Good idea, Russ. How about this?
"In the general case, the specific identifiers used to tie the key derivation
to the sender (Party U) and the receiver (Party V) are application specific and
beyond the scope of this specification. As an illustration of one possible
usage, when the JWE is a JSON Web Token (JWT) [JWT], applications might specify
that the "iss" (issuer) value be used as the "apu" value and the primary "aud"
(audience) value be used as the "apv' value."
-- Mike
From: Russ Housley [mailto:[email protected]]
Sent: Sunday, June 23, 2013 7:43 AM
To: Mike Jones
Cc: [email protected]
Subject: Re: [jose] Concat KDF
Mike:
I can add a sentence along the lines of the following to make Jim's points
below clearer to non-expert readers:
"The specific identifiers used to tie the key derivation to the sender (Party
U) and the receiver (Party V) are application specific and beyond the scope of
this specification."
I see the attraction of this approach, but I wonder if it would be possible to
also include some advice to applications that make use of JOSE.
If the parties that are trying to form a pairwise key make different
assumptions, then we do not get interoperability. I am just trying to improve
the likelihood of interoperability.
Russ
_______________________________________________
jose mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/jose
