Re: [atoca] Call for submissions: Secure Alert Format

Peter Saint-Andre <stpeter@stpeter.im> Fri, 17 August 2012 19:06 UTC

Return-Path: <stpeter@stpeter.im>
X-Original-To: atoca@ietfa.amsl.com
Delivered-To: atoca@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9C83E21F85A1 for <atoca@ietfa.amsl.com>; Fri, 17 Aug 2012 12:06:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.793
X-Spam-Level:
X-Spam-Status: No, score=-102.793 tagged_above=-999 required=5 tests=[AWL=-0.194, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id piuC0AVi70Y8 for <atoca@ietfa.amsl.com>; Fri, 17 Aug 2012 12:06:16 -0700 (PDT)
Received: from stpeter.im (mailhost.stpeter.im [207.210.219.225]) by ietfa.amsl.com (Postfix) with ESMTP id 7128C21F85A2 for <atoca@ietf.org>; Fri, 17 Aug 2012 12:06:16 -0700 (PDT)
Received: from [192.168.0.4] (unknown [67.177.192.224]) (Authenticated sender: stpeter) by stpeter.im (Postfix) with ESMTPSA id 55F6B4050A; Fri, 17 Aug 2012 13:06:49 -0600 (MDT)
Message-ID: <502E9627.4030008@stpeter.im>
Date: Fri, 17 Aug 2012 13:06:15 -0600
From: Peter Saint-Andre <stpeter@stpeter.im>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:14.0) Gecko/20120713 Thunderbird/14.0
MIME-Version: 1.0
To: Martin Thomson <martin.thomson@gmail.com>
References: <CABkgnnXaDp-3D4msWLXQo8WCxojqMLp04ZSLa2P8YfXrGCGzOA@mail.gmail.com>
In-Reply-To: <CABkgnnXaDp-3D4msWLXQo8WCxojqMLp04ZSLa2P8YfXrGCGzOA@mail.gmail.com>
X-Enigmail-Version: 1.4.3
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Cc: atoca@ietf.org
Subject: Re: [atoca] Call for submissions: Secure Alert Format
X-BeenThere: atoca@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "Discussion list for the IETF Authority-to-Citizen Alert \(atoca\) working group." <atoca.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/atoca>, <mailto:atoca-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/atoca>
List-Post: <mailto:atoca@ietf.org>
List-Help: <mailto:atoca-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/atoca>, <mailto:atoca-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 17 Aug 2012 19:06:17 -0000

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 8/17/12 12:34 PM, Martin Thomson wrote:
> The ATOCA WG needs you.
> 
> It has been determined that providing a means of authenticating
> alerts is critical to the working group.
> 
> Please submit internet drafts containing proposals that address
> this problem before September 12.
> 
> Such a proposal must be able to carry CAP-formatted alerts in such
> a way that the source(s) of the alert can be authenticated by 
> recipients.  Attributing trust to that source is not necessarily 
> within scope, nor is it necessary to describe a protocol or
> delivery architecture.

Some years ago, the XMPP Standards Foundation defined a way to send
CAP-formatted alerts over XMPP:

http://xmpp.org/extensions/xep-0127.html

XMPP also includes methods for signed messages (e.g., RFC 3923,
although the XMPP WG is considering a more modern approach based on
the output of the JOSE WG).

If signed XMPP messages containing CAP-formatted alerts might be of
interest, I would be happy to write an I-D defining this approach in
more detail.

Peter

- -- 
Peter Saint-Andre
https://stpeter.im/


-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.18 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAlAulicACgkQNL8k5A2w/vxKaACg+FtkpH/ocmY9B08BfvNXgFLZ
YlEAoJiGG0s1B6nzHWIgVhSPBbvutfbZ
=CK+1
-----END PGP SIGNATURE-----