IETF Logo Mail Archive

Re: [jose] Feedback request on jose tracker issue #12: Should the x5c field be removed from JWE?, ,

<Axel.Nennker@telekom.de> Fri, 12 April 2013 06:32 UTC

Return-Path: <Axel.Nennker@telekom.de>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 10F8721F8540 for <jose@ietfa.amsl.com>; Thu, 11 Apr 2013 23:32:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.123
X-Spam-Level:
X-Spam-Status: No, score=-3.123 tagged_above=-999 required=5 tests=[AWL=0.125, BAYES_00=-2.599, HELO_EQ_DE=0.35, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mizdvgvOmo7U for <jose@ietfa.amsl.com>; Thu, 11 Apr 2013 23:32:19 -0700 (PDT)
Received: from tcmail93.telekom.de (tcmail93.telekom.de [80.149.113.205]) by ietfa.amsl.com (Postfix) with ESMTP id 8290B21F8511 for <jose@ietf.org>; Thu, 11 Apr 2013 23:32:18 -0700 (PDT)
Received: from he111528.emea1.cds.t-internal.com ([10.125.90.87]) by tcmail91.telekom.de with ESMTP/TLS/AES128-SHA; 12 Apr 2013 08:32:14 +0200
Received: from HE113559.emea1.cds.t-internal.com (10.125.65.101) by HE111528.EMEA1.CDS.T-INTERNAL.COM (10.125.90.87) with Microsoft SMTP Server (TLS) id 8.3.298.1; Fri, 12 Apr 2013 08:32:12 +0200
Received: from HE111541.emea1.cds.t-internal.com ([10.125.90.94]) by HE113559.emea1.cds.t-internal.com ([::1]) with mapi; Fri, 12 Apr 2013 08:32:12 +0200
From: Axel.Nennker@telekom.de
To: odonoghue@isoc.org, jose@ietf.org
Date: Fri, 12 Apr 2013 08:32:10 +0200
Thread-Topic: [jose] Feedback request on jose tracker issue #12: Should the x5c field be removed from JWE?, ,
Thread-Index: Ac43EJixGyODwcXYQ8aYWCdXOwfElQANn6tg
Message-ID: <CE8995AB5D178F44A2154F5C9A97CAF402553CF16251@HE111541.emea1.cds.t-internal.com>
References: <51674E58.6000505@isoc.org>
In-Reply-To: <51674E58.6000505@isoc.org>
Accept-Language: de-DE
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: de-DE
Content-Type: multipart/alternative; boundary="_000_CE8995AB5D178F44A2154F5C9A97CAF402553CF16251HE111541eme_"
MIME-Version: 1.0
Subject: Re: [jose] Feedback request on jose tracker issue #12: Should the x5c field be removed from JWE?, ,
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/jose>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 12 Apr 2013 06:32:22 -0000

1

x5c is the most explicit way to describe which private key is the right one. It is an alternative to kid which is another reason why  kid must not be mandatory.

From: jose-bounces@ietf.org [mailto:jose-bounces@ietf.org] On Behalf Of Karen O'Donoghue
Sent: Friday, April 12, 2013 1:59 AM
To: jose@ietf.org
Subject: [jose] Feedback request on jose tracker issue #12: Should the x5c field be removed from JWE?, ,

Issue #12 http://trac.tools.ietf.org/wg/jose/trac/ticket/12 suggests removing the "x5c" header parameter from JWE, saying that no use case for it has emerged.  The same logic may apply to other key specification parameters for JWE.


Which of these best describes your preferences on this issue?
1.  Retain the "x5c" header parameter in JWE.
2.  Remove the "x5c" header parameter (and possibly other related key specification parameters) from JWE.
3.  Another resolution (please specify in detail).
0.  I need more information to decide.

Your reply is requested by Friday, April 19th or earlier.

v2.23.0 | Report a Bug | By Email