[COSE] Protocol Action: 'CBOR Web Token (CWT) Claims in COSE Headers' to Proposed Standard (draft-ietf-cose-cwt-claims-in-headers-10.txt)
The IESG <iesg-secretary@ietf.org> Thu, 11 January 2024 23:03 UTC
Return-Path: <iesg-secretary@ietf.org>
X-Original-To: cose@ietf.org
Delivered-To: cose@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 4C44EC14F6E3; Thu, 11 Jan 2024 15:03:19 -0800 (PST)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
X-Test-IDTracker: no
X-IETF-IDTracker: 12.2.0
Auto-Submitted: auto-generated
Precedence: bulk
Cc: The IESG <iesg@ietf.org>, cose-chairs@ietf.org, cose@ietf.org, draft-ietf-cose-cwt-claims-in-headers@ietf.org, mprorock@mesur.io, orie@transmute.industries, paul.wouters@aiven.io, rfc-editor@rfc-editor.org
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
Message-ID: <170501419930.2829.7580846216352978221@ietfa.amsl.com>
Date: Thu, 11 Jan 2024 15:03:19 -0800
Archived-At: <https://mailarchive.ietf.org/arch/msg/cose/63k1rTIckjiPPlID4a0YUy09RNg>
Subject: [COSE] Protocol Action: 'CBOR Web Token (CWT) Claims in COSE Headers' to Proposed Standard (draft-ietf-cose-cwt-claims-in-headers-10.txt)
X-BeenThere: cose@ietf.org
X-Mailman-Version: 2.1.39
List-Id: CBOR Object Signing and Encryption <cose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/cose>, <mailto:cose-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cose/>
List-Post: <mailto:cose@ietf.org>
List-Help: <mailto:cose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/cose>, <mailto:cose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 11 Jan 2024 23:03:19 -0000
The IESG has approved the following document: - 'CBOR Web Token (CWT) Claims in COSE Headers' (draft-ietf-cose-cwt-claims-in-headers-10.txt) as Proposed Standard This document is the product of the CBOR Object Signing and Encryption Working Group. The IESG contact persons are Paul Wouters and Roman Danyliw. A URL of this Internet-Draft is: https://datatracker.ietf.org/doc/draft-ietf-cose-cwt-claims-in-headers/ Technical Summary This document describes how to include CBOR Web Token (CWT) claims in the header parameters of any COSE structure. This functionality helps to facilitate applications that wish to make use of CBOR Web Token (CWT) claims in encrypted COSE structures and/or COSE structures featuring detached signatures, while having some of those claims be available before decryption and/or without inspecting the detached payload. Working Group Summary The document received good feedback on the mailing list. It seems well supported by the working group. There were no major controversies. Document Quality No known implementations of this specific document, but many implementations of COSE headers exist, in particular: - https://github.com/erdtman/cose-js - https://github.com/veraison/go-cose (plans to implement) - https://github.com/transmute-industries/cose (plans to implement) This document is particularly relevant to RATS, SCITT and OAUTH at IETF and VCWG at W3C. It’s clear from discussions on the list that reviews have taken place from members who are active in these groups. There is only a small fragment of CDDL and it is very similar to the examples described in https://datatracker.ietf.org/doc/draft-ietf-rats-eat/ Document Personnel The Document Shepherd for this document is Orie Steele. The Responsible Area Director is Paul Wouters.