Re: [jose] Whiteboard Discussion Minutes

Mike Jones <> Thu, 15 November 2012 20:46 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 0AE2621F8C42 for <>; Thu, 15 Nov 2012 12:46:23 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id XRe3AWkYvIzI for <>; Thu, 15 Nov 2012 12:46:22 -0800 (PST)
Received: from ( []) by (Postfix) with ESMTP id 27E2D21F8BC3 for <>; Thu, 15 Nov 2012 12:46:21 -0800 (PST)
Received: from ( by ( with Microsoft SMTP Server (TLS) id 15.0.556.9; Thu, 15 Nov 2012 20:46:19 +0000
Received: from ( by ( with Microsoft SMTP Server (TLS) id 15.0.556.9 via Frontend Transport; Thu, 15 Nov 2012 20:46:19 +0000
Received: from ([]) by ([]) with mapi id 14.02.0318.003; Thu, 15 Nov 2012 20:46:06 +0000
From: Mike Jones <>
To: "Matt Miller (mamille2)" <>, "" <>
Thread-Topic: Whiteboard Discussion Minutes
Thread-Index: Ac3DcjoE4OfAWA4iTayYn2cBOFtQEQ==
Date: Thu, 15 Nov 2012 20:46:05 +0000
Message-ID: <>
Accept-Language: en-US
Content-Language: en-US
x-originating-ip: []
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-Forefront-Antispam-Report: CIP:; CTRY:US; IPV:CAL; IPV:NLI; EFV:NLI; SFV:NSPM; SFS:(377454001)(13464001)(54316002)(76482001)(4396001)(46406002)(49866001)(5343645001)(47736001)(74662001)(53806001)(16406001)(47976001)(31966008)(33656001)(51856001)(54356001)(50986001)(5343655001)(56776001)(74502001)(46102001)(47776002)(56816001)(44976002)(50466001)(15202345001)(5343635001)(23726001)(551544001)(47446002)(55846005); DIR:OUT; SFP:; LANG:en;
X-Forefront-PRVS: 0666E15D35
Subject: Re: [jose] Whiteboard Discussion Minutes
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Javascript Object Signing and Encryption <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 15 Nov 2012 20:46:23 -0000

That's close to my recollection as well.  I'll summarize the primary conclusions in a different way to hopefully make them even clearer to people who weren't there:

(1)  We will define JWK extensions to represent private and symmetric keys
(2)  We will recommend protection of private and symmetric keys by encrypting their JWK representations in a JWE
(3)  We will define an additional JWA "alg" value for generation of a symmetric key from a password (thus enabling password-based key protection schemes)

The two deliverables we agreed to were:
(A)  The JWK extension document defining (1), which Mike will produce
(B)  A key protection application document specifying (2) and (3), which Matt will produce

Note that (B) will use the JWA registry to register (3), rather than adding (3) to the JWA doc itself.

				-- Mike

-----Original Message-----
From: [] On Behalf Of Matt Miller (mamille2)
Sent: Thursday, November 15, 2012 10:25 AM
Subject: [jose] Whiteboard Discussion MInutes

[ I urge the original participants to correct any omissions or glaring mistakes ]

* Richard Barnes
* John Bradley
* Joe Hildebrand
* Michael Jones
* Matt Miller
* Jim Schaad

"What's a JOSE"

We started with a discussion of what the areas of concerns for JOSE are (established or otherwise):

* public key
* private key
* symmetric key
* sign
* encrypt
* wrapped keys
* passphrase-based wrapping
* algorithms
* extensibility
* common attributes
* serialization/syntax

Regarding Keys

There was also discussion on whether wrapped keys were their own top-level object, or an application of JWE.  With this discussion, there was rough consensus that keys (including symmetric keys) should have the ability to include additional information (e.g. "expires" ).

For top-level, this is approximately as presented in the WG:
  "jwk":{ ... },
  "val":base64url(pk-encrypt(jku, symmetric key value)) }

For JWE application, the key would have a JWK representation:
  "key":base64url(symmetric key value)

Which is then serialized to UTF-8 and used as the plaintext into JWE.

Given this, there was very rough consensus that we pursue the "wrapped keys as JWE application" path, although it was suggested Richard provide a more concrete example of the top-level model.

Regarding Encrypted Private Keys

There was discussion and consensus on adding support for PBKDF2 to derive a symmetric key from a password.  The details are to be worked out as part of the wrapped key document.

Regarding Organization

There was discussion on the organization of items, and whether the current documentation is sufficient.  While there was no consensus on what the best layout is, there was also no consensus on changing anything.

Work Items

There was rough consensus on the following outputs, assuming no objections from the rest of the WG:

* A document extending "RSA" and "EC" with the private key factors, plus a new JWK for symmetric keys.  Tentatively to be done by Mike Jones, starting with draft-jones-jose-json-private-key
* A document that applies JWE to protecting keys (as JWK objects), and defines an algorithm that uses PBKDF2 for passphrase-based protection.  Tentatively to be done by Matt Miller.

- m&m

Matt Miller < >
Cisco Systems, Inc.

PS: If you are interested in the cryptic notes, the images are temporarily available at < >.