Re: [jose] Next steps after the JWP BoF @ IETF 114
Jeremie Miller <jeremie.miller@gmail.com> Sat, 30 July 2022 17:02 UTC
Return-Path: <jeremie.miller@gmail.com>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6555EC13CCC7 for <jose@ietfa.amsl.com>; Sat, 30 Jul 2022 10:02:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.108
X-Spam-Level:
X-Spam-Status: No, score=-2.108 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uV6gRtSIo8mc for <jose@ietfa.amsl.com>; Sat, 30 Jul 2022 10:02:37 -0700 (PDT)
Received: from mail-ot1-x335.google.com (mail-ot1-x335.google.com [IPv6:2607:f8b0:4864:20::335]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 064ADC14F747 for <jose@ietf.org>; Sat, 30 Jul 2022 10:02:37 -0700 (PDT)
Received: by mail-ot1-x335.google.com with SMTP id o16-20020a9d4110000000b0061cac66bd6dso5304511ote.11 for <jose@ietf.org>; Sat, 30 Jul 2022 10:02:36 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=xbf0nilKqiddHpN57Wv3zL8y9ebYCC0XXQEJ3B0jeWU=; b=G8nDzH/qR9gIaKFaDw709LOoV+AVbKXc2ItPPe/536WwIlB/1IaND91ztu6/meKlKt tiUlGCy9nbXEWCnYN5zwXknaN3dClvuNNh6uQoi9EA8E2M7tn/exgOag81IonMy99cFN oHtZ/j+UktZjfbaKZ+PSjuL9zTL/0FD8y8Yh6saLdaWGfXFy31Ra+6lxYOp8UPqHpauq YpEhfrpxq1WXDGQGPoG+9jdAQdNjHPHogvSUHtMvoYBQt6OpOqZATH1hIy6pNfm0DkDK QUpSrYMwbmUFn4SqfVUDVq3A/thjTFd6BskPcnhjTnjgx8Su4rVtCRcVkA6y5Z6dpMFr EUwA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=xbf0nilKqiddHpN57Wv3zL8y9ebYCC0XXQEJ3B0jeWU=; b=SoMV1pvRC0iB94oW+5gOhR6kgtPUQ/gzjdGuVptRBp6Q17GI/5asc2vTY7iJvzwSUf Nsq8Jl8K/T10KJC4QkDdEKsehhJLeLII9qzQ7JPxIlGZlJE9IZpawISQlFJ/1SY7TihX C9KdoqRKW0iw8AHP5UQypEKFGNGxGBpp6hyiPu1e7MAdTcvBjixTB0iFLAiHoPzZD5qZ YEjwu302D6KJQwcrq8FNmJkcU8pMEA9D++l2R36hjaGT8cT9m0FQKroJiB4uX2ajiQnm AjTFaqmfnZ4hUyIZtvXJMbMKN1Ma1UUohHEy56MUAanvg7Y3P85aiMQIZsfSk3JJgC3D 22zw==
X-Gm-Message-State: AJIora8b9wXT6Bwb+Z4D36P/0mnOJMpQUtHBIghie2KLvTbXFymdm/fL TrSK+EqLC9LrZ+gdB2tT9WUdLaQDzqO0Vb9PoZw=
X-Google-Smtp-Source: AGRyM1vf7X1vGowekvzqbyLaYp4lh/GxjwN3l+Hvvi/yg9DGs46cZp4TM4plZ9Wy1XonyLwomRvPVaYHL1abPLOX7v0=
X-Received: by 2002:a9d:333:0:b0:61c:a0ed:b784 with SMTP id 48-20020a9d0333000000b0061ca0edb784mr3605792otv.91.1659200555942; Sat, 30 Jul 2022 10:02:35 -0700 (PDT)
MIME-Version: 1.0
References: <PH0PR06MB706116362B6F56B45F7D5067C2979@PH0PR06MB7061.namprd06.prod.outlook.com> <CA+k3eCReiagB5Z0RoXaQK5xJzm1m5Z+Qh7E-uaBy4rLrOjt6ag@mail.gmail.com>
In-Reply-To: <CA+k3eCReiagB5Z0RoXaQK5xJzm1m5Z+Qh7E-uaBy4rLrOjt6ag@mail.gmail.com>
From: Jeremie Miller <jeremie.miller@gmail.com>
Date: Sat, 30 Jul 2022 11:02:24 -0600
Message-ID: <CAAFNpxvT-8H6Z-PWTFKt=W3em9uoBLzfX5PYRqDSULmUCRf-zQ@mail.gmail.com>
To: Brian Campbell <bcampbell=40pingidentity.com@dmarc.ietf.org>
Cc: Karen O'Donoghue <odonoghue@isoc.org>, "jose@ietf.org" <jose@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000bf89cb05e508bbe8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/jose/GR3OSOrFLVW2GsXrA5OGD-I1FcY>
Subject: Re: [jose] Next steps after the JWP BoF @ IETF 114
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/jose/>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 30 Jul 2022 17:02:37 -0000
Thanks for clarifying Brian, I still think this is one of the best discussion points: For that reason and others, I'd suggest that JWP focus only on newer cypto > and the things JWS really cannot currently achieve and have JWP in general > provide a consistent set of security/privacy properties. > Since this unlinkability property primarily concerns the holder entity, I could phrase the question as: does the holder developer expect that when generating a JWP presentation it will always have the unlinkable privacy guarantee? Consequently, when they're unable to choose JWP due to the inherent underlying algorithm requirements and still require unlinkability, is SD-JWT with a batch/refresh single-use mode an adequate fallback? Jer
- [jose] Next steps after the JWP BoF @ IETF 114 Karen O'Donoghue
- Re: [jose] Next steps after the JWP BoF @ IETF 114 Brian Campbell
- Re: [jose] Next steps after the JWP BoF @ IETF 114 Jeremie Miller
- Re: [jose] Next steps after the JWP BoF @ IETF 114 Brian Campbell
- Re: [jose] Next steps after the JWP BoF @ IETF 114 Roman Danyliw