The meaning of "Prohibited" is already clear.
http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-18#section-7.1.1
says:
Any identifiers registered for non-authenticated encryption algorithms
or other algorithms that are otherwise unsuitable for direct use
as JWS or JWE algorithms must be registered as "Prohibited".
I don't think a change is needed.
-- Mike
From: jose [mailto:[email protected]] On Behalf Of Mark Watson
Sent: Friday, December 13, 2013 5:43 PM
To: Jim Schaad
Cc: [email protected]
Subject: Re: [jose] Issue #187 - Allow registration of non-JWE/JWS algorithms
for JWK
Yes, I think it would be clearer to change or quality the term. "JWK only" or
"Key Transport Only" or "Prohibited for JWE/JWS" could all work.
FYI, the WebCrypto registrations are not in the Editor's Draft at
https://dvcs.w3.org/hg/webcrypto-api/raw-file/tip/spec/Overview.html, though
there remains the question of whether we could register an Array format instead
of a string for JWK, as per my earlier mail (comments please!).
...Mark
On Fri, Dec 13, 2013 at 5:00 PM, Jim Schaad
<[email protected]<mailto:[email protected]>> wrote:
Minor question before I close this bug.
Is there any sentiment to use a term that is not quite as "nasty" as
"Prohibited" in the registration record. Specifically something along the
lines of "Key Transport Only".
Jim
_______________________________________________
jose mailing list
[email protected]<mailto:[email protected]>
https://www.ietf.org/mailman/listinfo/jose
_______________________________________________
jose mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/jose
