In thinking about the JWK parameter registry, I have a couple of questions/concerns.
1) Should JWK parameter names be absolutely unique, or are they potentially
tied to a specific JWK type? In looking at the specs to date, I think there's
only one case where a parameter name is re-used ("d" for both private RSA and
ECC keys); currently syntactically and semantically identical, but I'm not sure
that's adequate.
2) Should JWK parameters be marked as private (confidential, secret,
privileged, etc etc)? The current documentation set loosely defines this only
because they are current split between multiple documents. However, I wonder
if there is value in being much more explicit about it, including in a
parameter's registration.
Thoughts?
- m&m
Matt Miller < [email protected] >
Cisco Systems, Inc.
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ jose mailing list [email protected] https://www.ietf.org/mailman/listinfo/jose
