Re: [jose] JOSE WG request from W3C WebCrypto API
"Jim Schaad" <ietf@augustcellars.com> Mon, 13 August 2012 19:48 UTC
Return-Path: <ietf@augustcellars.com>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0602D21F8602 for <jose@ietfa.amsl.com>; Mon, 13 Aug 2012 12:48:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.506
X-Spam-Level:
X-Spam-Status: No, score=-3.506 tagged_above=-999 required=5 tests=[AWL=0.093, BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id duG2hAQO+SsS for <jose@ietfa.amsl.com>; Mon, 13 Aug 2012 12:48:29 -0700 (PDT)
Received: from smtp2.pacifier.net (smtp2.pacifier.net [64.255.237.172]) by ietfa.amsl.com (Postfix) with ESMTP id 8FBAE21F85F4 for <jose@ietf.org>; Mon, 13 Aug 2012 12:48:29 -0700 (PDT)
Received: from Tobias (50-39-234-129.bvtn.or.frontiernet.net [50.39.234.129]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) (Authenticated sender: schaad@nwlink.com) by smtp2.pacifier.net (Postfix) with ESMTPSA id 762472C9C5; Mon, 13 Aug 2012 12:48:27 -0700 (PDT)
From: Jim Schaad <ietf@augustcellars.com>
To: 'Hannes Tschofenig' <hannes.tschofenig@gmx.net>
References: <5020216E.7050504@w3.org> <5027C586.8080902@w3.org> <003c01cd78bc$1ed60660$5c821320$@augustcellars.com> <4B89844A-279C-4800-BDA2-C73A0195974B@gmx.net>
In-Reply-To: <4B89844A-279C-4800-BDA2-C73A0195974B@gmx.net>
Date: Mon, 13 Aug 2012 12:47:00 -0700
Message-ID: <008601cd798c$6a5e26f0$3f1a74d0$@augustcellars.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Outlook 14.0
thread-index: AQLFlfTqqE/AKW0D4NQ2kQBPiDZx7QIHVRRoAg1xbPQBsJd0/5U5wZTg
Content-Language: en-us
Cc: 'Harry Halpin' <hhalpin@w3.org>, jose@ietf.org
Subject: Re: [jose] JOSE WG request from W3C WebCrypto API
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/jose>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 13 Aug 2012 19:48:30 -0000
> -----Original Message----- > From: Hannes Tschofenig [mailto:hannes.tschofenig@gmx.net] > Sent: Monday, August 13, 2012 9:30 AM > To: Jim Schaad > Cc: Hannes Tschofenig; 'Harry Halpin'; jose@ietf.org > Subject: Re: [jose] JOSE WG request from W3C WebCrypto API > > > On Aug 12, 2012, at 9:56 PM, Jim Schaad wrote: > > >> 2) While we'd like encourage the use of JOSE over ASN.1, it seems > >> like > > for > >> backwards compatibility having some level of ASN.1 support would be > >> useful and we *need* a format that allows key material (both private > >> and > >> public) to be exported. Folks seem to leaning towards ASN.1 as a > >> default format in the low-level API, and having JWK as a format that > >> can be built > > on > >> top of that in a possible high-level API. Would that be OK? > > > This is really interesting! > > The entire work on JSON signing and encryption was started since the Web > and browser guys told us that there no way they would ever want to use > ASN.1. Completely impossible - not compatible with the way how Web > applications are developed these days, and so on. > > > Now, they ask for ASN.1 support. I think this may be a simple case of - all of the low level crypto libraries that they might link to all support ASN.1 for dealing with asymmetric keys and they are trying to avoid doing the conversion to JOSE for that work. The other question is if we should just use ASN.1 for key formats in JOSE rather than the JSON version if they are going to go with ASN.1 anyway. Jim
- Re: [jose] JOSE WG request from W3C WebCrypto API Jim Schaad
- Re: [jose] JOSE WG request from W3C WebCrypto API Hannes Tschofenig
- Re: [jose] JOSE WG request from W3C WebCrypto API Jim Schaad
- Re: [jose] JOSE WG request from W3C WebCrypto API Mike Jones
- Re: [jose] JOSE WG request from W3C WebCrypto API Anthony Nadalin
- Re: [jose] JOSE WG request from W3C WebCrypto API Axel Nennker
- Re: [jose] JOSE WG request from W3C WebCrypto API Tschofenig, Hannes (NSN - FI/Espoo)
- [jose] Fwd: JOSE WG request from W3C WebCrypto API Karen O'Donoghue
- Re: [jose] Fwd: JOSE WG request from W3C WebCrypt… Karen O'Donoghue
- Re: [jose] JOSE WG request from W3C WebCrypto API Mike Jones
- [jose] private keys, leading zeros Manger, James H
- Re: [jose] JOSE WG request from W3C WebCrypto API Nat Sakimura
- Re: [jose] JOSE WG request from W3C WebCrypto API Justin Richer
- Re: [jose] private keys, leading zeros Mike Jones
- Re: [jose] JOSE WG request from W3C WebCrypto API Mike Jones
- Re: [jose] JOSE WG request from W3C WebCrypto API Justin Richer
- Re: [jose] JOSE WG request from W3C WebCrypto API Justin Richer
- Re: [jose] JOSE WG request from W3C WebCrypto API Harry Halpin
- Re: [jose] JOSE WG request from W3C WebCrypto API Nat Sakimura
- Re: [jose] JOSE WG request from W3C WebCrypto API Jim Schaad
- Re: [jose] private keys, leading zeros Manger, James H
- Re: [jose] JOSE WG request from W3C WebCrypto API Justin Richer
- Re: [jose] JOSE WG request from W3C WebCrypto API Mike Jones
- Re: [jose] JOSE WG request from W3C WebCrypto API Hannes Tschofenig
- Re: [jose] JOSE WG request from W3C WebCrypto API Jim Schaad