IETF Logo Mail Archive

Re: [Ace] [COSE] Call for adoption for draft-wahlstroem-ace-cbor-web-token-00

Justin Richer <jricher@mit.edu> Sun, 10 April 2016 12:51 UTC

Return-Path: <jricher@mit.edu>
X-Original-To: ace@ietfa.amsl.com
Delivered-To: ace@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DC98D12D522; Sun, 10 Apr 2016 05:51:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.216
X-Spam-Level:
X-Spam-Status: No, score=-5.216 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-0.996, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id w3tESGFeCfrv; Sun, 10 Apr 2016 05:51:16 -0700 (PDT)
Received: from dmz-mailsec-scanner-5.mit.edu (dmz-mailsec-scanner-5.mit.edu [18.7.68.34]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D18E412D11E; Sun, 10 Apr 2016 05:51:14 -0700 (PDT)
X-AuditID: 12074422-bf3ff70000007b1b-19-570a4c412059
Received: from mailhub-auth-3.mit.edu ( [18.9.21.43]) (using TLS with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by (Symantec Messaging Gateway) with SMTP id 94.E4.31515.14C4A075; Sun, 10 Apr 2016 08:51:13 -0400 (EDT)
Received: from outgoing.mit.edu (outgoing-auth-1.mit.edu [18.9.28.11]) by mailhub-auth-3.mit.edu (8.13.8/8.9.2) with ESMTP id u3ACpCqB006169; Sun, 10 Apr 2016 08:51:12 -0400
Received: from [192.168.128.57] (static-96-237-195-53.bstnma.fios.verizon.net [96.237.195.53]) (authenticated bits=0) (User authenticated as jricher@ATHENA.MIT.EDU) by outgoing.mit.edu (8.13.8/8.12.4) with ESMTP id u3ACp6aq019742 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NOT); Sun, 10 Apr 2016 08:51:07 -0400
To: Erik Wahlström <erik@wahlstromstekniska.se>, Samuel Erdtman <samuel@erdtman.se>
References: <D32BCF2D.31101%kepeng.lkp@alibaba-inc.com> <EA7D95DA-F8C0-4430-BE83-812E97F4CC12@erdtman.se> <CA+KYQAteKmZPY+ZOj2-VxLkUjmU7aMMJGHPMPjiBOZLurDyxyw@mail.gmail.com>
From: Justin Richer <jricher@mit.edu>
Message-ID: <570A4C2D.4030701@mit.edu>
Date: Sun, 10 Apr 2016 08:50:53 -0400
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:38.0) Gecko/20100101 Thunderbird/38.7.2
MIME-Version: 1.0
In-Reply-To: <CA+KYQAteKmZPY+ZOj2-VxLkUjmU7aMMJGHPMPjiBOZLurDyxyw@mail.gmail.com>
Content-Type: multipart/alternative; boundary="------------050806070808050500030608"
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFjrDKsWRmVeSWpSXmKPExsUixCmqrevowxVuMPurlMX3bz3MFtO2TmW1 +DqhidVi6c57rBYNO/MtLs8vsjj59hWbxf+lp5gspu+9xu7A6THx7UcWj7XdV9k8Xvzbw+ix c9Zddo/Fm/azeSxZ8pPJY820GSwB7FFcNimpOZllqUX6dglcGa/XXGYvmFFR8f7JaqYGxu/+ XYycHBICJhLXv3UzdTFycQgJtDFJrF5wiwXC2cgo8fzxGqjMbSaJn4vWMIK0CAtESMw63gmU 4OAQEciVeNTLDFGziVGi7/FMRhCHWWAXk8Sn5n6wBjYBVYnpa1qYQGxeATWJZU/fs4LYLEDx G9+/gcVFBWIkGh+cgqoRlDg58wkLiM0pECjRdeUNG4jNLBAm8WnqPtYJjPyzkJTNQpKCsM0k urZ2MULY8hLNW2czQ9hqEre3XWVHFl/AyLaKUTYlt0o3NzEzpzg1Wbc4OTEvL7VI11QvN7NE LzWldBMjKKLYXZR2ME7853WIUYCDUYmHN6KEM1yINbGsuDL3EKMkB5OSKK/VS45wIb6k/JTK jMTijPii0pzU4kOMEhzMSiK8Jx24woV4UxIrq1KL8mFS0hwsSuK8QZHHwoQE0hNLUrNTUwtS i2CyMhwcShK8BV5AjYJFqempFWmZOSUIaSYOTpDhPEDD2T1BhhcXJOYWZ6ZD5E8x6nKsm3Ft LZMQS15+XqqUOK8PyCABkKKM0jy4OaBEmPD2sOkrRnGgt4R52UBG8QCTKNykV0BLmICWPPvH CbKkJBEhJdXA2BTzmmNbZYBeamCjedIFaeXCbVZ+ueUbpKO5Gpat4Uir/dTVGpnp2FZ258Kh W9NS1oZ+td4rcYZl5p1WkRP8bAWTAgtcKo/K52T3teapLvnMEtgfzeDablwrv+P/ropj708K r9qvLbX3+W5b/YWMD4ynGe18VLGjNDMp4Xn1Tptv27QsJ3QosRRnJBpqMRcVJwIAk9cSyF8D AAA=
Archived-At: <http://mailarchive.ietf.org/arch/msg/ace/NZxLD4nxWKMRcMauYNOfvUQ8MeU>
Cc: cose <cose@ietf.org>, Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>, Kepeng Li <kepeng.lkp@alibaba-inc.com>, "ace@ietf.org" <ace@ietf.org>, Hannes Tschofenig <hannes.tschofenig@gmx.net>, "<oauth@ietf.org>" <oauth@ietf.org>, Stephen Farrell <stephen.farrell@cs.tcd.ie>
Subject: Re: [Ace] [COSE] Call for adoption for draft-wahlstroem-ace-cbor-web-token-00
X-BeenThere: ace@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" <ace.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ace>, <mailto:ace-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ace/>
List-Post: <mailto:ace@ietf.org>
List-Help: <mailto:ace-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ace>, <mailto:ace-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 10 Apr 2016 12:51:20 -0000

+1 for adoption, but please remove the "web" from the name.

One of the main features of JSON Web Tokens, from which this is 
inspired, is that it can be passed without any additional encoding in 
HTTP headers, parameters, forms, strings, etc. It's built for the "web" 
from the ground up.

The same is not true of the COSE-based token format here. It's designed 
for CoAP and other embedded systems that can speak the CBOR encoding 
natively. You could argue that this is the "web" in a sense but I think 
that it's misleading to implementors to claim such.

Therefore I strongly encourage the authors and ACE WG to drop the "web" 
from the name, leaving simply the COSE Token.

  -- Justin

On 4/10/2016 7:53 AM, Erik Wahlström wrote:
> +1
>
> On Thu, Apr 7, 2016 at 6:47 AM, Samuel Erdtman <samuel@erdtman.se 
> <mailto:samuel@erdtman.se>> wrote:
>
>     +1 for adoption
>
>     Sent from my iPhone
>
>     On 7 apr. 2016, at 03:34, Kepeng Li <kepeng.lkp@alibaba-inc.com
>     <mailto:kepeng.lkp@alibaba-inc.com>> wrote:
>
>>     To: ACE WG
>>     Cc: OAuth and COSE WG
>>
>>     Hello all,
>>     This note begins a Call For Adoption fordraft-wahlstroem-ace-cbor-web-token-00 [1]
>>     to be adopted as an ACE working group item, and added in the charter.
>>     The call ends on April 22, 2016.
>>
>>     Keep in mind that adoption of a document does not mean the document
>>     as-is is ready for publication. It is merely acceptance of the
>>     document as a starting point for what will be the final product
>>     of the ACE working group. The working group is free to make changes to
>>     the document according to the normal consensus process.
>>
>>     Please reply on this thread with expressions of support or opposition,
>>     preferably with comments, regarding accepting this as a work item.
>>
>>     Note that this email was also copied to OAuth and COSE WG, in
>>     order to
>>     get input from wider audience.
>>     Thanks,
>>     Kind Regards
>>     Kepeng (ACE co-chair)
>>
>>     [1]
>>     https://datatracker.ietf.org/doc/draft-wahlstroem-ace-cbor-web-token/
>>
>>     _______________________________________________
>>     Ace mailing list
>>     Ace@ietf.org <mailto:Ace@ietf.org>
>>     https://www.ietf.org/mailman/listinfo/ace
>
>     _______________________________________________
>     Ace mailing list
>     Ace@ietf.org <mailto:Ace@ietf.org>
>     https://www.ietf.org/mailman/listinfo/ace
>
>
>
>
> _______________________________________________
> COSE mailing list
> COSE@ietf.org
> https://www.ietf.org/mailman/listinfo/cose

v2.23.0 | Report a Bug | By Email