+1
> -----Original Message----- > From: Paul Hoffman [mailto:[email protected]] > Sent: Thursday, August 04, 2011 12:03 PM > To: Eric Rescorla > Cc: [email protected] > Subject: Re: [woes] Proposed charter, post-Quebec edition > > > > On Aug 4, 2011, at 8:52 AM, Eric Rescorla wrote: > > > IMO, symmetric integrity protection is a useful primitive, and it's > > already part of the > > JWT spec. I think all that's required here in the charter is to > > wordsmith it to separate > > out symmetric from asymmetric integrity algorithms, > > Current: > 1) A Standards Track document specifying how to apply a > JSON-structured digital signature to data, including (but not > limited to) JSON data structures. "Digital signature" is > defined as a hash operation followed by a signature operation > using asymmetric keys. > > It sounds like you would prefer something like: > 1) A Standards Track document specifying how to apply > integrity protection to data, including (but not limited to) > JSON data structures. This integrity protection can be > achieved with both symmetric and asymmetric algorithms. > > Is that right? > > --Paul Hoffman > > _______________________________________________ > woes mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/woes > _______________________________________________ woes mailing list [email protected] https://www.ietf.org/mailman/listinfo/woes
