IETF Logo Mail Archive

Re: [jose] JWK member names, was: SECDIR review of draft-ietf-jose-json-web-key-31

Tim Bray <tbray@textuality.com> Tue, 16 September 2014 20:13 UTC

Return-Path: <tbray@textuality.com>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2603F1A038F for <jose@ietfa.amsl.com>; Tue, 16 Sep 2014 13:13:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.977
X-Spam-Level:
X-Spam-Status: No, score=-1.977 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FsCVQNzJG2RP for <jose@ietfa.amsl.com>; Tue, 16 Sep 2014 13:13:27 -0700 (PDT)
Received: from mail-vc0-f174.google.com (mail-vc0-f174.google.com [209.85.220.174]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 427061A009C for <jose@ietf.org>; Tue, 16 Sep 2014 13:13:27 -0700 (PDT)
Received: by mail-vc0-f174.google.com with SMTP id hy10so417810vcb.5 for <jose@ietf.org>; Tue, 16 Sep 2014 13:13:26 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-type; bh=Q5Gu9ycGjoLcWYYXoQM+PBguJOduvucSzjIYR3CosiM=; b=Ezv+6gWEB3amkgyuUWiUUut/rajFMrRbze5IFjrCXXnVGv0wk+v5gQbhBS9maflzIQ auMgRLqjjFj16AOmmtLLi/mtIe0P91Z0SYp40kFDH6HkpMcnYT1UIrNRGvpZA9kE23Ws gH7KI4KYxyp3B/qlwqwEWW66EM0He9J68hbuPEgG7jxPR9sauyEPMk1dq594WvB0jdly ukyPZouYh+5cQ3Od6AdGbIbG40xWC6ffPNsM7hwz2F+bczQYnsvShsMKqv8OgnGOmGyp C6hqjTocURW1MJ2FGzirIDyepRlqLGxQqmx5QzoMW5C6TnkAaXHhsBUpmUoy410XnC79 EEGA==
X-Gm-Message-State: ALoCoQkVrJhV/Y0y9fjiHPkBu8yLqEJAAKpj0ALAeBkNREgugD7jhAHCzkTS0+RANDhUfzwXfWNW
X-Received: by 10.52.179.161 with SMTP id dh1mr138093vdc.78.1410898406345; Tue, 16 Sep 2014 13:13:26 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.220.214.4 with HTTP; Tue, 16 Sep 2014 13:13:05 -0700 (PDT)
X-Originating-IP: [24.84.235.32]
In-Reply-To: <5418987E.1060307@bbn.com>
References: <CAHbuEH4Ccn2Z=8kEECzvgjmtshwsFoa-EH_NpkJPos7zirGeaQ@mail.gmail.com> <4E1F6AAD24975D4BA5B16804296739439AEC00DB@TK5EX14MBXC292.redmond.corp.microsoft.com> <5416FE10.3060608@bbn.com> <CAHBU6iu3GfsLCAint3z7risZUnVW4EK0WrGVW6Dv=gvppiHSxQ@mail.gmail.com> <4E1F6AAD24975D4BA5B16804296739439AECCCDD@TK5EX14MBXC292.redmond.corp.microsoft.com> <54173546.5000400@bbn.com> <CAHBU6ivb3BeEufcnJB+eSk8wgETMx+qzH3miE6Z1jtrQkXNR3w@mail.gmail.com> <4E1F6AAD24975D4BA5B16804296739439AECE40B@TK5EX14MBXC292.redmond.corp.microsoft.com> <54184EBA.3010109@bbn.com> <4E1F6AAD24975D4BA5B16804296739439AED1727@TK5EX14MBXC292.redmond.corp.microsoft.com> <5418987E.1060307@bbn.com>
From: Tim Bray <tbray@textuality.com>
Date: Tue, 16 Sep 2014 13:13:05 -0700
Message-ID: <CAHBU6isCe0t+7poj2xoqL+dpiyeLc7BVf-mecPTPSVdA14a4kQ@mail.gmail.com>
To: Stephen Kent <kent@bbn.com>
Content-Type: multipart/alternative; boundary="bcaec51a8e565324ec0503346224"
Archived-At: http://mailarchive.ietf.org/arch/msg/jose/ucuWphC4Pm6zAsZlk3hqMhA7az4
Cc: "jose-chairs@tools.ietf.org" <jose-chairs@tools.ietf.org>, "secdir@ietf.org" <secdir@ietf.org>, "draft-ietf-jose-json-web-key.all@tools.ietf.org" <draft-ietf-jose-json-web-key.all@tools.ietf.org>, Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>, Mike Jones <Michael.Jones@microsoft.com>, "jose@ietf.org" <jose@ietf.org>
Subject: Re: [jose] JWK member names, was: SECDIR review of draft-ietf-jose-json-web-key-31
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/jose/>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 16 Sep 2014 20:13:32 -0000

On Tue, Sep 16, 2014 at 1:07 PM, Stephen Kent <kent@bbn.com> wrote:

> What is the impediment to requiring a receiver of a JWK object to reject
> the object if
> it contains more than one instance of a key?
>
> Is it a limitation of a parser that are completely independent of the JOSE
> work that defines
> the JWK objects, or is it the result of how folks have written code to
> parse such objects?
>

​Yes and no, respectively.  Existing parsers which are being used all the
time on every computing device within your reach to generate and parse JSON
for purposes which have nothing to with JOSE.  JSON has been the dominant
message format for HTTP for some time now.




>
> If the answer is the first clause, then I understand the reluctance to
> impose that requirement.
>
> If the answer is the latter, then this is an argument based on early
> implementation
> of an IETF spec, and that is not an good reason to accommodate such
> sloppiness.
>
> Steve
>



-- 
- Tim Bray (If you’d like to send me a private message, see
https://keybase.io/timbray)

v2.23.0 | Report a Bug | By Email