I'm confused. This is not about the IV == Initialization Vector, it's about the JWE Integrity Value (inconveniently also "IV"). I don't think anyone has proposed merging in the initialization vector, both because that's not what RFC 5116 does and because it's a terrible idea :)
On Mon, Apr 15, 2013 at 2:41 PM, John Bradley <[email protected]> wrote: > 1 ish. > > Representing the nonce/IV separately should not preclude using a crypto > library generated nonce/IV , as may be done in some libraries implementing > draft-mcgrew-aead-aes-cbc-hmac-sha2. > > So I am in favour of the current serialization while wanting to support > the crypto from draft-mcgrew-aead-aes-cbc-hmac-sha2 if not the particular > serialization which is optimized for a different use-case. The current > draft-mcgrew-aead-aes-cbc-hmac-sha2 > conflates crypto and serialization. I am hoping we can resolve that so the > crypto can be supported. > > John B. > > On 2013-04-11, at 8:58 PM, Karen O'Donoghue <[email protected]> wrote: > > Issue #11 http://trac.tools.ietf.org/wg/jose/trac/ticket/11 proposes > restructuring the JWE representation to remove the JWE Integrity Value > field and instead use the RFC 5116 (AEAD) binary serialization to represent > the Ciphertext, Initialization Vector, and Integrity Value values. If this > proposal is adopted, JWEs would then have three fields – the header, the > encrypted key, and the RFC 5116 combination of the Ciphertext, > Initialization Vector, and Integrity Value values.****** ** > > This issue is also related to issue #3. Note that the updated McGrew > draft described there could be used whether or not we switched to using RFC > 5116.**** > > > Which of these best describes your preferences on this issue?**** > > 1. Continue having separate Ciphertext, Initialization Vector, and > Integrity Value values in the JWE representation.**** > > 2. Switch to using the RFC 5116 (AEAD) serialization to represent the > combination of these three values.**** > > 3. Another resolution (please specify in detail).**** > > 0. I need more information to decide.**** > > > Your reply is requested by Friday, April 19th or earlier. > _______________________________________________ > jose mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/jose > > > > _______________________________________________ > jose mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/jose > >
_______________________________________________ jose mailing list [email protected] https://www.ietf.org/mailman/listinfo/jose
