-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 The questions we should be asking ourselves right now are:
1) Is it technically sufficient? 2) Is it an editorial hill I'm willing to die on? If the answer to both is "yes", then I suggest we let it go. If the answer to either is "no", then maybe we need to have Kathleen pull this out of the RFC Editor queue and have a proper discussion. If that action makes you queasy, then maybe you meant to answer "yes" to the questions, and we can all move on with our lives. Personally, I'm fine with the change. It's much much clearer than the original, it's technically sufficient, and it's not an editorial hill I'm willing to die on. - -- - - m&m Matt Miller < [email protected] > Cisco Systems, Inc. On 4/6/15 4:57 PM, Justin Richer wrote: > But if you put them on 3 lines (like in my second example) you’d be > able to fit them that way and it would read more clearly with > plenty of room to spare, even with the longest example in the > table. > > — Justin > >> On Apr 6, 2015, at 1:59 PM, Mike Jones >> <[email protected]> wrote: >> >> The second row can’t be shifted right because of the combined >> length of RSA/ECB/OAEPWithSHA-256AndMGF1Padding and >> 2.16.840.1.101.3.4.1.25. At most, the second row could be >> shifted by two characters by moving the & down a line, but that >> doesn’t seem worth it. >> >> There’s only so much you can do in 69 characters. >> >> -- Mike >> >> From: Justin Richer [mailto:[email protected]] Sent: Monday, April >> 06, 2015 11:18 AM To: Mike Jones Cc: [email protected] Subject: Re: >> [jose] Heads-up about table formatting change in JWA >> >> I think it would read more easily if the JWS were the only thing >> in the left-hand column, such as: >> >> +-------------------------------------------------------------------+ >> >> | JWS | XML DSIG | >> | | JCA | OID >> | >> +-------------------------------------------------------------------+ >> >> | HS256 | http://www.w3.org/2001/04/xmldsig-more#hmac-sha256 <http://www.w3.org/2001/04/xmldsig-more#hmac-sha256> | >> | | HmacSHA256 | 1.2.840.113549.2.9 >> | >> +-------------------------------------------------------------------+ >> >> | HS384 | http://www.w3.org/2001/04/xmldsig-more#hmac-sha384 <http://www.w3.org/2001/04/xmldsig-more#hmac-sha384> | >> | | HmacSHA384 | 1.2.840.113549.2.10 >> | >> +-------------------------------------------------------------------+ >> >> >> >> Note, I haven’t formatted the whole table like this so I don’t know if it fits with exactly these lines. Alternatively, the same table could be represented in block/list form like: >> >> +-------------------------------------------------------------------+ >> >> | JWS | XML DSIG | >> | | JCA >> | | | OID >> | >> +-------------------------------------------------------------------+ >> >> | HS256 | http://www.w3.org/2001/04/xmldsig-more#hmac-sha256 <http://www.w3.org/2001/04/xmldsig-more#hmac-sha256> | >> | | HmacSHA256 >> | | | 1.2.840.113549.2.9 >> | >> +-------------------------------------------------------------------+ >> >> | HS384 | http://www.w3.org/2001/04/xmldsig-more#hmac-sha384 <http://www.w3.org/2001/04/xmldsig-more#hmac-sha384> | >> | | HmacSHA384 >> | | | 1.2.840.113549.2.10 >> | >> +-------------------------------------------------------------------+ >> >> >> I think that either of these read better than the format proposed below. >> >> — Justin >> >> On Apr 5, 2015, at 1:59 PM, Mike Jones >> <[email protected] >> <mailto:[email protected]>> wrote: >> >> The three algorithm identifier cross-reference tables in >> http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-40#app endix-A >> <http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-40#ap pendix-A> >> have always been too crowded, resulting in line wraps being >> inserted in the middle of identifiers. In response to one of his >> IESG review COMMENTs, I committed to Stephen Farrell to work with >> the RFC editor to make these more readable. The RFC editor >> suggested that I hand-format the tables as artwork using two >> lines per entry, as follows. The result is a set of tables in >> which no identifiers are wrapped. >> >> This note is a heads-up that I plan to replace the table contents >> in >> http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-40#app endix-A >> <http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-40#ap pendix-A> >> with the versions that follow. >> >> +-------------------------------------------------------------------+ >> >> | JWS | XML DSIG | >> | JCA | OID >> | >> +-------------------------------------------------------------------+ >> >> | HS256 | http://www.w3.org/2001/04/xmldsig-more#hmac-sha256 <http://www.w3.org/2001/04/xmldsig-more#hmac-sha256> | >> | HmacSHA256 | 1.2.840.113549.2.9 >> | >> +-------------------------------------------------------------------+ >> >> | HS384 | http://www.w3.org/2001/04/xmldsig-more#hmac-sha384 <http://www.w3.org/2001/04/xmldsig-more#hmac-sha384> | >> | HmacSHA384 | 1.2.840.113549.2.10 >> | >> +-------------------------------------------------------------------+ >> >> | HS512 | http://www.w3.org/2001/04/xmldsig-more#hmac-sha512 <http://www.w3.org/2001/04/xmldsig-more#hmac-sha512> | >> | HmacSHA512 | 1.2.840.113549.2.11 >> | >> +-------------------------------------------------------------------+ >> >> | RS256 | http://www.w3.org/2001/04/xmldsig-more#rsa-sha256 <http://www.w3.org/2001/04/xmldsig-more#rsa-sha256> | >> | SHA256withRSA | 1.2.840.113549.1.1.11 >> | >> +-------------------------------------------------------------------+ >> >> | RS384 | http://www.w3.org/2001/04/xmldsig-more#rsa-sha384 <http://www.w3.org/2001/04/xmldsig-more#rsa-sha384> | >> | SHA384withRSA | 1.2.840.113549.1.1.12 >> | >> +-------------------------------------------------------------------+ >> >> | RS512 | http://www.w3.org/2001/04/xmldsig-more#rsa-sha512 <http://www.w3.org/2001/04/xmldsig-more#rsa-sha512> | >> | SHA512withRSA | 1.2.840.113549.1.1.13 >> | >> +-------------------------------------------------------------------+ >> >> | ES256 | http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256 <http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256> | >> | SHA256withECDSA | 1.2.840.10045.4.3.2 >> | >> +-------------------------------------------------------------------+ >> >> | ES384 | http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384 <http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384> | >> | SHA384withECDSA | 1.2.840.10045.4.3.3 >> | >> +-------------------------------------------------------------------+ >> >> | ES512 | http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512 <http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512> | >> | SHA512withECDSA | 1.2.840.10045.4.3.4 >> | >> +-------------------------------------------------------------------+ >> >> | PS256 | http://www.w3.org/2007/05/xmldsig-more#sha256-rsa-MGF1 <http://www.w3.org/2007/05/xmldsig-more#sha256-rsa-MGF1> | >> | SHA256withRSAandMGF1 | 1.2.840.113549.1.1.10 >> | >> +-------------------------------------------------------------------+ >> >> | PS384 | http://www.w3.org/2007/05/xmldsig-more#sha384-rsa-MGF1 <http://www.w3.org/2007/05/xmldsig-more#sha384-rsa-MGF1> | >> | SHA384withRSAandMGF1 | 1.2.840.113549.1.1.10 >> | >> +-------------------------------------------------------------------+ >> >> | PS512 | http://www.w3.org/2007/05/xmldsig-more#sha512-rsa-MGF1 <http://www.w3.org/2007/05/xmldsig-more#sha512-rsa-MGF1> | >> | SHA512withRSAandMGF1 | 1.2.840.113549.1.1.10 >> | >> +-------------------------------------------------------------------+ >> >> >> +-------------------------------------------------------------------+ >> | JWE | XML ENC >> | | JCA | OID >> | >> +-------------------------------------------------------------------+ >> >> | RSA1_5 | http://www.w3.org/2001/04/xmlenc#rsa-1_5 <http://www.w3.org/2001/04/xmlenc#rsa-1_5> | >> | RSA/ECB/PKCS1Padding | 1.2.840.113549.1.1.1 >> | >> +-------------------------------------------------------------------+ >> >> | RSA-OAEP | http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p <http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p> | >> | RSA/ECB/OAEPWithSHA-1AndMGF1Padding | 1.2.840.113549.1.1.7 >> | >> +-------------------------------------------------------------------+ >> >> | RSA-OAEP-256 | http://www.w3.org/2009/xmlenc11#rsa-oaep <http://www.w3.org/2009/xmlenc11#rsa-oaep> & | >> | | http://www.w3.org/2009/xmlenc11#mgf1sha256 >> <http://www.w3.org/2009/xmlenc11#mgf1sha256> | | >> RSA/ECB/OAEPWithSHA-256AndMGF1Padding & | >> | | MGF1ParameterSpec.SHA256 | >> 1.2.840.113549.1.1.7 | >> +-------------------------------------------------------------------+ >> >> | ECDH-ES | http://www.w3.org/2009/xmlenc11#ECDH-ES <http://www.w3.org/2009/xmlenc11#ECDH-ES> | >> | ECDH | 1.3.132.1.12 >> | >> +-------------------------------------------------------------------+ >> >> | A128KW | http://www.w3.org/2001/04/xmlenc#kw-aes128 <http://www.w3.org/2001/04/xmlenc#kw-aes128> | >> | AESWrap | >> 2.16.840.1.101.3.4.1.5 | >> +-------------------------------------------------------------------+ >> >> | A192KW | http://www.w3.org/2001/04/xmlenc#kw-aes192 <http://www.w3.org/2001/04/xmlenc#kw-aes192> | >> | AESWrap | >> 2.16.840.1.101.3.4.1.25 | >> +-------------------------------------------------------------------+ >> >> | A256KW | http://www.w3.org/2001/04/xmlenc#kw-aes256 <http://www.w3.org/2001/04/xmlenc#kw-aes256> | >> | AESWrap | >> 2.16.840.1.101.3.4.1.45 | >> +-------------------------------------------------------------------+ >> >> >> +-------------------------------------------------------------------+ >> | JWE | XML ENC >> | | JCA | OID >> | >> +-------------------------------------------------------------------+ >> >> | A128CBC-HS256 | http://www.w3.org/2001/04/xmlenc#aes128-cbc <http://www.w3.org/2001/04/xmlenc#aes128-cbc> | >> | AES/CBC/PKCS5Padding | >> 2.16.840.1.101.3.4.1.2 | >> +-------------------------------------------------------------------+ >> >> | A192CBC-HS384 | http://www.w3.org/2001/04/xmlenc#aes192-cbc <http://www.w3.org/2001/04/xmlenc#aes192-cbc> | >> | AES/CBC/PKCS5Padding | >> 2.16.840.1.101.3.4.1.22 | >> +-------------------------------------------------------------------+ >> >> | A256CBC-HS512 | http://www.w3.org/2001/04/xmlenc#aes256-cbc <http://www.w3.org/2001/04/xmlenc#aes256-cbc> | >> | AES/CBC/PKCS5Padding | >> 2.16.840.1.101.3.4.1.42 | >> +-------------------------------------------------------------------+ >> >> | A128GCM | http://www.w3.org/2009/xmlenc11#aes128-gcm <http://www.w3.org/2009/xmlenc11#aes128-gcm> | >> | AES/GCM/NoPadding | >> 2.16.840.1.101.3.4.1.6 | >> +-------------------------------------------------------------------+ >> >> | A192GCM | http://www.w3.org/2009/xmlenc11#aes192-gcm <http://www.w3.org/2009/xmlenc11#aes192-gcm> | >> | AES/GCM/NoPadding | >> 2.16.840.1.101.3.4.1.26 | >> +-------------------------------------------------------------------+ >> >> | A256GCM | http://www.w3.org/2009/xmlenc11#aes256-gcm <http://www.w3.org/2009/xmlenc11#aes256-gcm> | >> | AES/GCM/NoPadding | >> 2.16.840.1.101.3.4.1.46 | >> +-------------------------------------------------------------------+ >> >> >> I have double-checked that no changes to the identifiers were introduced in this edit. >> >> We’re almost there… >> >> -- Mike >> >> _______________________________________________ jose mailing >> list [email protected] <mailto:[email protected]> >> https://www.ietf.org/mailman/listinfo/jose >> <https://www.ietf.org/mailman/listinfo/jose> >> > > > > > _______________________________________________ jose mailing list > [email protected] https://www.ietf.org/mailman/listinfo/jose > -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.22 (Darwin) Comment: GPGTools - https://gpgtools.org iQEcBAEBCgAGBQJVIxL3AAoJEDWi+S0W7cO1ZygIAIPmEQQ5jIX6mbgpcGSVMLv7 7D5A7fGiub/S1WQQDdfczBbEfHml6t1stI4lTfchznek8OuC90U3tkjEoP0crsqY P79SepkNt5SfvjExobNhvM4J8nvfhPrJxjEiKZtNQZl8E9I1+1lH8/b9Zo/GkQ4I PYMIgM0RYpcKiQ8eWRiyhOZIawuc9a2iDEcYllbKxID+ktAnbtt+WOMHK5qynFng WbFedTrHQFSEvEWaSygafIFDeJVWB7xdSl53sDclRJFOY85uCVy03Zyj6/Ge4G73 m+7igaVfWckqn/JRQwkWMXwpGYmE2MZJiNUNt/uYXHxpybH7NOjhiC+PsCrKfVg= =mX6L -----END PGP SIGNATURE----- _______________________________________________ jose mailing list [email protected] https://www.ietf.org/mailman/listinfo/jose
