I'm having trouble finding the message you're referring to with the choices.
Maybe you could resend it?
I think the choices we're discussing here are to:
(1) Change the name of "Implementation Requirements" to "JOSE Implementation
Requirements" (already done)
(2) Change the names of all of "Required", "Optional", "Recommended", and
"Prohibited".
(3) Change just the name of "Prohibited".
(1) is straightforward and further clarified things. (2) would be consistent,
but seems unnecessarily verbose. (3) would be inconsistent.
Answering your first question, I believe that if we rewrite any of the names, I
believe that, yes, we need to rewrite all of them, for consistency purposes.
I'm pretty sure I don't understand your second question. What do you mean by
"the keying only algorithm"?
-- Mike
From: Jim Schaad [mailto:[email protected]]
Sent: Thursday, December 19, 2013 11:44 AM
To: Mike Jones; 'Richard Barnes'; 'Karen ODonoghue'
Cc: [email protected]
Subject: RE: [jose] Issue #187 - Allow registration of non-JWE/JWS algorithms
for JWK
Mike,
I had offered a number of possibilities, do you see the same rewrite for all of
them?
If we do the JOSE Implementation Requirements, what does this mean in terms of
what you would do for the keying only algorithms?
Jim
From: jose [mailto:[email protected]] On Behalf Of Mike Jones
Sent: Thursday, December 19, 2013 12:02 AM
To: Richard Barnes; Karen ODonoghue
Cc: [email protected]<mailto:[email protected]>
Subject: Re: [jose] Issue #187 - Allow registration of non-JWE/JWS algorithms
for JWK
I guess my problem with changing "Prohibited" to "Prohibited for JWS and JWE"
is that then to be parallel we'd need to change "Required" to one of "Required
for JWS", "Required for JWE", or "Required for JWS and JWE", depending up
context, change "Recommended"..., change "Optional"..., change "Deprecated"...,
etc. It wouldn't change the meaning at all and it would add a lot of
unnecessary verbal clutter.
This wouldn't just affect "Prohibited".
I'd much rather handle this a different way, and change the registry field name
from "Implementation Requirements" to "JOSE Implementation Requirements",
rather than qualifying every registry field value in a complicated way - that
is, if people really believe that a change would be an improvement.
-- Mike
From: jose [mailto:[email protected]] On Behalf Of Richard Barnes
Sent: Wednesday, December 18, 2013 3:42 PM
To: Karen ODonoghue
Cc: [email protected]<mailto:[email protected]>
Subject: Re: [jose] Issue #187 - Allow registration of non-JWE/JWS algorithms
for JWK
I'm with Jim and Karen on this one.
On Wed, Dec 18, 2013 at 4:42 PM, Karen O'Donoghue
<[email protected]<mailto:[email protected]>> wrote:
True, but, is there any harm in making the term clearer as well? I don't see
one...
Karen
On 12/13/13 11:53 PM, Mike Jones wrote:
The meaning of "Prohibited" is already clear.
http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-18#section-7.1.1
says:
Any identifiers registered for non-authenticated encryption algorithms
or other algorithms that are otherwise unsuitable for direct use
as JWS or JWE algorithms must be registered as "Prohibited".
I don't think a change is needed.
-- Mike
From: jose [mailto:[email protected]] On Behalf Of Mark Watson
Sent: Friday, December 13, 2013 5:43 PM
To: Jim Schaad
Cc: [email protected]<mailto:[email protected]>
Subject: Re: [jose] Issue #187 - Allow registration of non-JWE/JWS algorithms
for JWK
Yes, I think it would be clearer to change or quality the term. "JWK only" or
"Key Transport Only" or "Prohibited for JWE/JWS" could all work.
FYI, the WebCrypto registrations are not in the Editor's Draft at
https://dvcs.w3.org/hg/webcrypto-api/raw-file/tip/spec/Overview.html, though
there remains the question of whether we could register an Array format instead
of a string for JWK, as per my earlier mail (comments please!).
...Mark
On Fri, Dec 13, 2013 at 5:00 PM, Jim Schaad
<[email protected]<mailto:[email protected]>> wrote:
Minor question before I close this bug.
Is there any sentiment to use a term that is not quite as "nasty" as
"Prohibited" in the registration record. Specifically something along the
lines of "Key Transport Only".
Jim
_______________________________________________
jose mailing list
[email protected]<mailto:[email protected]>
https://www.ietf.org/mailman/listinfo/jose
_______________________________________________
jose mailing list
[email protected]<mailto:[email protected]>
https://www.ietf.org/mailman/listinfo/jose
_______________________________________________
jose mailing list
[email protected]<mailto:[email protected]>
https://www.ietf.org/mailman/listinfo/jose
_______________________________________________
jose mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/jose
