Section 3.4 of https://tools.ietf.org/html/draft-ietf-ace-cwt-proof-of-possession-00 defines how to use a key ID to select the PoP key. Section 3.1 of https://tools.ietf.org/html/rfc8152 defines using a key ID to select keys for the COSE operations. CWT doesn't need to talk about key IDs because they inherit this functionality from COSE.
A key ID example could be added to https://tools.ietf.org/html/draft-ietf-ace-cwt-proof-of-possession if people want one. But the functionality is already there. Thanks for reviewing these specs! -- Mike -----Original Message----- From: Ace [mailto:[email protected]] On Behalf Of Hannes Tschofenig Sent: Sunday, October 1, 2017 2:40 AM To: [email protected] Subject: [Ace] draft-ietf-ace-cbor-web-token-08 / draft-ietf-ace-cwt-proof-of-possession [Chair hat off] Hi all, after reading draft-ietf-ace-dtls-authorize I was wondering how the RS determines what key to use to decrypt noticed that none of the examples in draft-ietf-ace-cbor-web-token-08 and in draft-ietf-ace-cwt-proof-of-possession use some form of key id to allow finding the appropriate key. Maybe I overlooked it or was this intentional? Ciao Hannes _______________________________________________ Ace mailing list [email protected] https://www.ietf.org/mailman/listinfo/ace _______________________________________________ Ace mailing list [email protected] https://www.ietf.org/mailman/listinfo/ace
