Hi Ludwig,
I was going through my JOSE and JWT e-mails and realized that I'd never
addressed your comment below.
It's my sense that the confusion was there because JWE and the GCM algorithm
refer to the "additional authenticated data" parameter whereas the
AES_CBC_HMAC_SHA2 algorithm refers to the "associated data" parameter, which is
the same thing (although the specs never said so). To hopefully eliminate the
confusion, the JOSE -24 drafts replaced uses of the term "associated data"
wherever it was used to refer to this data value with "additional authenticated
data".
Thanks again for your detailed review.
-- Mike
-----Original Message-----
From: [email protected] [mailto:[email protected]] On Behalf Of Ludwig
Seitz
Sent: Tuesday, May 21, 2013 4:00 AM
To: [email protected]
Subject: [jose] Question about JWA/JWE drafts
Hello,
this question concerns draft-ietf-jose-json-web-algorithms-10 and
draft-ietf-jose-json-web-encryption-10.
In the specification of e.g. the
AES_CBC_HMAC_SHA2 Algorithms encryption (section 4.8.2.1.) the parameter A for
associated data is declared, however it seems as if it is not defined anywhere
what should go into this parameter.
Only from section A.3.7. of the JWE draft can one infer what should go into A.
I suspect this was part of the draft in a previous version and accidentally got
deleted.
Regards,
Ludwig Seitz
--
Ludwig Seitz, PhD
SICS Swedish ICT AB
Ideon Science Park
Building Beta 2
Scheelevägen 17
SE-223 70 Lund
Phone +46(0)70-349 92 51
http://www.sics.se
_______________________________________________
jose mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/jose
