> In the JWK case you cite below, both uses of the name "y" would go into > the registry. This would not be a conflict, as their use is > differentiated by the "alg" parameter value. This is already the > intent of the spec, but I'll be sure to re-read and review this > language in the next round of revisions to make sure that this use of > the registry is clearly called out as legal and intended.
Wow, strange registry. P.S. The spec says "names that match other registered names in a case insensitive manner SHOULD NOT be accepted". I had been wondering why it wasn't "MUST NOT", now you are suggesting it is even looser than "MAY". > Likewise, in the second case you cite, the JSON Web Signature and > Encryption Header Parameters registry already makes it clear that "The > same Header Parameter Name may be registered multiple times, provided > that the parameter usage is compatible between the specifications." > There is no conflict. Identifying the originator's key and identifying the recipient's key are hardly "compatible" semantics. Again, strange registry. > We have no sets of algorithm combinations that take multiple > independent keys as inputs, so there is no need for two "kid" > parameters in any header. The Crypto Message Syntax (CMS) has key agreement modes that involve identified originator and recipient keys so it is hardly impossible that JOSE might support something similar at some point. -- James Manger _______________________________________________ jose mailing list [email protected] https://www.ietf.org/mailman/listinfo/jose
