On Thu, Jan 04, 2024 at 06:46:31PM +0000, Neil Madden wrote: > I’m in two minds about this draft. I’m fairly receptive to it in general, but > I think it might be closing the stable door after the horse has already > bolted. > > Some questions and comments that come to mind: > > * A JWK “alg” constraint can only contain a single value. After this > spec passes some algorithms may have two valid identifiers, leaving > implementations a choice as to which to advertise (and risk breaking > some clients) or to publish the key twice with different identifiers > (wasteful and potentially causes other issues), or to drop the > algorithm constraint entirely. None of these seem great.
JOSE has "use" constraint for keys which can be used to limit the key for encryption or signing. Unfortunately, COSE does not have equivalent (only key_ops, which is FUBAR). In JOSE, that should get most of the benefit. > * Does the usage of “enc” count as not being fully specified? I can > well imagine that there are some clients that support, say, RSA- > OAEP, but only support 128-bit content encryption algorithms, or > only support GCM. So the same issue with not specifying the curve > also applies when not specifying the content encryption algorithm. Encryption is much harder case than signing, and this document does not currently attempt to tackle the encryption. I think multi-layer structures alone suffice to scuttle that. -Ilari _______________________________________________ jose mailing list [email protected] https://www.ietf.org/mailman/listinfo/jose
