[Acme] JOSE usage (was Re: WG meeting at IETF 93)
Richard Barnes <rlb@ipv.sx> Mon, 06 July 2015 14:35 UTC
Return-Path: <rlb@ipv.sx>
X-Original-To: acme@ietfa.amsl.com
Delivered-To: acme@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CF7FA1A88A9 for <acme@ietfa.amsl.com>; Mon, 6 Jul 2015 07:35:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.978
X-Spam-Level:
X-Spam-Status: No, score=-1.978 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FM_FORGED_GMAIL=0.622, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qIgrWlctdHzf for <acme@ietfa.amsl.com>; Mon, 6 Jul 2015 07:35:44 -0700 (PDT)
Received: from mail-vn0-f53.google.com (mail-vn0-f53.google.com [209.85.216.53]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A64851A6FEE for <acme@ietf.org>; Mon, 6 Jul 2015 07:35:44 -0700 (PDT)
Received: by vnbf62 with SMTP id f62so7703683vnb.8 for <acme@ietf.org>; Mon, 06 Jul 2015 07:35:43 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:date:message-id:subject:from:to:cc :content-type; bh=kaAT9Ym15PySmZr4KAGaJIDR/sqD5UhJbHsQte9TAWs=; b=A/4TZ97KrP/O+w+WElpywURpWnfy3ZEoD+1Ci3nxV4ZASTRow+lBHt1iCQOyKml9tw kCbJ2H2/W6zOyO0qJjbeMkOGJD7fUI+k4NffJzGEC1bVWIaNt19Jf+ti030ZQx708hoz ePi2zpXdfTUMJ5T9bVkO9YwzoznE+Kbd1q9RRdmaEluvXLyzrmeIMHj3xwWu0a0U+ni9 P1PdX1KCO51oC7TMFnXdern5Jcm9jDCws5gvfxSxSqlt7Q0wqwFkHQlsers9h8Cfe5Xv zANlpoKDaW7hVK7f+4EORJG796AbfqgJ8DIh3CDLcQsR16tsHdg8qVAo/eIDwRzCKmrE r5GQ==
X-Gm-Message-State: ALoCoQmg3o1fEKeHU/tCLNJ/XgE0HHHk07WY/MCpYtHmu4Yg+nIA9a2ymPFqRUOjtsfLdX0wr2C8
MIME-Version: 1.0
X-Received: by 10.52.183.233 with SMTP id ep9mr50575900vdc.38.1436193343695; Mon, 06 Jul 2015 07:35:43 -0700 (PDT)
Received: by 10.31.164.207 with HTTP; Mon, 6 Jul 2015 07:35:43 -0700 (PDT)
Date: Mon, 06 Jul 2015 10:35:43 -0400
Message-ID: <CAL02cgTG50h_XYT6vSh+QczGEPfeh0ueBu=cK5dBeN8-=HpR-A@mail.gmail.com>
From: Richard Barnes <rlb@ipv.sx>
To: Phillip Hallam-Baker <phill@hallambaker.com>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <http://mailarchive.ietf.org/arch/msg/acme/wSW5tUw1f4plk56kDlJdYu1_84g>
Cc: "Salz, Rich" <rsalz@akamai.com>, Ted Hardie <ted.ietf@gmail.com>, "acme@ietf.org" <acme@ietf.org>
Subject: [Acme] JOSE usage (was Re: WG meeting at IETF 93)
X-BeenThere: acme@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Automated Certificate Management Environment <acme.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/acme>, <mailto:acme-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/acme/>
List-Post: <mailto:acme@ietf.org>
List-Help: <mailto:acme-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/acme>, <mailto:acme-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 06 Jul 2015 14:35:49 -0000
Dealing with JOSE nuances is not germane to this WG. Yes, JOSE has failings -- pretty much all of which were pointed out during the JOSE WG process, and dismissed at the time. They are not so bad, however, as to render JOSE as-is unusable. Certainly the cure described in draft-jones-jose-jws-signing-input-options is much worse than the disease. Either let's scrap JOSE and re-design more cleanly, or let's just use it with the flaws it has. On Mon, Jul 6, 2015 at 10:14 AM, Phillip Hallam-Baker <phill@hallambaker.com> wrote: > Another point I think should be considered on the agenda is how to use JOSE > in the spec. > > I think it would be a very good idea to adopt the approach Mike Jones and > myself have been suggesting of using JOSE without base64 armoring for > authenticating requests and responses at the Web Service level. > > http://tools.ietf.org/html/draft-jones-jose-jws-signing-input-options-00 > > > I really hope that ACME is not going to be the last JSON based security spec > IETF does and I would really like all the specs to end up with something > approaching a uniform style. > > > > On Tue, Jun 30, 2015 at 4:12 PM, Ted Hardie <ted.ietf@gmail.com> wrote: >> >> Just to bump this up on people's lists, Rich and I will put up a >> preliminary agenda next Monday. If you want time for something other than >> draft-barnes-acme, please let us know. >> >> thanks, >> >> Ted and Rich >> >> On Fri, Jun 26, 2015 at 10:54 AM, Ted Hardie <ted.ietf@gmail.com> wrote: >>> >>> Howdy, >>> >>> As you've seen from the IESG announcement, ACME has been approved as a >>> working group, so our meeting in Prague will be as a working group rather >>> than a BoF. The IETF agenda is still tentative, but we're currently >>> scheduled for Thursday, July 23rd, 15:20-17:20, in Karlin I/II. (There is >>> still a chance that will change, though, so please do not tailor travel to >>> just that time frame!) >>> >>> Our charter lists draft-barnes-acme as a starting point, and Rich and I >>> are asking the authors to produce an update for the meeting. We expect some >>> of the working group time in Prague to be a document review/discussion of >>> that draft. >>> >>> If you have other agenda items you'd like to request time for, please >>> send them to the list. >>> >>> thanks, >>> >>> Ted and Rich >> >> >> >> _______________________________________________ >> Acme mailing list >> Acme@ietf.org >> https://www.ietf.org/mailman/listinfo/acme >> > > > _______________________________________________ > Acme mailing list > Acme@ietf.org > https://www.ietf.org/mailman/listinfo/acme >
- [Acme] JOSE usage (was Re: WG meeting at IETF 93) Richard Barnes
- Re: [Acme] JOSE usage (was Re: WG meeting at IETF… Phillip Hallam-Baker
- Re: [Acme] JOSE usage (was Re: WG meeting at IETF… Richard Barnes