Re: [jose] question regarding JWE header "kid"' attribute
Mike Jones <Michael.Jones@microsoft.com> Tue, 07 October 2014 05:23 UTC
Return-Path: <Michael.Jones@microsoft.com>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6DF841A1B2A for <jose@ietfa.amsl.com>; Mon, 6 Oct 2014 22:23:33 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id USNbh3x8qXHA for <jose@ietfa.amsl.com>; Mon, 6 Oct 2014 22:23:31 -0700 (PDT)
Received: from na01-bn1-obe.outbound.protection.outlook.com (mail-bn1on0722.outbound.protection.outlook.com [IPv6:2a01:111:f400:fc10::722]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 49AC71A9123 for <jose@ietf.org>; Mon, 6 Oct 2014 22:23:31 -0700 (PDT)
Received: from DM2PR03CA0024.namprd03.prod.outlook.com (10.141.96.23) by CY1PR0301MB1212.namprd03.prod.outlook.com (25.161.212.146) with Microsoft SMTP Server (TLS) id 15.0.1044.10; Tue, 7 Oct 2014 05:23:08 +0000
Received: from BL2FFO11FD039.protection.gbl (2a01:111:f400:7c09::142) by DM2PR03CA0024.outlook.office365.com (2a01:111:e400:2428::23) with Microsoft SMTP Server (TLS) id 15.0.1044.10 via Frontend Transport; Tue, 7 Oct 2014 05:23:08 +0000
Received: from mail.microsoft.com (131.107.125.37) by BL2FFO11FD039.mail.protection.outlook.com (10.173.161.135) with Microsoft SMTP Server (TLS) id 15.0.1039.16 via Frontend Transport; Tue, 7 Oct 2014 05:23:07 +0000
Received: from TK5EX14MBXC286.redmond.corp.microsoft.com ([169.254.1.93]) by TK5EX14HUBC106.redmond.corp.microsoft.com ([157.54.80.61]) with mapi id 14.03.0210.003; Tue, 7 Oct 2014 05:22:59 +0000
From: Mike Jones <Michael.Jones@microsoft.com>
To: "Andrew Biggs (adb)" <adb@cisco.com>, "jose@ietf.org" <jose@ietf.org>
Thread-Topic: question regarding JWE header "kid"' attribute
Thread-Index: AQHP4eDUUhhndZORSU6+UJUGUxaYz5wkGY4w
Date: Tue, 07 Oct 2014 05:22:58 +0000
Message-ID: <4E1F6AAD24975D4BA5B16804296739439BAF35C4@TK5EX14MBXC286.redmond.corp.microsoft.com>
References: <D058BD72.2D9EC%adb@cisco.com>
In-Reply-To: <D058BD72.2D9EC%adb@cisco.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [157.54.51.33]
Content-Type: multipart/alternative; boundary="_000_4E1F6AAD24975D4BA5B16804296739439BAF35C4TK5EX14MBXC286r_"
MIME-Version: 1.0
X-EOPAttributedMessage: 0
X-Forefront-Antispam-Report: CIP:131.107.125.37; CTRY:US; IPV:CAL; IPV:NLI; IPV:NLI; EFV:NLI; SFV:NSPM; SFS:(10019020)(6009001)(438002)(164054003)(377454003)(199003)(189002)(87936001)(54356999)(50986999)(21056001)(15202345003)(2656002)(84326002)(69596002)(19300405004)(68736004)(76482002)(84676001)(19625215002)(33656002)(55846006)(85806002)(19580405001)(44976005)(120916001)(4396001)(15975445006)(19580395003)(26826002)(6806004)(99396003)(85852003)(46102003)(80022003)(86612001)(71186001)(107046002)(106116001)(107886001)(512954002)(106466001)(95666004)(85306004)(92566001)(81156004)(92726001)(76176999)(97736003)(77096002)(66066001)(20776003)(16236675004)(86362001)(64706001)(104016003)(31966008)(2501002); DIR:OUT; SFP:1102; SCL:1; SRVR:CY1PR0301MB1212; H:mail.microsoft.com; FPR:; MLV:ovrnspm; PTR:InfoDomainNonexistent; A:1; MX:1; LANG:en;
X-Microsoft-Antispam: UriScan:;
X-Microsoft-Antispam: BCL:0;PCL:0;RULEID:;SRVR:CY1PR0301MB1212;
X-O365ENT-EOP-Header: Message processed by - O365_ENT: Allow from ranges (Engineering ONLY)
X-Forefront-PRVS: 035748864E
Received-SPF: Pass (protection.outlook.com: domain of microsoft.com designates 131.107.125.37 as permitted sender) receiver=protection.outlook.com; client-ip=131.107.125.37; helo=mail.microsoft.com;
Authentication-Results: spf=pass (sender IP is 131.107.125.37) smtp.mailfrom=Michael.Jones@microsoft.com;
X-OriginatorOrg: microsoft.onmicrosoft.com
Archived-At: http://mailarchive.ietf.org/arch/msg/jose/xpqCBN3287qvizc-rcxnYC3UBY4
Subject: Re: [jose] question regarding JWE header "kid"' attribute
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/jose/>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 07 Oct 2014 05:23:33 -0000
Yes, the "kid" would refer to the CEK in that case. From: jose [mailto:jose-bounces@ietf.org] On Behalf Of Andrew Biggs (adb) Sent: Monday, October 06, 2014 8:43 PM To: jose@ietf.org Subject: [jose] question regarding JWE header "kid"' attribute Section 4.1.6 of the JWE draft describes the "kid" attribute of the JWE header as a "hint [that] references the public key to which the JWE was encrypted". If the JWE were encrypted in direct key agreement mode, would it be incorrect for the "kid" attribute to reference the CEK used in the JWE? Thanks, Andrew
- [jose] question regarding JWE header "kid"' attri… Andrew Biggs (adb)
- Re: [jose] question regarding JWE header "kid"' a… Mike Jones
- Re: [jose] question regarding JWE header "kid"' a… Andrew Biggs (adb)