#82: Section 6. Encrypted JWK and Encrypted JWK Set Format A. The existence of private material is not easily identifiable for an entity that does not have full and update information on a kty value. This means that they either need to not allow them to be processed or they need to not worry about the fact that information may be private. This can be fixed by defining a JWK element "private" and requiring that all private material be placed in that object. This should be evaluated
B. RECOMMENDED is not a protocol requirement and thus should be lowercased C. cty is MUST be used D. There are no rules specified here for how to convert a JWK to an octet string. This needs to be done. E. The same items apply to both paragraph #1 and paragraph #2. F. For simplicity - is there any reason not to require the use of JWK Sets when doing the encrypted version. This seems to be a complication that is not especially needed except to make Ryan happy. -- -------------------------+------------------------------------------------- Reporter: | Owner: draft-ietf-jose-json-web- [email protected] | [email protected] Type: defect | Status: new Priority: major | Milestone: Component: json-web- | Version: key | Keywords: Severity: - | -------------------------+------------------------------------------------- Ticket URL: <http://trac.tools.ietf.org/wg/jose/trac/ticket/82> jose <http://tools.ietf.org/jose/> _______________________________________________ jose mailing list [email protected] https://www.ietf.org/mailman/listinfo/jose
