IETF Logo Mail Archive

Re: [jose] Next steps after the JWP BoF @ IETF 114

Roman Danyliw <rdd@cert.org> Wed, 31 August 2022 18:19 UTC

Return-Path: <rdd@cert.org>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AA025C15948D for <jose@ietfa.amsl.com>; Wed, 31 Aug 2022 11:19:44 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.907
X-Spam-Level:
X-Spam-Status: No, score=-1.907 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=seicmu.onmicrosoft.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BVFiMtkcF4Wm for <jose@ietfa.amsl.com>; Wed, 31 Aug 2022 11:19:43 -0700 (PDT)
Received: from USG02-CY1-obe.outbound.protection.office365.us (mail-cy1usg02on0128.outbound.protection.office365.us [23.103.209.128]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 91258C14792A for <jose@ietf.org>; Wed, 31 Aug 2022 11:19:43 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector5401; d=microsoft.com; cv=none; b=Li1ns6oV/YlDX1B9fzgPhW662mlhvLgRhcjAO2KBVyJyw98EHRccB2/dNdX7oRv1X+bvgMvT4Py3qFHk3PJJkW57pG4RSWxJVZV2OvixNlWLlLHLuGVDGgin78PnjaAoPh0ltv2+r3okLmMEA5ynQBj4b7KYqmgSLjLU0OdJtJ2Yl/1CocPWzQXF+/uhYuO7nJ3VnOWR1OrLxMOZ1rWdN9PGqPpEDcE8AUluGbgsQYRk5hnnjynQvbKTIBDMh46PJ5wg4QGLxb5nw/rzo383ipmG393FIIIdDbdoDpvK0YXKYmBm+wiKDgRUjsnv3wGCM7r78LnzMR5E/ggj3ljcXg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector5401; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=AWyMUArsBxNsQcJo63IQ+ghuI2AGQXmYxQBRpym5Xuw=; b=g3MfW2dlntUUaKHxD6xngG1TFjOjV+UzetJXRtZQ+xWA4guF/Bsu6aHX9VECoVdnP/nSQEEBS/mBzQY2Kc1WbxiHn9eJ6Xe8OIED0TUCIR+TSN6UuN1aRzdrCWUMULD4kva8AGN9ASofyKzMZ2kXB2nIqJOpGPWGZNV3NOlk/sDDYiu8gAsouGUK5OaJY/EsPcTpfg47sDY5aJSs3hW90S9DqRfYpPkllmn1pCxvQBcI5NCGHBZBz14ffxw7Mowp9bjuoSY0WYxvBI3gzTxGa+aGA+Rl8tnr52JN1BnjkHGOLIbavX7CKHz7B/ToMyqsCUxQpA0TqkkCkoECmgdAGQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cert.org; dmarc=pass action=none header.from=cert.org; dkim=pass header.d=cert.org; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=seicmu.onmicrosoft.com; s=selector1-seicmu-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=AWyMUArsBxNsQcJo63IQ+ghuI2AGQXmYxQBRpym5Xuw=; b=djTa8g1XvgSGEWFSoajtvptl18bTFfF/bgRPwioc6rmjd92/F3vxT5VR8EZ9NwpZu/AvJO6vrFVyLHrfbSJPb9Vdmkv5EyvidUGg8dc/eszeW36H6Cu6B3aHKLQN7v/gthgW4N/Zh3lNpKBRKcTlJIqpxF954vb+ZjLlWenrsJ0=
Received: from BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM (2001:489a:200:168::11) by BN2P110MB1333.NAMP110.PROD.OUTLOOK.COM (2001:489a:200:179::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5566.21; Wed, 31 Aug 2022 18:19:39 +0000
Received: from BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM ([fe80::2531:868b:fc1a:3716]) by BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM ([fe80::2531:868b:fc1a:3716%6]) with mapi id 15.20.5546.026; Wed, 31 Aug 2022 18:19:39 +0000
From: Roman Danyliw <rdd@cert.org>
To: "jose@ietf.org" <jose@ietf.org>
Thread-Topic: Re: Next steps after the JWP BoF @ IETF 114
Thread-Index: Adi9Yl/6vJ3i+dpNSKakS7iMqjnhtw==
Date: Wed, 31 Aug 2022 18:19:39 +0000
Message-ID: <BN2P110MB11071226F38F550956F1C0F8DC789@BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=cert.org;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 64068bc7-767a-4c5f-10d0-08da8b7d5e3a
x-ms-traffictypediagnostic: BN2P110MB1333:EE_
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: FXwbBPcU3l0FqsDM2b6BP43Bn/rnXOPLLRQlhlW2NW9lImtruRQEukAuFobd4trb59swHF6REfCikRUoAuoImIrxrdu4w+kA9eNue+E0xjLlkeWvPW5saoIN4MbAiU4vXB59Vlle7LR8M4zAHTMCv+t67/BuMJt3UBaVqAPP1sEu3RHQlD8oVTsAqZdqcuB8At5DQHbRvmrG7vUy7JkBvGWOBSYjVglgxq9RMiui7BzMMOQ8BALhUfjX66LVPQ0QI/PX0ByrR0RSg9J5QwGq1iBZ9SzCTSfWcOWJEruUb03t13VINwnCjB+9X1wVjV9U62xw2G4NpUIICXgjfYX5n6WgUh0I3qG2z8p5hAVhToM3/h8S7HPzJxxSN3ltkH0Q2XQKgTMxb5Vy+l4QrzoVihfnf5kAxpnvHQHM+4pHIOwDEZIi1+xgfTLjC/0e9IZxdq7hXf4IFM21ZFaxqATzbLW/Q4id4/9OaMauxlz1tPaj6vzNUH23g8ZsJfb6b294uYh/oxu+ye8q5fBuUlsdcKDBKrnHT5nqqdPcs5T5c+qNEHCBcBfYU/r5tJmGUTe4TN/luhP+zMI8TALijn7vnR/pbiNlP9NAmIzEjqBJnO2FJcxzadIyZxxO/fB7HG0Wi8I9BhgtaMioGizzaY4yRYTWnT5ULRIzZK/Ttpe6/VmwCyzug+wg9cTX3OLqJYknLtiNGdDb5jykIgzfl0ITGA==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(13230016)(366004)(498600001)(186003)(71200400001)(53546011)(6506007)(83380400001)(55016003)(7696005)(86362001)(66556008)(26005)(9686003)(82960400001)(66476007)(76116006)(38100700002)(966005)(66946007)(64756008)(66446008)(5660300002)(8936002)(8676002)(2906002)(6916009)(52536014)(33656002)(122000001)(38070700005); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: 64C2NP7QdPUeAGzmH8UQncHRbSAikZPRWt04PUsMSzCyS+01pDX4LVOv8Zo0jkgiTaZzrrwvfdCVdLk/OKlQvXxiWUSmVsOrlWnf4RZJEpXBY1O/M4IwdwD/L8cMkpvQ/SiIbhPqZtuKLCaf0YPtVy2ggEdhhhv5tIsm1GVYICCjZII+tvkwjpMMaa5zRU9/qg/spu8Mlx0POmeXsqbSxyXy48vjwRV7Nx1dP5LIAmIWzdtYL56DrwHAP1p6cDnEYpz5S7IRq8PtmIY9GHiX/0DVMi2vwbtpCoAvnLNe+MLD2z/FFEghWij3c5yjCPPLpWr76l3lfQhRDWHh+uAcqMWhoDlRgP5xWWf9OBwx24rJipGu5bvZrrBvgwmp3GygZXC2PVdfcC4lNE5RaYdrL59zwx8l6dcmqyIxsrah/Rk=
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: cert.org
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: 64068bc7-767a-4c5f-10d0-08da8b7d5e3a
X-MS-Exchange-CrossTenant-originalarrivaltime: 31 Aug 2022 18:19:39.4070 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 95a9dce2-04f2-4043-995d-1ec3861911c6
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN2P110MB1333
Archived-At: <https://mailarchive.ietf.org/arch/msg/jose/Sd6bUzAqCCm0ID6OXLZYauPmfPc>
Subject: Re: [jose] Next steps after the JWP BoF @ IETF 114
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/jose/>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 31 Aug 2022 18:19:44 -0000

Hi!

To add to Karen's summary, thank you to the co-chairs, presenters and BoF participants for starting this conversation around JWP.

The video recording [1] and notes [2] capture the full details of the meeting.  Key highlights I noted were: 

(a) The proponents of the work said that JWP:
-- required a new JOSE representation
-- was intended to satisfy unlinkability and support selective disclosure
-- would be used by W3C VC

(b) The community asked questions around:
-- (if JOSE were re-opened) would additional JOSE work be welcome (beyond JWP)
-- why the existing JOSE representations are insufficient
-- the design approach for realizing the security properties
-- links to prior work on disclosure in OAuth
-- links to the W3C work

(c) The community proposed:
-- exploring links with PrivacyPass

As stated at the close of the meeting and in Karen's summary below, more discussion is needed.  The proponents have asked for a virtual interim BOF before IETF 115 in November.  This request has been approved by the IESG.  Please watch this list for further details.  I would expect the agenda to cover many of the items noted in (b) and (c).

Regards,
Roman

[1] https://www.youtube.com/watch?v=cWS7ud6Br2Q
[2] https://notes.ietf.org/notes-ietf-114-jwp#

On Wed, Jul 27, 2022 at 6:51 PM Karen O'Donoghue <odonoghue@isoc.org> wrote:

> The JWP BoF was held on Monday. Thank you to the proponents who provided
> all the presentations and drafts for the BoF. The BoF ran out of time
> before reaching any conclusions. In hindsight, we should have scheduled two
> hours. At this stage we have been asked to continue discussion of the
> questions raised on the jose mailing list and schedule a virtual interim
> BoF. This will need to be approved by the IESG, and a key here will be
> demonstrating some progress on the questions raised on the mailing list.
>
>
>
> The draft minutes are available:
>
> https://notes.ietf.org/notes-ietf-114-jwp#
>
> Please review the minutes and provide any updates by next Friday 5 August.
>
>
>
> For additional information, the original BoF request is here:
>
> https://datatracker.ietf.org/doc/bofreq-miller-json-web-proofs/
>
> And the drafts and slides from the BoF are linked from the IETF 114
> agenda.
>
>
>
> Thanks,
>
> Karen
>
> _______________________________________________
> jose mailing list
> jose@ietf.org
> https://www.ietf.org/mailman/listinfo/jose
>

v2.23.0 | Report a Bug | By Email