#41: Add key wrap to the "use" member in key containers
Comment (by [email protected]): Recap of a conversation that I had with John @ Berlin It would be possible to avoid defining a new keywrap key usage if we allow the enc key usage to have two different meanings with the meaning being selected by the algorithm. enc could be one of either encrypt data or encrypt key but would never be both. This would imply something that we probably want to be true, that you cannot use an RSA key to encrypt both data and keys, but have not currently explicitly stated. We have gone in this direction with the assignment of GCM algorithms to be either data encryption or a key encryption algorithm. This approach would work, however there are three issues to be considered: 1. It would need to be explicitly documented 2. This would not match the way that the WebCrypto group is thinking of things 3. It is harder on novices to understand the difference between encrypting data and encrypting keys so that being explicit on the string would make the Joes of the world happier. -- -------------------------+------------------------------------------------- Reporter: | Owner: draft-ietf-jose-json-web- [email protected] | [email protected] Type: defect | Status: new Priority: major | Milestone: Component: json-web- | Version: key | Resolution: Severity: - | Keywords: | -------------------------+------------------------------------------------- Ticket URL: <https://grenache.tools.ietf.org/wg/jose/trac/ticket/41#comment:2> jose <http://tools.ietf.org/jose/> _______________________________________________ jose mailing list [email protected] https://www.ietf.org/mailman/listinfo/jose
