Re: ISSUE-37 Fwd: [jose] #7: Algorithm identifiers/parameters incompatible with WebCrypto

On Mar 4, 2013, at 10:40 AM, Ryan Sleevi wrote:

I'm with 1, but the JWK proposal for wrap/unwrap creates issues for 2 that make it more look like 3

Actually, we have the problem with the jwk KeyFormat for import, not only with the unwrap/wrap proposal.

We need to have some compatibility rules for WebCrypto and JOSE algorithm names, which is a different (and possibly easier) problem from having a 1-1 mapping.

For example, if I attempt to unwrap a key, and I specify RSA-OAEP as the key algorithm, then the JWK object I find inside the JWE wrapper better be an RSA-OAEP key or a plain RSA key. The fact that it was a wrapped JWK makes no difference, we have the same problem if we just imported the JWK directly.

We then also need mapping from WebCrypto alg names to JOSE alg names and again, we need that for basic JWK export as well as for key wrapping.

ůMarl


On Mon, Mar 4, 2013 at 6:02 AM, Harry Halpin <hhalpin@w3.org<mailto:hhalpin@w3.org>> wrote:

Note JOSE still has this issue open.

As we officially are liasoning with them, before closing we need toofficially send them our proposal to either:

1) interoperate only on high-level API
2) not interoperate and close issue
3) Find some middle-ground (i.e. see Richard and Ryan's debate)

  cheers,
    harry

-------- Original Message --------
Subject:        [jose] #7: Algorithm identifiers/parameters incompatible with WebCrypto
Resent-Date:    Fri, 18 Jan 2013 15:24:06 -0800 (PST)
Resent-From:    trac+jose@trac.tools.ietf.org<mailto:trac+jose@trac.tools.ietf.org>
Resent-To:      mbj@microsoft.com<mailto:mbj@microsoft.com>
Date:   Fri, 18 Jan 2013 23:24:02 -0000
From:   jose issue tracker <trac+jose@trac.tools.ietf.org><mailto:trac+jose@trac.tools.ietf.org>
To:     draft-ietf-jose-json-web-algorithms@tools.ietf.org<mailto:draft-ietf-jose-json-web-algorithms@tools.ietf.org>, rbarnes@bbn.com<mailto:rbarnes@bbn.com>
CC:     jose@ietf.org<mailto:jose@ietf.org>



#7: Algorithm identifiers/parameters incompatible with WebCrypto

 The way that algorithms and parameters are specified is semantically
 equivalent to the WebCrypto spec, but syntactically different.  This
 hinders interoperability.

--
-------------------------+-------------------------------------------------
 Reporter:               |      Owner:  draft-ietf-jose-json-web-
  rbarnes@bbn.com<mailto:rbarnes@bbn.com>        |  algorithms@tools.ietf.org<mailto:algorithms@tools.ietf.org>
     Type:  defect       |     Status:  new
 Priority:  major        |  Milestone:
Component:  json-web-    |    Version:
  algorithms             |   Keywords:
 Severity:  Active WG    |
  Document               |
-------------------------+-------------------------------------------------

Ticket URL: <http://trac.tools.ietf.org/wg/jose/trac/ticket/7><http://trac.tools.ietf.org/wg/jose/trac/ticket/7>
jose <http://tools.ietf.org/jose/><http://tools.ietf.org/jose/>

_______________________________________________
jose mailing list
jose@ietf.org<mailto:jose@ietf.org>
https://www.ietf.org/mailman/listinfo/jose

Received on Monday, 4 March 2013 19:15:24 UTC