1
________________________________ From: Karen O'Donoghue <[email protected]> To: [email protected] Sent: Thu, April 11, 2013 4:58:56 PM Subject: [jose] Feedback request on jose tracker issue#11: Should we use RFC 5116 and remove the JWE Integrity Value field? Issue #11 http://trac.tools.ietf.org/wg/jose/trac/ticket/11 proposes restructuring the JWE representation to remove the JWE Integrity Value field and instead use the RFC 5116 (AEAD) binary serialization to represent the Ciphertext, Initialization Vector, and Integrity Value values. If this proposal is adopted, JWEs would then have three fields – the header, the encrypted key, and the RFC 5116 combination of the Ciphertext, Initialization Vector, and Integrity Value values. This issue is also related to issue #3. Note that the updated McGrew draft described there could be used whether or not we switched to using RFC 5116. Which of these best describes your preferences on this issue? 1. Continue having separate Ciphertext, Initialization Vector, and Integrity Value values in the JWE representation. 2. Switch to using the RFC 5116 (AEAD) serialization to represent the combination of these three values. 3. Another resolution (please specify in detail). 0. I need more information to decide. Your reply is requested by Friday, April 19th or earlier.
_______________________________________________ jose mailing list [email protected] https://www.ietf.org/mailman/listinfo/jose
