IETF Logo Mail Archive

Re: [COSE] Consensus Call: Adoption of the COSE Token

Göran Selander <goran.selander@ericsson.com> Tue, 17 November 2015 17:34 UTC

Return-Path: <goran.selander@ericsson.com>
X-Original-To: cose@ietfa.amsl.com
Delivered-To: cose@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B9FA61A6EE6 for <cose@ietfa.amsl.com>; Tue, 17 Nov 2015 09:34:17 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.901
X-Spam-Level:
X-Spam-Status: No, score=-3.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xe4cuxVj8BqI for <cose@ietfa.amsl.com>; Tue, 17 Nov 2015 09:34:16 -0800 (PST)
Received: from sessmg23.ericsson.net (sessmg23.ericsson.net [193.180.251.45]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 84C9A1A6EE2 for <cose@ietf.org>; Tue, 17 Nov 2015 09:34:15 -0800 (PST)
X-AuditID: c1b4fb2d-f79626d000004282-af-564b6515f8e5
Received: from ESESSHC016.ericsson.se (Unknown_Domain [153.88.183.66]) by sessmg23.ericsson.net (Symantec Mail Security) with SMTP id 05.19.17026.5156B465; Tue, 17 Nov 2015 18:34:13 +0100 (CET)
Received: from ESESSMB303.ericsson.se ([169.254.3.32]) by ESESSHC016.ericsson.se ([153.88.183.66]) with mapi id 14.03.0248.002; Tue, 17 Nov 2015 18:34:13 +0100
From: Göran Selander <goran.selander@ericsson.com>
To: 'Justin Richer' <jricher@mit.edu>, "cose@ietf.org" <cose@ietf.org>
Thread-Topic: [COSE] Consensus Call: Adoption of the COSE Token
Thread-Index: AQHRGTKYft5ujcEK4Ey9G8NoRi4OuJ6Q1nWAgAKWwoCADRy6gA==
Date: Tue, 17 Nov 2015 17:34:12 +0000
Message-ID: <D2711FB0.3E133%goran.selander@ericsson.com>
References: <B163C432-E13C-4D35-B86B-066C1365232A@mit.edu> <04de01d1198c$d02cae40$70860ac0$@augustcellars.com> <D2661E95.3CC3F%goran.selander@ericsson.com>
In-Reply-To: <D2661E95.3CC3F%goran.selander@ericsson.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/14.4.7.141117
x-originating-ip: [153.88.183.150]
Content-Type: text/plain; charset="utf-8"
Content-ID: <DD8E2F34D3B3394590090551A44F3E1E@ericsson.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFprPIsWRmVeSWpSXmKPExsUyM2K7k65oqneYwYM7RhbTtk5ltdhw7SWr A5PHkiU/mTyazhxlDmCK4rJJSc3JLEst0rdL4Mo4c+gIe8EmxYrrc0obGI8odDFyckgImEg8 aJrNBGGLSVy4t56ti5GLQ0jgMKPE7V3TWCCcxYwS1+/0MINUsQm4SDxoeATWISLgJvH3IUS3 sICdxKql09kg4vYSF6dMZ4GwnSQ271rMCGKzCKhK7Fu3BizOK2Ah0dq1BGrbfEaJlX13wBZw ClhKbN+zAcxmBDrp+6k1YAuYBcQlbj2ZD3WqgMSSPeeZIWxRiZeP/7GC2KICehIrrzexQcSV JFZsvwS0mAOoV1Ni/S59iDHWEtdOzmWEsBUlpnQ/ZIe4R1Di5MwnLBMYxWch2TYLoXsWku5Z SLpnIelewMi6ilG0OLW4ODfdyFgvtSgzubg4P08vL7VkEyMw2g5u+a27g3H1a8dDjAIcjEo8 vAUXvMKEWBPLiitzDzFKcDArifByWnmHCfGmJFZWpRblxxeV5qQWH2KU5mBREudtYXoQKiSQ nliSmp2aWpBaBJNl4uCUamBM3bn4/7E/krP2cTyxV/x3RNdlcdGFTvnnKqav37GJ3E9Tfi7e 88L3XOLhln9x6Sbsjw6Jn80//CWZe+cd7cyZ7uuPFgY0HDq6ZXbA/9WW7L9caxkqc/a2VG25 vsD1+O6oT9mr7BY5G6s16jak2ymXJVq8+Rt9e07Rg+3VT3mX3lvA2MibeDpUiaU4I9FQi7mo OBEAY0bweLICAAA=
Archived-At: <http://mailarchive.ietf.org/arch/msg/cose/r-GV00xlSdNA30l4cr2Kx0JPbT4>
Subject: Re: [COSE] Consensus Call: Adoption of the COSE Token
X-BeenThere: cose@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: CBOR Object Signing and Encryption <cose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/cose>, <mailto:cose-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cose/>
List-Post: <mailto:cose@ietf.org>
List-Help: <mailto:cose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/cose>, <mailto:cose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 17 Nov 2015 17:34:17 -0000

I would like to withdraw my previous vote. With the assumption that CWT is
defined as a 1-1 mapping of JWT (which is not how it was defined in the
reference below) I don’t have a strong opinion about where it is defined.
But ACE-specific claims of a JWT/CWT (such as D.1.10) should be defined in
ACE. I believe the latter point of view aligns with that expressed by
others.

Göran


On 2015-11-09 10:20, "Göran Selander" <goran.selander@ericsson.com> wrote:

>I vote for C. It would be good if this work could be carried out where
>there is both OAuth competence and constrained node network competence. I
>believe ACE could be a match here since such competences will anyway be
>required to evaluate
>
>https://datatracker.ietf.org/doc/draft-seitz-ace-oauth-authz/
>
>
>which is the preferred starting point for a solution according to the f2f
>meeting. There is already some text on “CBOR Web Token" in appendix D.
>
>Göran
>
>
>On 2015-11-07 19:47, "Jim Schaad" <ietf@augustcellars.com> wrote:
>
>>Either B or C.
>>
>>> -----Original Message-----
>>> From: COSE [mailto:cose-bounces@ietf.org] On Behalf Of Justin Richer
>>> Sent: Saturday, November 07, 2015 12:02 AM
>>> To: cose@ietf.org
>>> Subject: [COSE] Consensus Call: Adoption of the COSE Token
>>> 
>>> At the Yokohama meeting, the chairs agreed to do a consensus call
>>>regarding
>>> the adoption and placement of new work to define a COSE Token,
>>>analogous to
>>> the JWT from JOSE. In the room, there was a general sentiment of
>>>support for
>>> the work being done, with the wide adoption of JWT and its driving of
>>>JOSE
>>> being a common theme of precedent. What wasn’t clear is where the work
>>> should be done and to what end it should drive. The six positions we
>>>are asking
>>> the working group to consider and voice their support for are:
>>> 
>>> A) Define the COSE Token within the COSE working group along side the
>>>COSE
>>> Messages (and potentially COSE Auxiliary Algorithms) draft.
>>> B) Define the COSE Token inside the OAuth working group.
>>> C) Define the COSE Token inside the ACE working group.
>>> D) Don’t define the COSE Token anywhere.
>>> E) You need more information to decide.
>>> F) You don’t give a flying rat about the COSE Token.*
>>> 
>>> The consensus call will remain open for two weeks from today, closing
>>>on
>>> November 21, 2015; at which time, hopefully we will have a clear answer
>>>and
>>> direction to point this work.
>>> 
>>> Thank you,
>>>  — Justin & Kepeng, your COSE chairs
>>> 
>>> * I promised those in the room at Yokohama to offer a flying rat
>>>option, for
>>> which I am deeply sorry.
>>> _______________________________________________
>>> COSE mailing list
>>> COSE@ietf.org
>>> https://www.ietf.org/mailman/listinfo/cose
>>
>>_______________________________________________
>>COSE mailing list
>>COSE@ietf.org
>>https://www.ietf.org/mailman/listinfo/cose
>
>_______________________________________________
>COSE mailing list
>COSE@ietf.org
>https://www.ietf.org/mailman/listinfo/cose

v2.23.0 | Report a Bug | By Email