These comments were addressed in the -04 draft.  Replies are inline below.

Thanks again for your consistent attention to detail!

From: jose [mailto:[email protected]] On Behalf Of Jim Schaad
Sent: Sunday, March 01, 2015 9:47 PM
To: [email protected]
Cc: [email protected]
Subject: [jose] draft-ietf-jose-jwk-thumbprint-03 Comments

Couple more comments:


1.        Think about expanding the abstract.  Remember this is text that is 
expected to be read in isolation from the rest of the document.

Done.  It now also says that the value can be used for identifying or selecting 
the key.


2.       You missed a couple of uses of "REQUIRED members" in the last edit 
pass.

Thanks.  You prompted us to do a full RFC 2119 review.  I think we got it all, 
but let us know if we missed anything.


3.       This statement from section 4
   "Use of escaped characters in the input JWK representation SHOULD be avoided.
Does not agree with the statement from section 3.3
    "Characters in member names and member values MUST be represented without 
being escaped."
While I assume that the statement in section 4 is to apply to values, it does 
not say so.



This is now (hopefully) clarified through the following language:



                    Use of escaped characters in JWKs for which JWK Thumbprints 
will be computed should be avoided.

                    (Use of escaped characters in the hash input JWKs derived 
from these original JWKs is prohibited.)



4.       Section 7 needs to be moved.  It must come before the IANA 
considerations section.  Given the content you might consider putting the text 
into the introduction.

It's now before the IANA considerations section.  We thought about putting it 
in the introduction, but it would triple the size of the introduction and delay 
getting to the meat of the specification.

Jim

                                                                Thanks again,
                                                                -- Nat & Mike

_______________________________________________
jose mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/jose

Reply via email to