As Ludwig pointed out during the F2F, it makes far more sense to try and keep an entity using the same key identifier for as long as possible. This is in part to make sure that signing keys do not need to be retrieved if they can be easily cached. In looking at this deeper during my implementation I ended up with the following question:
The way that I have set things up in my implementation it is simple to ensure that the same kid value is going to be used with the same CWT, however it might make more sense to use the signing key as the continuity identifier instead. The issue that arises in this case is that there might be two different active CWT objects that are associated with the same signing key. That is there are two CWTs but the same signing key was used while doing a join operation. I already do some matching between different CWTs by assuming that if the bearer key in the CWT is the same then they are sufficiently equivalent to threat them as the same. This lead to some interesting discussions in Montreal about if this meant just the "secret" or if it meant all of the elements provided by the AS which are used in the key derivation process. (I have gone back and forth on this and currently am sitting on the "just the secret" side of the fence.) Does anyone have any opinions? Jim _______________________________________________ Ace mailing list [email protected] https://www.ietf.org/mailman/listinfo/ace
