On Oct 20, 2015, at 23:31, Vladimir Dzhuvinov <[email protected]> wrote: > > Last night I saw a ticket from a developer who was trying to set the IV > for the JWE content encryption by passing the value through the "iv" > header parameter. > > My understanding is that this is not standard behavior, but still, is > this is a sensible method to allow developers to set the IV? (if set by > the developer the "iv" header parameter is to be removed before the JWE > is created). This method of course will have problems when AES/GCM key > wrap is used, as then there will be no way to set two nonces via the > "iv" header. > > https://bitbucket.org/connect2id/nimbus-jose-jwt/issues/158/jwe-iv-remains-in-jwe-header >
I understand the desire to do this, and there are *some* legitimate reasons for a developer to provide the IV (although just about all of them are with regards to consistent testing outcomes). Personally, I'd make it hard to do, but maybe not impossible. I think using the header is a terrible idea; like you say, it overloads its meaning and that will cause problems. -- - m&m Matt Miller <[email protected]> Cisco Systems, Inc.
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ jose mailing list [email protected] https://www.ietf.org/mailman/listinfo/jose
