This is improved over the last version, however there are still some issues to be addressed:
1. The description of unprotected is incorrect. It describes the contents as being both a string an and object. 2. For aad - the note should be moved to the initial description of JWE AAD and not placed here. (Alternatively it should be in the compact serialization since it is an issue there not here.) 3. See the re-write in the JWS that I suggested. I find the current text to be very difficult to read for header and encrypted_key. 4. Move MUST be present text into each member description. 5. The sentence "The . members MUST be present when . are non-empty." can be removed. This is not adding any content. 6. Several of the MUST be present statements can be simplified. For example - in recipients - This array MUST be absent if the number of elements would be zero. Moving this into the individual elements should help sharpen this text. 7. The paragraph starting with "Not all Header Parameters are." should be moved to the description of the header parameters and not buried here. 8. The paragraph starting "The Header Parameter values." needs to be cleaned up. On the first reading I assumed that all of the per-recipient unprotected header values would be in the union and I know this is wrong. 9. The paragraph starting "The contents of the ." should either be removed or duplicated in section 7.1 10. The paragraph starting "All recipients.." can be deleted - all of this is implicit in the how do you encrypt section.
_______________________________________________ jose mailing list [email protected] https://www.ietf.org/mailman/listinfo/jose
