On Fri, Jan 23, 2015 at 1:04 PM, ⌘ Matt Miller <[email protected]> wrote:
> -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA512 > > On 1/23/15 10:57 AM, Richard Barnes wrote: > > > > > > On Fri, Jan 23, 2015 at 12:38 PM, Stephen Farrell > > <[email protected] <mailto:[email protected]>> > > wrote: > > > > > > > > On 23/01/15 17:28, ⌘ Matt Miller wrote: > >> I agree with Richard that the hash input looks needlessly > >> complex. > > > > Well that's one dimension and if the wg consider it's not important > > to produce something one can compare with hashed public keys from > > other protocols that's fine and I'd agree with Richard/you. > > > > But, why give up the ability to compare thumbprints with DANE etc? > > > > I think it's at least arguable that that'd be worth the code to > > produce a hashed SPKI and better than either aiming for the > > simplest possible code, or for the current hash input from the > > draft. > > > > > >> Dude, seriously. The whole point of this WG is to not do ASN.1. > > > > One could make an argument that the JWK thumbprint hash input be > defined in a manner that's not in terms of ASN.1 but would be > compatible [1]. > Anything that would be compatible would require decoding and dealing with binary octets, which I'm pretty sure is more work than most people on this list are willing to do just to get a thumbprint. > > But I am not making that argument, because it's way more work than I'm > willing to do, with little payoff for the things I work on. > > > - -- > - - m&m > > Matt Miller < [email protected] > > Cisco Systems, Inc. > > [1] http://cdn.meme.am/instances/500x/58395759.jpg > -----BEGIN PGP SIGNATURE----- > Version: GnuPG/MacGPG2 v2.0.22 (Darwin) > Comment: GPGTools - https://gpgtools.org > > iQEcBAEBCgAGBQJUwo1BAAoJEDWi+S0W7cO1EFYH/0mI4W3W5YduIxF8BiDwpGB/ > v5N0j/88Ed8uAUVHbcI/hqU0HX/S2ytx2ORnU1yw7hKcjHyfrFbjO0YJxz6QkshI > E7zvoqWoUL9C0YYko9m51UsUJkK0C5OS//q1AX9ilt51C9NBNkLUCWK03Cv9FtPG > EcVzE9H0Ye9lvnC8FyQpdKNO9Z7bdtUr9oV1r7INTpQjZX4zvLci6lIrRmniJAKa > rlgJJoTNn+txwnVIdmLmXn78P5fJPYgIcFAuciV0s0rlCx/UFNeyr9Yd7J206Vgv > kCsOO5aiD3yBsfzkgqCMYD/v9C+QrfDp9RKeVGJ9EAfmQmHGx5s2p7pNyZ3rYAM= > =iHwT > -----END PGP SIGNATURE----- >
_______________________________________________ jose mailing list [email protected] https://www.ietf.org/mailman/listinfo/jose
