Re: [jose] WG Last Call Comments: draft-ietf-jose-json-web-algorithms-25

Thu, 01 May 2014 00:04:24 -0700 

http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-26#section-3.4 
has been augmented to clarify that the R and S representations conform to SEC1. 
 I hope that this addresses the issue that you raised, Scott.  And thanks for 
the useful follow-up comments, Brian.

                                                            Thanks all,
                                                            -- Mike

From: Brian Campbell [mailto:[email protected]]
Sent: Tuesday, April 08, 2014 12:43 PM
To: Mike Jones
Cc: Hollenbeck, Scott; [email protected]; Kaliski, Burt
Subject: Re: [jose] WG Last Call Comments: 
draft-ietf-jose-json-web-algorithms-25

But that section (6.2.1.2) is about the EC parameters x and y in JWK. The 
comment was about the ECDSA signature values R & S in section 3.4 for JWS. I 
believe that Scott is correct in saying that it is currently ambiguous and 
could be clarified. I think that left zero padding is what was intended and 
what most of us have (eventually) inferred should be done. But it should 
probably be stated explicitly.

On Mon, Apr 7, 2014 at 3:57 PM, Mike Jones 
<[email protected]<mailto:[email protected]>> wrote:

Thanks for the useful reviews, Scott and Burt.  Replies are inline.

-----Original Message-----
From: jose [mailto:[email protected]<mailto:[email protected]>] On 
Behalf Of Hollenbeck, Scott
Sent: Friday, April 04, 2014 5:43 PM
To: [email protected]<mailto:[email protected]>
Cc: Kaliski, Burt
Subject: [jose] WG Last Call Comments: draft-ietf-jose-json-web-algorithms-25

Sec. 3.4:  For ECDSA P-521 SHA-512, as noted, "R and S will be 521 bits each, 
resulting in a 132-octet sequence."  Unclear how R and S are to be converted 
into respective 66-octet values (pad with 0 bits on the left versus right).  
Should be consistent with practice in other specifications, e.g., IEEE 1363.



Per 
http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-25#section-6.2.1.2,
 this is specified by the SEC1 specification, which the "x" and "y" definitions 
reference.  (SEC1 specifies padding on the left in Section 2.3.1 - 
"BitString-to-OctetString Conversion".)

_______________________________________________
jose mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/jose

Reply via email to