#13: Enable AEAD key wrapping
Comment (by [email protected]): It seems to me that the term "key wrapping" is being used for two different things in discussions with the JOSE working group: (1) Encrypting the ephemeral symmetric key value used within a JWE and (2) encrypting a JWK or JWK Set containing symmetric and/or private key information and potentially other key attributes, enabling the encrypted JWK or JWK Set to be safely stored or transported. It think it would clarify the discussions to clearly distinguish between these use cases, and to consider them separately. For instance, I don't think anyone is proposing using A128GCM or A128CBC+HS256 directly for (1), whereas they can already be used as part of (2) if the JWK is encrypted in a JWE, per draft-miller-jose-jwe- protected-jwk. Given the opinions voiced at the IETF 86 CFRG meeting that it's fine to use approved authenticated encryption algorithms to encrypt keys (http://www.ietf.org/mail-archive/web/cfrg/current/msg03319.html), I believe that there's nothing additional we need to do to enable using these algorithms for (2). Finally, I believe that this issue statement would be much more useful if accompanied by a concrete proposed solution to be considered by the working group. As it is, it's not clear what specific specification changes are being requested or suggested. -- -------------------------+------------------------------------------------- Reporter: [email protected] | Owner: draft-ietf-jose-json-web- Type: defect | [email protected] Priority: major | Status: new Component: json-web- | Milestone: encryption | Version: Severity: - | Resolution: Keywords: | -------------------------+------------------------------------------------- Ticket URL: <http://trac.tools.ietf.org/wg/jose/trac/ticket/13#comment:2> jose <http://tools.ietf.org/jose/> _______________________________________________ jose mailing list [email protected] https://www.ietf.org/mailman/listinfo/jose
