- From: Ryan Sleevi <sleevi@google.com>
- Date: Fri, 19 Aug 2016 14:01:46 -0700
- To: Charles Engelke <w3c@engelke.com>
- Cc: Eric Roman <ericroman@google.com>, "public-webcrypto@w3.org" <public-webcrypto@w3.org>
- Message-ID: <CACvaWvaSt7sN0bnXRtvhd5HY7hAYw0rsMOK8JXfNoH-Fa80t8w@mail.gmail.com>
On Fri, Aug 19, 2016 at 1:36 PM, Charles Engelke <w3c@engelke.com> wrote: > Ryan, > > Even if JWA won't change, > It's an RFC. You would be talking about reissuing a new RFC, conceivably, so it's safe to say won't change. > shouldn't the WebCrypto spec change to say that if "d" is included, then > the optional parameters that JWA says SHOULD be included, MUST be included > for importKey. Otherwise it seems likely we won't get any implementations > that implement what WebCrypto currently says is allowed: including only n, > e, and d for private keys. > No WebCrypto implementation supports the "oth" details, despite it being allowed in both JWK (and the JsonWebKey structure) and RFC 3447 ( https://tools.ietf.org/html/rfc3447#appendix-A.1.2 ) So, if we use your logic, would it make sense for the spec to say implementations MUST NOT supply the "oth" info? Should we remove that from JsonWebKey? The above thought experiment is to show the inherent nuance in key processing, which is still unresolved by the group, JWK or otherwise. I don't have a good solution. If we say MUST be included, what implications does that have for a future implementation that may allow them to be omitted and calculates them (based on "n", "e", "d") itself, which we also discussed in the past? I think the situation of "oth" and the "qi"&friends both speak to the same case. It's also ignoring the fact that implementations treat the rules around "p" and "q" differently - whether or not the conformance with RFC 3447 regarding "first two prime factors" implies an ordered relationship (p < q) or not. That's also an area of past and presumably future implementation disagreement.
Received on Friday, 19 August 2016 21:02:55 UTC