[jose] #174: Section 5.1 Message Enryption

Mon, 19 Aug 2013 16:27:31 -0700 

#174: Section 5.1 Message Enryption

 A. Step 1 - remove the parenthetical as it is part of the definition of
 alg

 B. Step 2 - should have a comment that the CEK MUST be generated fresh for
 every message that is created.

 C. Steps 2, 3, and 4 would be better treated as sub-steps.  At a minimum
 these should be broken down so that things like the term Otherwise in step
 5 are removed - this confuses the reader because it is not clear if this
 is otherwise step 4 or otherwise steps 2 3 and 4.

 D.  CEK being empty octet sequence should be a function of the key
 algorithm definition and not part of this.  It could be omitted rather
 than a zero sequence for the JSON serialization

 F.  For step 5 - you should state that these methods are not compatible
 with multiple recipients

 G.  Step 12 - turning the plain text into the octet sequence is a
 requirement for the application and not for JWE.  Delete this step.
 Include new section on plain text preparation from earlier email.

 H.  Step 13 - this is a per-recipient step and should therefore be before
 step 8.

 I.  Step 13 - Should consider the duplication check on member names in the
 header for any recipient.

 J.  Step 14 - remove the parenthetical as it is should be discussed in the
 serialization if at all.  Setting it to the empty string should be a
 function of the JSON serialization and not here.  There is an interesting
 question if this should be "{}" instead of empty.

 K.  Step 15 - kill the word ASCII

 L.  Step 16 - kill the parenthetical - it is duplicate info from
 elsewhere.

 M.  Step 20 - delete everything after the first sentence.  Details of how
 to do the serialization belong in section 7

-- 
-------------------------+-------------------------------------------------
 Reporter:               |      Owner:  draft-ietf-jose-json-web-
  [email protected] |  [email protected]
     Type:  defect       |     Status:  new
 Priority:  Editorial    |  Milestone:
Component:  json-web-    |    Version:
  encryption             |   Keywords:
 Severity:  -            |
-------------------------+-------------------------------------------------

Ticket URL: <http://trac.tools.ietf.org/wg/jose/trac/ticket/174>
jose <http://tools.ietf.org/jose/>

_______________________________________________
jose mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/jose

Reply via email to