[Openid-specs-ab] Spec call notes 10-Dec-12

Brian Campbell bcampbell at pingidentity.com
Tue Dec 11 23:42:03 UTC 2012


In thinking a bit about the conversion at the end of this call about trying
to avoid (or not) double base64 encoding in nested cases - I'm not sure
that all the reasons my esteemed colleague Mr. Bradley gave for it not
being relevant/necessary are totally legit in all situations.

Admittedly I haven't done any real analysis. And I should probably know
better than to question John but I think it's midnight where he is now so
hopefully he's asleep and I'm gonna do it anyway. Take for example, a JWS
that has at its payload a JWE - would that not suffer from some fairly
significant avoidable bloat from the Base64url encoding of the JWE Compact
Serialization? Perhaps I misunderstood but I don't see how any of the
things John mentioned would help with the size growth in that situation.

I'm not necessarily advocating for a change on this one. But if nested JW*s
are expected to be common and the stated intent of JWT and the JOSE specs
is that they are "intended for space constrained environments", then maybe
the idea of some kind of optimization shouldn't be dismissed before a
little more consideration?




On Mon, Dec 10, 2012 at 5:29 PM, Mike Jones <Michael.Jones at microsoft.com>
wrote:
>
> Spec call notes 10-Dec-12
>
>
>
> John Bradley
>
> Nat Sakimura
>
> Edmund Jay
>
> Mike Jones
>
> Brian Campbell
>
> Thomas Hardjono
>
>
>
> Agenda:
>
>                 Native Client Test Application
>
>                 Open Issues
>
>                 Editing
>
>                 JOSE Plans
>
>                 Call Times
>
>
>
> Native Client Test Application:
>
>                 Pam has it mostly working
>
>                 She is still removing Ping-specific configuration details
>
>                 She also plans to add the configuration information for
the participants' endpoints
>
>                                 Discovery will be added later
>
>
>
> Open Issues:
>
>                 We reviewed all open issues needing edits before the
implementer's drafts.
>
>                 Status was updated in bitbucket.
>
>
>
> Editing:
>
>                 Mike requested that people apply as many of their edits
this week as possible
>
>                                 to get us ready for the implementer's
drafts.
>
>                 Nat expects to be able to do more this week now that he's
back in Japan
>
>
>
> JOSE Plans:
>
>                 Mike plans a minor JOSE release in the next week to
define a symmetric key representation
>
>
>
> Call Times:
>
>                 We'll move the Thursday call to 7:00am Pacific Time (one
hour later)
>
>
>
>
> _______________________________________________
> Openid-specs-ab mailing list
> Openid-specs-ab at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs-ab
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20121211/5ed527d0/attachment.html>


More information about the Openid-specs-ab mailing list