JSON Web Key (JWK) Thumbprint
draft-ietf-jose-jwk-thumbprint-08
Yes
(Kathleen Moriarty)
No Objection
(Alia Atlas)
(Alissa Cooper)
(Alvaro Retana)
(Ben Campbell)
(Benoît Claise)
(Brian Haberman)
(Deborah Brungard)
(Jari Arkko)
(Martin Stiemerling)
(Spencer Dawkins)
(Terry Manderson)
Abstain
Note: This ballot was opened for revision 06 and is now closed.
Kathleen Moriarty Former IESG member
Yes
Yes
(for -06)
Unknown
Alia Atlas Former IESG member
No Objection
No Objection
(for -07)
Unknown
Alissa Cooper Former IESG member
No Objection
No Objection
(for -06)
Unknown
Alvaro Retana Former IESG member
No Objection
No Objection
(for -07)
Unknown
Barry Leiba Former IESG member
No Objection
No Objection
(2015-07-07 for -07)
Unknown
-- Section 6 -- This specification adds to the instructions to the Designated Experts for the following IANA registries, all of which are in the JSON Object Signing and Encryption (JOSE) protocol category [IANA.JOSE]: o JSON Web Key Types o JSON Web Key Elliptic Curve o JSON Web Key Parameters Because you're changing the DE instructions, either this document needs to "update" 7517 and 7518 (where those registries are defined), or it needs to update the registries to add itself to the reference field ("[RFC7518][RFCxxxx]"). And in either case, it needs to make it clear in the introduction that Section 6 provides additional instructions to the designated experts for those three registries. Otherwise, it's too easy for DEs for those registries not to notice this update. [I know the current DEs are well aware of it. But that's not the point.]
Ben Campbell Former IESG member
No Objection
No Objection
(for -07)
Unknown
Benoît Claise Former IESG member
No Objection
No Objection
(for -06)
Unknown
Brian Haberman Former IESG member
No Objection
No Objection
(for -07)
Unknown
Deborah Brungard Former IESG member
No Objection
No Objection
(for -07)
Unknown
Jari Arkko Former IESG member
No Objection
No Objection
(for -07)
Unknown
Joel Jaeggli Former IESG member
No Objection
No Objection
(2015-07-08 for -07)
Unknown
Sarah Banks did the opsdir review.
Martin Stiemerling Former IESG member
No Objection
No Objection
(for -07)
Unknown
Spencer Dawkins Former IESG member
No Objection
No Objection
(for -07)
Unknown
Terry Manderson Former IESG member
No Objection
No Objection
(for -07)
Unknown
Stephen Farrell Former IESG member
Abstain
Abstain
(2015-07-07 for -07)
Unknown
This draft chooses the wrong input to the hash function. Other specifications, even those that do not otherwise use ASN.1 use the SubjectPublicKeyInfo ASN.1 structure for that. I raised that point in the WG and during IETF LC but was in the rough. Nonetheless, this will I believe need to be done over later when or if there is a need to identify a public key in a cross-protocol or similar context. That's a waste of effort for no good reason. The world won't end though.