IETF Logo Mail Archive

[jose] updated draft charter text incorporating AD's comments

Karen O'Donoghue <odonoghue@isoc.org> Sun, 10 March 2013 18:13 UTC

Return-Path: <odonoghue@isoc.org>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2FC7221F88B1 for <jose@ietfa.amsl.com>; Sun, 10 Mar 2013 11:13:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -103.599
X-Spam-Level:
X-Spam-Status: No, score=-103.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id e95KT7jZ-tOV for <jose@ietfa.amsl.com>; Sun, 10 Mar 2013 11:13:06 -0700 (PDT)
Received: from smtp134.ord.emailsrvr.com (smtp134.ord.emailsrvr.com [173.203.6.134]) by ietfa.amsl.com (Postfix) with ESMTP id 50F9221F88AC for <jose@ietf.org>; Sun, 10 Mar 2013 11:13:06 -0700 (PDT)
Received: from localhost (localhost.localdomain [127.0.0.1]) by smtp17.relay.ord1a.emailsrvr.com (SMTP Server) with ESMTP id 0CF5538012B for <jose@ietf.org>; Sun, 10 Mar 2013 14:13:06 -0400 (EDT)
X-Virus-Scanned: OK
Received: by smtp17.relay.ord1a.emailsrvr.com (Authenticated sender: odonoghue-AT-isoc.org) with ESMTPSA id D24C2380119 for <jose@ietf.org>; Sun, 10 Mar 2013 14:13:05 -0400 (EDT)
Message-ID: <513CCD31.8050408@isoc.org>
Date: Sun, 10 Mar 2013 14:13:05 -0400
From: Karen O'Donoghue <odonoghue@isoc.org>
Organization: ISOC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:17.0) Gecko/20130216 Thunderbird/17.0.3
MIME-Version: 1.0
To: jose@ietf.org
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
Subject: [jose] updated draft charter text incorporating AD's comments
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: odonoghue@isoc.org
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/jose>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 10 Mar 2013 18:13:07 -0000

Folks,

Here is the updated charter text based on Sean's comments and Mike's 
response. If there are any errors, please identify them asap as I plan 
to forward this back to Sean (and thus the IESG) in the very near future.

Regards,
Karen


Description of JOSE Working Group

JavaScript Object Notation (JSON) is a text format for the serialization 
of structured
data described in RFC 4627.  The JSON format is often used for 
serializing and
transmitting structured data over a network connection. With the 
increased usage
of JSON in protocols in the IETF and elsewhere, there is now a desire to 
offer
security services for JSON with encryption, digital signatures, and 
message authentication
codes (MACs).

Different proposals for providing such security services have already 
been defined
and implemented.  This Working Group will standardize the mechanism for 
integrity
protection (signature and MAC) and encryption as well as the format for 
keys and algorithm
identifiers to support interoperability of security services for 
protocols that
use JSON. The Working Group will base its work on well-known message 
security primitives
(e.g., CMS), and will solicit input from the rest of the IETF Security 
Area to be sure
that the security functionality in the JSON format is sound.

As JSON adoption expands, the different applications utilizing JSON 
security services
will grow and this leads to the need to support different requirements. 
The WG will
develop a generic syntax that can be used by applications to secure 
JSON-data, but
it will be up to the application to fully specify the use of the WG's 
documents much
the same way S/MIME is the application of CMS to MIME-based media types.

This group is chartered to work on the following deliverables:

(1) A Standards Track document or documents specifying how to apply 
JSON-structured
integrity protection to data, including (but not limited to) JSON data 
structures.
"Integrity protection" includes public-key digital signatures as well as 
symmetric-key MACs.

(2) A Standards Track document or documents specifying how to apply a 
JSON-structured
encryption to data, including (but not limited to) JSON data structures.

(3) A Standards Track document specifying how to encode public keys as JSON-
structured objects.

(4) A Standards Track document specifying algorithms and algorithm 
identifiers for
the previous three documents.

(5) A Standards Track document specifying how to encode private and 
symmetric
keys as JSON-structured objects.  This document will build upon the 
concepts and
structures in (3).

(6) A Standards Track document specifying a means of protecting private 
and symmetric
keys via encryption.  This document will build upon the concepts and 
structures in (2)
and (5).  This document may register additional algorithms in registries 
defined by (4).

(7) An Informational document detailing Use Cases and Requirements for 
JSON Object
Signing and Encryption (JOSE).

(8) An Informational document that tells an application what needs to be 
specified in order
to implement JOSE.

One or more of these goals may be combined into a single document, in 
which case the
concrete milestones for these goals will be satisfied by the 
consolidated document(s).

v2.23.0 | Report a Bug | By Email