IETF Logo Mail Archive

Re: [secdir] [jose] JWK member names, was: SECDIR review of draft-ietf-jose-json-web-key-31

Mike Jones <Michael.Jones@microsoft.com> Tue, 16 September 2014 16:59 UTC

Return-Path: <Michael.Jones@microsoft.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6EC391A8703; Tue, 16 Sep 2014 09:59:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gsQK8YzCxoxs; Tue, 16 Sep 2014 09:58:58 -0700 (PDT)
Received: from na01-bn1-obe.outbound.protection.outlook.com (mail-bn1on0740.outbound.protection.outlook.com [IPv6:2a01:111:f400:fc10::740]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 890DD1A0B11; Tue, 16 Sep 2014 09:58:57 -0700 (PDT)
Received: from CH1PR03CA001.namprd03.prod.outlook.com (10.255.156.146) by CY1PR0301MB1212.namprd03.prod.outlook.com (25.161.212.146) with Microsoft SMTP Server (TLS) id 15.0.1019.16; Tue, 16 Sep 2014 16:58:34 +0000
Received: from BN1BFFO11FD014.protection.gbl (10.255.156.132) by CH1PR03CA001.outlook.office365.com (10.255.156.146) with Microsoft SMTP Server (TLS) id 15.0.1029.13 via Frontend Transport; Tue, 16 Sep 2014 16:58:33 +0000
Received: from mail.microsoft.com (131.107.125.37) by BN1BFFO11FD014.mail.protection.outlook.com (10.58.144.77) with Microsoft SMTP Server (TLS) id 15.0.1019.14 via Frontend Transport; Tue, 16 Sep 2014 16:58:32 +0000
Received: from TK5EX14MBXC292.redmond.corp.microsoft.com ([169.254.1.60]) by TK5EX14MLTC104.redmond.corp.microsoft.com ([157.54.79.159]) with mapi id 14.03.0195.002; Tue, 16 Sep 2014 16:57:54 +0000
From: Mike Jones <Michael.Jones@microsoft.com>
To: Stephen Kent <kent@bbn.com>, Tim Bray <tbray@textuality.com>
Thread-Topic: [jose] JWK member names, was: SECDIR review of draft-ietf-jose-json-web-key-31
Thread-Index: AQHP0QAJrqBafxnciEq+15U92qOPJ5wCX4gggAAqrwCAAAC8AIAAFg3wgAE4uwCAACJUsA==
Date: Tue, 16 Sep 2014 16:57:53 +0000
Message-ID: <4E1F6AAD24975D4BA5B16804296739439AED1727@TK5EX14MBXC292.redmond.corp.microsoft.com>
References: <CAHbuEH4Ccn2Z=8kEECzvgjmtshwsFoa-EH_NpkJPos7zirGeaQ@mail.gmail.com> <4E1F6AAD24975D4BA5B16804296739439AEC00DB@TK5EX14MBXC292.redmond.corp.microsoft.com> <5416FE10.3060608@bbn.com> <CAHBU6iu3GfsLCAint3z7risZUnVW4EK0WrGVW6Dv=gvppiHSxQ@mail.gmail.com> <4E1F6AAD24975D4BA5B16804296739439AECCCDD@TK5EX14MBXC292.redmond.corp.microsoft.com> <54173546.5000400@bbn.com> <CAHBU6ivb3BeEufcnJB+eSk8wgETMx+qzH3miE6Z1jtrQkXNR3w@mail.gmail.com> <4E1F6AAD24975D4BA5B16804296739439AECE40B@TK5EX14MBXC292.redmond.corp.microsoft.com> <54184EBA.3010109@bbn.com>
In-Reply-To: <54184EBA.3010109@bbn.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [157.54.51.71]
Content-Type: multipart/alternative; boundary="_000_4E1F6AAD24975D4BA5B16804296739439AED1727TK5EX14MBXC292r_"
MIME-Version: 1.0
X-EOPAttributedMessage: 0
X-Forefront-Antispam-Report: CIP:131.107.125.37; CTRY:US; IPV:CAL; IPV:NLI; IPV:NLI; EFV:NLI; SFV:NSPM; SFS:(10019020)(438002)(189002)(52604005)(199003)(77096002)(33656002)(85306004)(19300405004)(16236675004)(83322001)(93886004)(50986999)(107046002)(92726001)(84676001)(44976005)(15975445006)(106466001)(84326002)(90102001)(83072002)(512954002)(69596002)(68736004)(86612001)(6806004)(19580395003)(21056001)(66066001)(20776003)(92566001)(55846006)(87936001)(85852003)(71186001)(99396002)(104016003)(64706001)(95666004)(26826002)(106116001)(85806002)(230783001)(86362001)(76176999)(97736003)(77982003)(19617315012)(31966008)(4396001)(46102003)(79102003)(74662003)(15202345003)(54356999)(80022003)(76482001)(81342003)(19625215002)(81156004)(74502003)(2656002)(81542003); DIR:OUT; SFP:1102; SCL:1; SRVR:CY1PR0301MB1212; H:mail.microsoft.com; FPR:; MLV:ovrnspm; PTR:InfoDomainNonexistent; MX:1; A:1; LANG:en;
X-Microsoft-Antispam: BCL:0;PCL:0;RULEID:;UriScan:;
X-O365ENT-EOP-Header: Message processed by - O365_ENT: Allow from ranges (Engineering ONLY)
X-Forefront-PRVS: 03361FCC43
Received-SPF: Pass (protection.outlook.com: domain of microsoft.com designates 131.107.125.37 as permitted sender) receiver=protection.outlook.com; client-ip=131.107.125.37; helo=mail.microsoft.com;
Authentication-Results: spf=pass (sender IP is 131.107.125.37) smtp.mailfrom=Michael.Jones@microsoft.com;
X-OriginatorOrg: microsoft.onmicrosoft.com
Archived-At: http://mailarchive.ietf.org/arch/msg/secdir/lAqjN2ac5C9Chy8rqByy3JzK2zU
Cc: "draft-ietf-jose-json-web-key.all@tools.ietf.org" <draft-ietf-jose-json-web-key.all@tools.ietf.org>, Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>, "jose-chairs@tools.ietf.org" <jose-chairs@tools.ietf.org>, "jose@ietf.org" <jose@ietf.org>, "secdir@ietf.org" <secdir@ietf.org>
Subject: Re: [secdir] [jose] JWK member names, was: SECDIR review of draft-ietf-jose-json-web-key-31
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 16 Sep 2014 16:59:06 -0000

I thought the JOSE specs were intended to create standards for transport of keys, and for sigs,
MACs, and encryption of JSON objects.


Actually, the payloads of JWS and JWE objects can be any octet sequence - not just those representing JSON objects.
OK, thanks for correcting my mis-characterization.


What is the existing software to which you and Tim refer, when referring to keys (vs.
JSON parsing in general)?


JWK objects are already used in production to distribute public keys.  For instance, the keys for Salesforce's identity services are in JWK format at https://login.salesforce.com/id/keys.  (Note that I'm not saying that just because the current specs are in use, that no changes are possible.)
if not that, what is the point of this comment?

The point of the comment was simply to answer your question "What is the existing software to which you and Tim refer...?".

                                                                Cheers,
                                                                -- Mike

v2.23.0 | Report a Bug | By Email