On 26/01/15 15:30, Brian Campbell wrote:
> IMHO, the
> fears of interoperability problems are a bit overblown.
That is not the point I was making. If two sides the
same hash input of any kind that has the public key
and relevant parameters then you will get interop. I
made no argument that there will be interop problems
no matter how baroque an approach is adopted.
But if you choose SPKI as the hash input you get interop
and system-level benefits that you do not get with any
other input. The reason being that other specifications
and systems use that input. The ways in which that can
be beneficial should be obvious, but e.g. some JOSE
application could benefit from TLSA RRs for example and
I can see how that might be useful for developers
who would like to securely associate a DNS name with
a public key (whenever DNSSEC is deployed for the relevant
names:-).
I have yet to see anyone produce a goo argument against
those benefits. ("Meh" doesn't count as good, though I
do get, and could nearly agree with, the sentiment:-)
S.
_______________________________________________
jose mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/jose
