I don't see why this cannot be addressed by good introductory text.
This is an information appendix that presents one of a large number of possible ways to deal with determining which keys are to be used for communicating with other individuals for both encrypting messages and validating signed and MAC messages. The algorithm that is presented here is designed to be relatively complete in order to give good guidance about the types of issues that need to be considered in performing the selection of keys and additional criteria that may need to be included in the process of selecting keys. The order and inclusion of steps in this algorithm does not mean that they need to be performed in this order or that they are required in all contexts. Specific applications will frequently have a much simpler method of determining the keys as there may be one or two choices that are profiled for use. From: Mike Jones [mailto:[email protected]] Sent: Friday, January 03, 2014 4:51 PM To: Jim Schaad; [email protected] Subject: RE: [jose] Web-Signature-10 - Appendix D - Notes on validation key selection The algorithms are the combinatorial combinations of the key selection steps in the bullets of http://tools.ietf.org/html/draft-ietf-jose-json-web-signature-19#appendix-D, including applying them in different orders. As I see it, suggesting a particular order or requiring that particular steps be performed would be going too far, as it would appear to be verging on normative requirements, where there actually are none. If you want us to say that the algorithms are as described in the first sentence of this note, if you believe that would make things more clear, I can do that. -- Mike From: jose [mailto:[email protected]] On Behalf Of Jim Schaad Sent: Friday, January 03, 2014 3:13 PM To: [email protected] Subject: [jose] Web-Signature-10 - Appendix D - Notes on validation key selection I am not happy with the text a that is in this section. I think it completely misses what I was suggesting to do in the mail message that I sent and I am not sure that it captures what Richard suggested either. Among other things it seems to talk about a number of algorithms but there are no actual algorithms presented in the text. Nor does it deal with any of the issues about needing to filter based on attributes and algorithms in any meaningful way. Jim
_______________________________________________ jose mailing list [email protected] https://www.ietf.org/mailman/listinfo/jose
