IETF Logo Mail Archive

[jose] Open Issue for WG Discussion: Disposition of JSON Serialization Functionality

Mike Jones <Michael.Jones@microsoft.com> Mon, 09 April 2012 16:25 UTC

Return-Path: <Michael.Jones@microsoft.com>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3237D21F8778 for <jose@ietfa.amsl.com>; Mon, 9 Apr 2012 09:25:49 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.798
X-Spam-Level:
X-Spam-Status: No, score=-3.798 tagged_above=-999 required=5 tests=[AWL=-0.200, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id A2Dn8GPSXKmN for <jose@ietfa.amsl.com>; Mon, 9 Apr 2012 09:25:47 -0700 (PDT)
Received: from db3outboundpool.messaging.microsoft.com (db3ehsobe003.messaging.microsoft.com [213.199.154.141]) by ietfa.amsl.com (Postfix) with ESMTP id D29F221F8738 for <jose@ietf.org>; Mon, 9 Apr 2012 09:25:46 -0700 (PDT)
Received: from mail103-db3-R.bigfish.com (10.3.81.230) by DB3EHSOBE004.bigfish.com (10.3.84.24) with Microsoft SMTP Server id 14.1.225.23; Mon, 9 Apr 2012 16:25:45 +0000
Received: from mail103-db3 (localhost [127.0.0.1]) by mail103-db3-R.bigfish.com (Postfix) with ESMTP id 70FCD3C073E for <jose@ietf.org>; Mon, 9 Apr 2012 16:25:45 +0000 (UTC)
X-SpamScore: -21
X-BigFish: VS-21(zzc85fh4015Izz1202hzz1033IL8275bh8275dhz2fh2a8h668h839hd25h)
X-Forefront-Antispam-Report: CIP:131.107.125.8; KIP:(null); UIP:(null); IPV:NLI; H:TK5EX14MLTC102.redmond.corp.microsoft.com; RD:none; EFVD:NLI
Received-SPF: pass (mail103-db3: domain of microsoft.com designates 131.107.125.8 as permitted sender) client-ip=131.107.125.8; envelope-from=Michael.Jones@microsoft.com; helo=TK5EX14MLTC102.redmond.corp.microsoft.com ; icrosoft.com ;
Received: from mail103-db3 (localhost.localdomain [127.0.0.1]) by mail103-db3 (MessageSwitch) id 1333988743330732_20585; Mon, 9 Apr 2012 16:25:43 +0000 (UTC)
Received: from DB3EHSMHS015.bigfish.com (unknown [10.3.81.246]) by mail103-db3.bigfish.com (Postfix) with ESMTP id 42A3E2C004A for <jose@ietf.org>; Mon, 9 Apr 2012 16:25:43 +0000 (UTC)
Received: from TK5EX14MLTC102.redmond.corp.microsoft.com (131.107.125.8) by DB3EHSMHS015.bigfish.com (10.3.87.115) with Microsoft SMTP Server (TLS) id 14.1.225.23; Mon, 9 Apr 2012 16:25:41 +0000
Received: from TK5EX14MBXC283.redmond.corp.microsoft.com ([169.254.2.13]) by TK5EX14MLTC102.redmond.corp.microsoft.com ([157.54.79.180]) with mapi id 14.02.0283.004; Mon, 9 Apr 2012 16:25:39 +0000
From: Mike Jones <Michael.Jones@microsoft.com>
To: "jose@ietf.org" <jose@ietf.org>
Thread-Topic: Open Issue for WG Discussion: Disposition of JSON Serialization Functionality
Thread-Index: Ac0WbWXHYX/Vund+T9CNkkvP3fJCBQ==
Date: Mon, 09 Apr 2012 16:25:38 +0000
Message-ID: <4E1F6AAD24975D4BA5B16804296739436645F6F6@TK5EX14MBXC283.redmond.corp.microsoft.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [157.54.51.36]
Content-Type: multipart/alternative; boundary="_000_4E1F6AAD24975D4BA5B16804296739436645F6F6TK5EX14MBXC283r_"
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
Subject: [jose] Open Issue for WG Discussion: Disposition of JSON Serialization Functionality
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/jose>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 09 Apr 2012 16:25:49 -0000

You'll recall that I created JSON Serialization drafts in response to WG input that use the same cryptographic operations as JWS and JWE, but that serialize the results into a JSON objects, rather than base64url encoded values separated by periods.  These representations also enable multiple signatures/HMACs to be used and content to be encrypted to multiple recipients.  The current versions of these drafts are:

*        http://tools.ietf.org/html/draft-jones-json-web-signature-json-serialization-01

*        http://tools.ietf.org/html/draft-jones-json-web-encryption-json-serialization-01

It was decided in Paris that the disposition of this functionality should be discussed by the WG on the list.  I think the questions we need to decide are:

1.  Is the working group interested in pursuing this functionality?  (Evidence to date is that the answer to this question is "yes".)

2.  If the answer to (1) is "yes", would the working group like to have this functionality be in working group documents at this time (rather than being described in individual submissions, as at present)?

3.  If the answer to (2) is "yes", should working group -00 versions of the JSON Serialization documents be created or should this functionality be folded into the existing JWS and JWE specs?

Arguments for keeping this functionality separate for now are:
  - Different level of maturity:  I'm aware of over a dozen implementations of JWS a few of JWE, but I know of no implementations of JWS-JS or JWE-JS.  There's an argument that we should keep this new functionality separate until we have "rough consensus and running code".
  - Document simplicity for the Compact Serialization use case.  Not describing a second serialization in the JWS and JWE documents makes the documents somewhat easier to read if all the implementer needs is the Compact Serialization.

Arguments for merging it in now are:
  - Fewer documents needed to provide comprehensive treatment of the material.

Opinions from the Working Group?

                                                            Thanks,
                                                            -- Mike

v2.23.0 | Report a Bug | By Email