I like this change and think it will make it much more straightforward to consume the examples.
One thing I noticed though, in Section 5.3.2 of JWA "JWK Parameters for RSA Private Keys" [1] it says that all the members (excepting "oth") are required for private keys. However the example JWK RSA keys in JWE [2] and JWS [3] only have the "d" (Private Exponent) Parameter part of the private portion. Can we relax/change JWA to say something like "d" is always required and either all of others (with the caveat for "oth") are required to be there together or that they all need to be omitted? The Private Exponent is all that's functionally needed, right? And the rest are optimizations? I honestly don't know much (okay anything) about CRT vs plain old RSA keys. But it seems like there are cases where it'd be totally reasonable to have just the "d" - and the examples in JWS and JWE seem to make that point. [1] http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-13#section-5.3.2 [2] http://tools.ietf.org/html/draft-ietf-jose-json-web-encryption-13#appendix-A.1.4 [3] http://tools.ietf.org/html/draft-ietf-jose-json-web-signature-13#appendix-A.2.1 On Sun, Jul 14, 2013 at 3:03 PM, Mike Jones <[email protected]>wrote: > FYI – this was done in the -12 drafts.**** > > ** ** > > -- Mike**** > > ** ** > > *From:* Mike Jones [mailto:[email protected]] > *Sent:* Friday, June 21, 2013 8:58 AM > *To:* Matt Miller (mamille2); Richard Barnes > > *Cc:* Jim Schaad; [email protected]; > [email protected] > *Subject:* RE: [jose] Keys in the documents**** > > ** ** > > Will do.**** > ------------------------------ > > *From: *Matt Miller (mamille2) > *Sent: *6/21/2013 6:06 AM > *To: *Richard Barnes > *Cc: *Jim Schaad; [email protected]; > [email protected] > *Subject: *Re: [jose] Keys in the documents > > +1 > > On Jun 20, 2013, at 8:48 PM, Richard Barnes <[email protected]> > wrote: > > > +1 > > > > On Thursday, June 20, 2013, Jim Schaad wrote: > > > >> Is there any reason not to provide the public and private keys in the > >> appendixes as JWK objects? This would make them easier to understand > and > >> put them into a format that one expects to be understood by JOSE > systems.* > >> *** > >> > >> ** ** > >> > >> Jim**** > >> > >> ** ** > >> > > - m&m > > Matt Miller < [email protected] > > Cisco Systems, Inc.**** > > _______________________________________________ > jose mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/jose > >
_______________________________________________ jose mailing list [email protected] https://www.ietf.org/mailman/listinfo/jose
