[jose] Extensibility (was "Criticality")

Hannes Tschofenig <hannes.tschofenig@gmx.net> Mon, 26 November 2012 11:07 UTC

Return-Path: <hannes.tschofenig@gmx.net>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id 10F7F21F8542 for <jose@ietfa.amsl.com>; Mon, 26 Nov 2012 03:07:29 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -101.299
X-Spam-Status: No, score=-101.299 tagged_above=-999 required=5 tests=[AWL=1.300, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id W8Ay0SsnzEK8 for <jose@ietfa.amsl.com>; Mon, 26 Nov 2012 03:07:28 -0800 (PST)
Received: from mailout-de.gmx.net (mailout-de.gmx.net []) by ietfa.amsl.com (Postfix) with SMTP id 24BEF21F84FA for <jose@ietf.org>; Mon, 26 Nov 2012 03:07:27 -0800 (PST)
Received: (qmail invoked by alias); 26 Nov 2012 11:07:25 -0000
Received: from a88-115-216-191.elisa-laajakaista.fi (EHLO []) [] by mail.gmx.net (mp030) with SMTP; 26 Nov 2012 12:07:25 +0100
X-Authenticated: #29516787
X-Provags-ID: V01U2FsdGVkX1/e0NtT8PHesBXZaf2ksCjd6f/AYYe1mOu5HY7/Bs gqCc+zf3YzrGV4
From: Hannes Tschofenig <hannes.tschofenig@gmx.net>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Date: Mon, 26 Nov 2012 13:07:23 +0200
Message-Id: <F8EBC273-9C8E-4D2E-B26C-3F88B9CE1298@gmx.net>
To: jose@ietf.org
Mime-Version: 1.0 (Apple Message framework v1085)
X-Mailer: Apple Mail (2.1085)
X-Y-GMX-Trusted: 0
Cc: Hannes Tschofenig <hannes.tschofenig@gmx.net>
Subject: [jose] Extensibility (was "Criticality")
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/jose>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 26 Nov 2012 11:07:29 -0000

Hi all, 

doing my shepherd writeup of some of the OAuth WG documents I was wondering how the extensibility story for these JSON-based documents should look like given a statement like this:  "Implementations MUST understand the entire contents of the header; otherwise, the JWS MUST be rejected."

Absent a "feature discovery" mechanism I am curious whether any extension is actually possible. 

(Funny enough then all individual parameters then say "This header parameter is OPTIONAL.") 

Since this type of extensibility feature does not seem to a be a new concept I am curious how it has been handled (successfully) in other specifications. 


PS: I remember that this has been discussed during the meeting but I do not know what the outcome of the discussion was. The meeting minutes do not seem to be available yet.