IETF Logo Mail Archive

Re: [COSE] Consensus Call: Adoption of the COSE Token

Hannes Tschofenig <hannes.tschofenig@gmx.net> Mon, 09 November 2015 09:38 UTC

Return-Path: <hannes.tschofenig@gmx.net>
X-Original-To: cose@ietfa.amsl.com
Delivered-To: cose@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BFEAA1B7B50 for <cose@ietfa.amsl.com>; Mon, 9 Nov 2015 01:38:00 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.61
X-Spam-Level:
X-Spam-Status: No, score=-2.61 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ibMznFPBpfdb for <cose@ietfa.amsl.com>; Mon, 9 Nov 2015 01:37:59 -0800 (PST)
Received: from mout.gmx.net (mout.gmx.net [212.227.15.19]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9F22F1B7B4F for <cose@ietf.org>; Mon, 9 Nov 2015 01:37:58 -0800 (PST)
Received: from [192.168.10.250] ([88.128.80.14]) by mail.gmx.com (mrgmx002) with ESMTPSA (Nemesis) id 0MUZG7-1Zne7t38cd-00RLwk; Mon, 09 Nov 2015 10:37:54 +0100
To: Justin Richer <jricher@mit.edu>, cose@ietf.org
References: <B163C432-E13C-4D35-B86B-066C1365232A@mit.edu>
From: Hannes Tschofenig <hannes.tschofenig@gmx.net>
Openpgp: id=071A97A9ECBADCA8E31E678554D9CEEF4D776BC9
X-Enigmail-Draft-Status: N1110
Message-ID: <56406970.5090801@gmx.net>
Date: Mon, 09 Nov 2015 10:37:52 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.3.0
MIME-Version: 1.0
In-Reply-To: <B163C432-E13C-4D35-B86B-066C1365232A@mit.edu>
Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="XuTPq1pQ3iKQX9jvhHMqAv702XkC3Wq7o"
X-Provags-ID: V03:K0:1ldx8iYm9BaWmVAKI6lM9eepIycoMk658mD8VIixxv54cH+97Q+ kdJ1RjmfhH5DR2IJ/JOfNxVEvHY/irdRnmA5g6KcR97TBxWqItAuO5NOjdEumV+I9bGcbaK zd51TW4ItXLQI9qW5lfn/ivyql2IH1+mYy0OpWmjFBdDCQ7LfD2TDFwuuJcbPWubyuBZj+H +qBrNzvGqgMFjG+fjojSw==
X-UI-Out-Filterresults: notjunk:1;V01:K0:Uw5LG6SSs14=:Qgewwf6QrSWytFYO9f9G1U oOSVpO9Au425wW87fSqUIUZbUiRJ+rx10Gr4HR2wL/SXDi0ptwvhbQzYaWXxZg1ROIUjsBmE/ cr5YfRJVgLvsutaMm8tvmtTe76vA0tSw7b765xG/KHGsP4tJWfxVVd6dPwCWEh4yHFefjj9k8 ii1SDco6NbHzSYZOGhHo6mWoxAG1k9qiFTvLICaZAMZ8Jwc2aIsWkIp+y1jKvFYrJv9ohLB0N f4eCAoA7/xSyif/iZa5UbWMXRVTrToKG6BMPC6HotEoZFC0DzMyhA6dB1ihJnELgaJvS7cTWE ijzKYRqjNomKNZRCoZWQTXIQpxJ7/qDkNuWxdQ4M+A5kwbgNRkgp9ka6cagLcoC0X2G4jWPeZ XLPpz/+cMUGph06I3qIdyGZZfbdU2HlPSgQY4iHskCb0cR4tEIJOmtwV5iLPEHbNFmOIhXaHd mSp4PnEfu55kiGn/X23qbiewiMChZlwFIVeI4dhEkN3JVKKwyTbTqMX5DZplKq2vznkNVhUyN NMRL6843YwuOzd1xdiWOk+hLOmEaOzNtc3zr6qmA+BQ7qDvxgiN70KDw0Lh4EDHhdpa+MdY7h mxmLT1nW/65s7OX2iHEGySA5fPgAPl/A7URhb1Fabti08TC/h+xQFSBOfl1MFgGyt1YeoDbOY Rk83NbzLtjOm4fEkRrTFlLGN3hL5+NccB/dZEJ4Ft6/bu+Uze1M4WN5qNceTWfTcfdt+wHadY J8JC2FTKg8mJzBxDTb8Fo/dLesb2Lfi9fLHh9rPGJ/5502EVcbDEtgN05sTjynP0unBYedEPE 4Tf4vri
Archived-At: <http://mailarchive.ietf.org/arch/msg/cose/mnoO8gVxJvI89gcrEm06Y1rFH54>
Subject: Re: [COSE] Consensus Call: Adoption of the COSE Token
X-BeenThere: cose@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: CBOR Object Signing and Encryption <cose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/cose>, <mailto:cose-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cose/>
List-Post: <mailto:cose@ietf.org>
List-Help: <mailto:cose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/cose>, <mailto:cose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 09 Nov 2015 09:38:00 -0000

Hi Justin, Hi Kepeng,

I believe the participants of the Yokohama IETF meeting already decided
against (D) with their agreement that this work is important.

In terms of expertise I believe COSE, OAuth, and ACE would be in a good
position. While OAuth is currently in a re-chartering process (as you
know) there is a lot of work on the plate already even though it is
distributed over a number of folks. Furthermore, there also seems to be
a strong overlap between the participants of the ACE and the COSE
working group whereby I believe that we have more participants in ACE
than in COSE since the scope is much broader.

Ultimately we are doing something very simple here: we are copying the
JSON encoded claims to CBOR encoded claims.

I believe that the AD should decide about where the work goes.

Ciao
Hannes


On 11/07/2015 09:01 AM, Justin Richer wrote:
> At the Yokohama meeting, the chairs agreed to do a consensus call regarding the adoption and placement of new work to define a COSE Token, analogous to the JWT from JOSE. In the room, there was a general sentiment of support for the work being done, with the wide adoption of JWT and its driving of JOSE being a common theme of precedent. What wasn’t clear is where the work should be done and to what end it should drive. The six positions we are asking the working group to consider and voice their support for are:
> 
> A) Define the COSE Token within the COSE working group along side the COSE Messages (and potentially COSE Auxiliary Algorithms) draft.
> B) Define the COSE Token inside the OAuth working group.
> C) Define the COSE Token inside the ACE working group.
> D) Don’t define the COSE Token anywhere.
> E) You need more information to decide.
> F) You don’t give a flying rat about the COSE Token.*
> 
> The consensus call will remain open for two weeks from today, closing on November 21, 2015; at which time, hopefully we will have a clear answer and direction to point this work.
> 
> Thank you,
>  — Justin & Kepeng, your COSE chairs
> 
> * I promised those in the room at Yokohama to offer a flying rat option, for which I am deeply sorry.
> _______________________________________________
> COSE mailing list
> COSE@ietf.org
> https://www.ietf.org/mailman/listinfo/cose
>

v2.23.0 | Report a Bug | By Email