Ballot for draft-ietf-jose-jwk-thumbprint
Yes
No Objection
Abstain
Note: This ballot was opened for revision 06 and is now closed.
-- Section 6 -- This specification adds to the instructions to the Designated Experts for the following IANA registries, all of which are in the JSON Object Signing and Encryption (JOSE) protocol category [IANA.JOSE]: o JSON Web Key Types o JSON Web Key Elliptic Curve o JSON Web Key Parameters Because you're changing the DE instructions, either this document needs to "update" 7517 and 7518 (where those registries are defined), or it needs to update the registries to add itself to the reference field ("[RFC7518][RFCxxxx]"). And in either case, it needs to make it clear in the introduction that Section 6 provides additional instructions to the designated experts for those three registries. Otherwise, it's too easy for DEs for those registries not to notice this update. [I know the current DEs are well aware of it. But that's not the point.]
Sarah Banks did the opsdir review.
This draft chooses the wrong input to the hash function. Other specifications, even those that do not otherwise use ASN.1 use the SubjectPublicKeyInfo ASN.1 structure for that. I raised that point in the WG and during IETF LC but was in the rough. Nonetheless, this will I believe need to be done over later when or if there is a need to identify a public key in a cross-protocol or similar context. That's a waste of effort for no good reason. The world won't end though.