Thanks for your review. The -34 draft contains the following resolutions. I
hope that you can clear your DISCUSSes on that basis.
-- Mike
> -----Original Message-----
> From: jose [mailto:[email protected]] On Behalf Of Richard Barnes
> Sent: Wednesday, October 01, 2014 7:34 PM
> To: The IESG
> Cc: [email protected]; [email protected];
> [email protected]
> Subject: [jose] Richard Barnes' Discuss on draft-ietf-jose-json-web-key-33:
> (with
> DISCUSS and COMMENT)
>
> Richard Barnes has entered the following ballot position for
> draft-ietf-jose-json-web-key-33: Discuss
>
> When responding, please keep the subject line intact and reply to all email
> addresses included in the To and CC lines. (Feel free to cut this introductory
> paragraph, however.)
>
>
> Please refer to http://www.ietf.org/iesg/statement/discuss-criteria.html
> for more information about IESG DISCUSS and COMMENT positions.
>
>
> The document, along with other ballot positions, can be found here:
> http://datatracker.ietf.org/doc/draft-ietf-jose-json-web-key/
>
>
>
> ----------------------------------------------------------------------
> DISCUSS:
> ----------------------------------------------------------------------
>
> Section 4.3.
> "The "use" and "key_ops" JWK members SHOULD NOT be used together."
> Did the WG discuss how these could combine? What was the outcome of that
> discussion? This could be an important point for interoperability. For
> example,
> WebCrypto enforces them both, so it will break if it gets a key with "use" and
> "key_ops" set to inconsistent values.
> https://dvcs.w3.org/hg/webcrypto-api/raw-file/tip/spec/Overview.html#rsa-
> pss-operations
I believe that the working group discussion is accurately reflected in this
text from the spec:
The "use" and "key_ops" JWK members SHOULD NOT be used together.
Applications should specify which of these members they use, if
either is to be used by the application.
To keep things simple, applications should choose one or the other, based on
their needs. Note that this is a "SHOULD NOT" - not a "MUST NOT", so if
WebCrypto believes they have a good reason to allow either or both, they're not
violating the spec. But specifying which combinations are legal and which
aren't in the JWK spec seems very high on the complexity to usefulness ratio.
I hope that you will choose to withdraw this DISCUSS on that basis.
> Section 8.
> "[TBD]@ietf.org"
> This needs to be populated before approval. I don't know what's customary
> here, but "[email protected]" is an obvious candidate.
Per the spec, [email protected] is already the recommended name. Yes,
we would create this list before final approval, just as
[email protected] was created before RFC 6749 was approved. I hope
that you'll choose to withdraw this DISCUSS on that basis.
> ----------------------------------------------------------------------
> COMMENT:
> ----------------------------------------------------------------------
>
> Section 1.1.
> The pointer for BASE64URL should be to JWS. One level of indirection, please
> :)
Agreed
> Section 4.
> It might be worth being explicit (here or elsewhere):
> "A JWK MUST NOT contain algorithm-specific members for key type other the
> one specified in its "kty" attribute."
I agree with the sentiment, but this actually contradicts the statement that
member names that are not understood MUST be ignored.
> Section 4.1.
> "cryptographic algorithm family used with the key"
> "... such as "RSA" or "EC"."
Agreed
> Section 4.7.
> "base64 encoded ([RFC4648] Section 4 -- not base64url encoded) DER"
> It seems unpleasant for implementations to have to support two flavors of
> base64, especially since this doesn't use PEM directly. Did the WG discuss
> just
> using BASE64URL?
Not much, although each certificate value is actually a PEM-encoded value,
including allowing newlines, etc. People agreed with that goal when we did
discuss it.
> Section 9.1.
> It might help here to note that technologies like PKIX and JWT can allow
> relying
> parties to verify the provenance of a key and binding of attributes to it.
Can you propose specific language for this? What I have in mind is delivering
a JWK or JWK Set on a TLS channel using a URL that is cryptographically bound
to the use of the key - possibly using the URL as the issuer of a JWT signed
with the key, but you may have something else in mind.
> _______________________________________________
> jose mailing list
> [email protected]
> https://www.ietf.org/mailman/listinfo/jose
Thanks again,
-- Mike
_______________________________________________
jose mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/jose
