Re: [stir] JWT/JSON (was - Re: Review of: draft-ietf-stir-passport-05)

[Christer Holmberg <christer.holmberg@ericsson.com>]

Yes, I mean RFC 7515. For some strange reason I keep on getting the
numbers of the RFCs associated with the STIR work wrong all the time :)

Regards,

Christer

On 24/08/16 10:33, "Peterson, Jon" <jon.peterson@neustar.biz> wrote:

>>I guess Jon should reply to that question, but one reasons was related to
>>the suggestion (I don't think that WG has made a decision, but please
>>correct me if I'm wrong) that it should be optional to send the headers
>>representation of the JWS, as that information (cipher suite etc) can be
>>found in other SIP elements.
>
>What I see minuted from IETF 96 as a decision for this question was "keep
>what we have now," in other words, keep "canon" optional. As long as
>"canon" is optional, then we need at least to have the ability to convey
>"alg" and "ppt" in the Identity header (field!). Practically speaking
>though, "alg" exists only to give us some flexibility in case it turns out
>in the future that the one algorithm we've specified won't work for us. I
>doubt "alg" will be present over the wire much.
>
>> However, Appendix F of RFC 7575 is unclear on whether it's allowed
>>remove the headers representation from the JWS - the Appendix seems to
>>only talk about not sending the payload representation (which, in the
>>case of SIP, can also be found in other SIP elements). So, there could be
>>cases were one would only send the signature representation of the JWS.
>
>RFC7515, you mean. And yes, it basically just says "you can have
>detachable content" without detailing what that means. The new text in
>rfc4474bis-11 will, as promised, go into more detail about this, and
>furnish an example.
>
>Jon Peterson
>Neustar, Inc.
>
>> 
>>
>>Regards,
>>
>>Christer
>>
>>_______________________________________________
>>stir mailing list
>>stir@ietf.org
>>https://www.ietf.org/mailman/listinfo/stir
>