Thanks for the replies. We're comfortable with the explanations. Scott
From: Mike Jones [mailto:[email protected]] Sent: Tuesday, April 08, 2014 4:14 PM To: Brian Campbell Cc: Hollenbeck, Scott; [email protected]; Kaliski, Burt Subject: RE: [jose] WG Last Call Comments: draft-ietf-jose-json-web-algorithms-25 Thanks for pointing that out John. Will do... From: Brian Campbell [mailto:[email protected]] Sent: Tuesday, April 08, 2014 12:43 PM To: Mike Jones Cc: Hollenbeck, Scott; [email protected]<mailto:[email protected]>; Kaliski, Burt Subject: Re: [jose] WG Last Call Comments: draft-ietf-jose-json-web-algorithms-25 But that section (6.2.1.2) is about the EC parameters x and y in JWK. The comment was about the ECDSA signature values R & S in section 3.4 for JWS. I believe that Scott is correct in saying that it is currently ambiguous and could be clarified. I think that left zero padding is what was intended and what most of us have (eventually) inferred should be done. But it should probably be stated explicitly. On Mon, Apr 7, 2014 at 3:57 PM, Mike Jones <[email protected]<mailto:[email protected]>> wrote: Thanks for the useful reviews, Scott and Burt. Replies are inline. -----Original Message----- From: jose [mailto:[email protected]<mailto:[email protected]>] On Behalf Of Hollenbeck, Scott Sent: Friday, April 04, 2014 5:43 PM To: [email protected]<mailto:[email protected]> Cc: Kaliski, Burt Subject: [jose] WG Last Call Comments: draft-ietf-jose-json-web-algorithms-25 Sec. 3.4: For ECDSA P-521 SHA-512, as noted, "R and S will be 521 bits each, resulting in a 132-octet sequence." Unclear how R and S are to be converted into respective 66-octet values (pad with 0 bits on the left versus right). Should be consistent with practice in other specifications, e.g., IEEE 1363. Per http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-25#section-6.2.1.2, this is specified by the SEC1 specification, which the "x" and "y" definitions reference. (SEC1 specifies padding on the left in Section 2.3.1 - "BitString-to-OctetString Conversion".)
_______________________________________________ jose mailing list [email protected] https://www.ietf.org/mailman/listinfo/jose
