 2013 19:50:20 -0000
Message-ID: <064.88846e82adbed9643c92f330ebd4059d@trac.tools.ietf.org>
References: <049.69ffc5ebf959c6eac7990651822fadf9@trac.tools.ietf.org>
In-Reply-To: <049.69ffc5ebf959c6eac7990651822fadf9@trac.tools.ietf.org>
Resent-To: ekr@rtfm.com, jhildebr@cisco.com, mbj@microsoft.com
Resent-Message-Id: <20130611195031.DAE3021F997C@ietfa.amsl.com>
Resent-Date: Tue, 11 Jun 2013 12:50:26 -0700
Resent-From: trac+jose@trac.tools.ietf.org
Cc: jose@ietf.org
Subject: Re: [jose] #23: Make crypto independent of binary encoding (base64)

#23: Make crypto independent of binary encoding (base64)

Changes (by rlb@ipv.sx):

 * owner:  draft-barnes-jose-use-cases@tools.ietf.org => draft-ietf-jose-
     json-web-encryption@tools.ietf.org
 * component:  draft-barnes-jose-use-cases => json-web-encryption


Comment:

 Update: I missed the fact that (1) JWS signs over the encoded octets, and
 (2) JWS adds an unnecessary "." character to the signed value.  So
 consider this proposal extended to include the following change:

 <http://tools.ietf.org/html/draft-ietf-jose-json-web-
 signature-11#section-5.1>
 OLD: JWS Signing Input  The concatenation of the Encoded JWS Header, a
 period ('.') character, and the Encoded JWS Payload.
 NEW: JWS Signing Input  The concatenation of the JWS Header and the JWS
 Payload.

 This is the same as what CMS does, except in the reverse order.  (In CMS,
 you sign over payload || signedAttrs.)

-- 
-------------------------+-------------------------------------------------
 Reporter:  rlb@ipv.sx   |       Owner:  draft-ietf-jose-json-web-
     Type:  defect       |  encryption@tools.ietf.org
 Priority:  major        |      Status:  new
Component:  json-web-    |   Milestone:
  encryption             |     Version:
 Severity:  -            |  Resolution:
 Keywords:               |
-------------------------+-------------------------------------------------

Ticket URL: <http://trac.tools.ietf.org/wg/jose/trac/ticket/23#comment:1>
jose <http://tools.ietf.org/jose/>

[jose] #23: Make crypto independent of binary enc… jose issue tracker
Re: [jose] #23: Make crypto independent of binary… jose issue tracker
Re: [jose] #23: Make crypto independent of binary… jose issue tracker
Re: [jose] #23: Make crypto independent of binary… Dick Hardt
Re: [jose] #23: Make crypto independent of binary… Tim Bray
Re: [jose] #23: Make crypto independent of binary… John Bradley
Re: [jose] #23: Make crypto independent of binary… Roland Hedberg
Re: [jose] #23: Make crypto independent of binary… Justin Richer
Re: [jose] #23: Make crypto independent of binary… Matt Miller (mamille2)
Re: [jose] #23: Make crypto independent of binary… Richard Barnes
Re: [jose] #23: Make crypto independent of binary… Breno de Medeiros
Re: [jose] #23: Make crypto independent of binary… Mike Jones
Re: [jose] #23: Make crypto independent of binary… Tim Bray
Re: [jose] #23: Make crypto independent of binary… Dick Hardt
Re: [jose] #23: Make crypto independent of binary… Richard Barnes
Re: [jose] #23: Make crypto independent of binary… Dick Hardt
Re: [jose] #23: Make crypto independent of binary… John Bradley
Re: [jose] #23: Make crypto independent of binary… Naveen Agarwal
Re: [jose] #23: Make crypto independent of binary… Phillip Hallam-Baker
Re: [jose] #23: Make crypto independent of binary… Ludwig Seitz
Re: [jose] #23: Make crypto independent of binary… John Bradley
Re: [jose] #23: Make crypto independent of binary… Brian Campbell
Re: [jose] #23: Make crypto independent of binary… Mike Jones
Re: [jose] #23: Make crypto independent of binary… George Fletcher
Re: [jose] #23: Make crypto independent of binary… jose issue tracker