Hey James,
>> Following some on what Bob Wyman proposed this afternoon, I would like
>> to propose that we split the set of header fields into some logical
>> groupings:
>> 1. Top-level fields that require integrity protection (e.g., cty or a
>> digest algorithm parameter)
>> 2. Top-level fields that do not require integrity protection (e.g.,
>> x5c)
>> 3. Fields that are specific to a signer (e.g., jwk)
>> 4. Fields that are specific to a recipient (e.g., epk)
>
> Would another possibility for #2 be wrapping a JOSE message as the content of
> another unprotected JOSE message that has the fields not requiring
> protection? For example (without base64url-encoding for clarity):
>
> { "alg":"none", "x5c":["MIIE3…"], "ocsp":["MIeR…"]}.<inner-JOSE-message>.
I guess you could, but what would be the benefit? The "wrapping" doesn't
really seem to add anything.
--Richard
_______________________________________________
jose mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/jose
