These are both applicable here:
http://rationalwiki.org/wiki/False_dilemma
https://xkcd.com/927/
It is very reasonable to tell people to ensure that their crypto
library is written by a security professional who understands
cryptography and ensures that inputs are validated.
Is is also sensible to write a follow-up RFC detailing security
considerations for implementers. Once done, you can tell people to
only use JOSE implementations that have performed conformity audits
against the new RFC.
Further, you can make sensible proposals to downgrade the IANA
recommendation level of algorithms subject to various attacks. This
can be done without a new RFC.
These approaches will have a far broader impact on the cryptography
ecosystem than proposing a new standard.
On Fri, Mar 31, 2017 at 11:49 AM, Paragon Initiative Enterprises
Security Team <[email protected]> wrote:
>
> On Fri, Mar 31, 2017 at 11:46 AM, Nathaniel McCallum <[email protected]>
> wrote:
>>
>> On Thu, Mar 30, 2017 at 1:52 PM, Paragon Initiative Enterprises
>> Security Team <[email protected]> wrote:
>
>
> (SNIP)
>>
>>
>>
>> Yes, it would be nice if the standard was less fragile in this area.
>> But you're asking for a major change to an existing standard after it
>> is published and many interoperable implementations exist. You have to
>> realize this is a (very) hard sell.
>
>
> The alternative is to tell people don't use JOSE, it's a bad standard and
> design a superior alternative to recommend instead. One that has actually
> been vetted by cryptography experts.
>
> Given only those two options, which would you rather see?
>
> Security Team
> Paragon Initiative Enterprises
>
_______________________________________________
jose mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/jose
