On Sat, Aug 6, 2016 at 12:53 PM, Jacob Hoffman-Andrews <[email protected]> wrote:
> On 07/28/2016 02:54 PM, Richard Barnes wrote: > > #164 - Unparallelize signatures on key-change > > https://github.com/ietf-wg-acme/acme/pull/164 > I don't like the JWS approach of "just wrap it in another layer of > base64url," but I agree that this is a bit of an improvement over the > existing scheme. When I proposed the two-signatures approach, I was > thinking that both keys would automatically be covered by the whole > signature, but looking more closely I see that's not the case, so the > benefit's not there. So overall I'm supportive of going back to nested > signatures. > > I see that you changed oldKey and newKey to thumbprints instead of full > JWK objects. Why is that? It seems like it introduces an extra step that > is unnecessary, and adds another place where we hardcode a hash > function. I'd prefer to keep them as the full JWK objects. > - Less bloat - Implementations are already going to need to have a thumbprint implementation around for the challenges. - Not worried about pinning a hash function because we (1) seems unlikely we'll need to change soon and (2) we can define a new rollover endpoint if we need to change > Also, why require a distinct nonce on the inner and outer JWS? I would > rather require that the nonce and URL parameters must match between the > inner and outer JWS. > - Never re-use nonces - ... for example, because that would require special handling in your JWS verification method --Richard
_______________________________________________ Acme mailing list [email protected] https://www.ietf.org/mailman/listinfo/acme
