We can also blame JOSE for deciding that only authenticated encryption algorithms should be used.
From: jose [mailto:[email protected]] On Behalf Of Richard Barnes Sent: Tuesday, December 09, 2014 2:45 PM To: Anders Rundgren Cc: [email protected] Subject: Re: [jose] WebCrypto/JOSE Algorithm IDs = Mess Blame JOSE for using aggregated identifiers. Blame WebCrypto for using deaggregated identifiers. Or just accept that the two camps refused to align, and make yourself a translation table. http://dxr.mozilla.org/mozilla-central/source/dom/crypto/KeyAlgorithmProxy.cpp#123 On Tue, Dec 9, 2014 at 5:36 AM, Anders Rundgren <[email protected]> wrote: This is just a complaint from a user. It is sad that the algorithm IDs never were aligned. A few examples of what I stumbled into: 1. AES-CBC doesn't exist in JOSE 2. WebCrypto: {name: 'RSA-OAEP', hash: {name: 'SHA-256'}} = JOSE: RSA-OAEP-256 3. Let's say that you wanted to create a protocol that would hash something and then you would supply an algorithm ID, then what would use? AFAICT, there's nothing that would be aligned with JOSE (it doesn't need hash). Using "SHA-256"? Well, then you would be mixing algorithm IDs from different dictionaries which sounds like a rather ugly hack. That x5c elements are (unlike everything else binary) not base64url-encoded also feels a bit strange but I guess this a legacy thing. Anders _______________________________________________ jose mailing list [email protected] https://www.ietf.org/mailman/listinfo/jose _______________________________________________ jose mailing list [email protected] https://www.ietf.org/mailman/listinfo/jose
