So, just so we're clear on what we're talking about, the proposal would be something like the following?
1. Have one/two fields in JWE/JWS that can hold a reference a [JW]Key, namely "kid" and/or "jku" 2. Move the other key labeling fields under JWK, namely "x5u", "x5t", "x5c" 3. Keep the "jwk" field in JWE/JWS to contains the JWK, possibly with identifiers from (2) For that matter, I would be OK moving "kid" inside the JWE/JWS "jwk" parameter as well, and just having a "jwk" element at the top level. On Tue, Apr 16, 2013 at 12:55 PM, Justin Richer <[email protected]> wrote: > I also like this approach. > > -- Justin > > > On 04/16/2013 12:48 PM, Richard Barnes wrote: > > That limitation seems very sensible to me. It would be a large > simplification over current JWE, with its abundance of key identifiers. > --Richard > > > On Tue, Apr 16, 2013 at 11:57 AM, Matt Miller <[email protected]> wrote: > >> I have a slight preference for (2), assuming JWE retains the "kid" >> parameter. I personally would rather limit key indication to a JWK (and >> wrapping "x5c" in a JWK), or a reference to a JWK ("kid", and maybe "jku"). >> >> >> - m&m >> >> Matt Miller < [email protected] > >> Cisco Systems, Inc. >> >> On Apr 11, 2013, at 5:59 PM, Karen O'Donoghue <[email protected]> wrote: >> >> > Issue #12 http://trac.tools.ietf.org/wg/jose/trac/ticket/12 < >> http://trac.tools.ietf.org/wg/jose/trac/ticket/12> suggests removing the >> "x5c" header parameter from JWE, saying that no use case for it has >> emerged. The same logic may apply to other key specification parameters >> for JWE. >> > >> > >> > Which of these best describes your preferences on this issue? >> > >> > 1. Retain the "x5c" header parameter in JWE. >> > >> > 2. Remove the "x5c" header parameter (and possibly other related key >> specification parameters) from JWE. >> > >> > 3. Another resolution (please specify in detail). >> > >> > 0. I need more information to decide. >> > >> > Your reply is requested by Friday, April 19^th or earlier. >> > _______________________________________________ >> > jose mailing list >> > [email protected] >> > https://www.ietf.org/mailman/listinfo/jose >> >> >> _______________________________________________ >> jose mailing list >> [email protected] >> https://www.ietf.org/mailman/listinfo/jose >> >> > > > _______________________________________________ > jose mailing [email protected]https://www.ietf.org/mailman/listinfo/jose > > >
_______________________________________________ jose mailing list [email protected] https://www.ietf.org/mailman/listinfo/jose
