IETF Logo Mail Archive

Re: [jose] updated draft charter text incorporating AD's comments

Dan Brown <dbrown@certicom.com> Mon, 11 March 2013 18:44 UTC

Return-Path: <prvs=6782dedd61=dbrown@certicom.com>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 81FE121F8E9E for <jose@ietfa.amsl.com>; Mon, 11 Mar 2013 11:44:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.203
X-Spam-Level:
X-Spam-Status: No, score=-5.203 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, MIME_QP_LONG_LINE=1.396, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZJ2EGILtAfNA for <jose@ietfa.amsl.com>; Mon, 11 Mar 2013 11:44:58 -0700 (PDT)
Received: from mhs060cnc.rim.net (mhs060cnc.rim.net [208.65.73.34]) by ietfa.amsl.com (Postfix) with ESMTP id 7514821F8E9A for <jose@ietf.org>; Mon, 11 Mar 2013 11:44:58 -0700 (PDT)
X-AuditID: 0a41282f-b7fa06d000002431-d3-513e261c4a3a
Received: from XCT108CNC.rim.net (xct108cnc.rim.net [10.65.161.208]) by mhs060cnc.rim.net (SBG) with SMTP id 02.6E.09265.C162E315; Mon, 11 Mar 2013 13:44:44 -0500 (CDT)
Received: from XCT116CNC.rim.net (10.65.161.216) by XCT108CNC.rim.net (10.65.161.208) with Microsoft SMTP Server (TLS) id 14.2.328.9; Mon, 11 Mar 2013 14:44:44 -0400
Received: from XMB111CNC.rim.net ([fe80::fcd6:cc6c:9e0b:25bc]) by XCT116CNC.rim.net ([::1]) with mapi id 14.02.0328.009; Mon, 11 Mar 2013 14:44:43 -0400
From: Dan Brown <dbrown@certicom.com>
To: 'Mike Jones' <Michael.Jones@microsoft.com>, "odonoghue@isoc.org" <odonoghue@isoc.org>, "jose@ietf.org" <jose@ietf.org>
Thread-Topic: [jose] updated draft charter text incorporating AD's comments
Thread-Index: AQHOHbsEEMu3ADlKPk6w4aZVomhFEpihAX+A///M3hA=
Date: Mon, 11 Mar 2013 18:44:43 +0000
Message-ID: <810C31990B57ED40B2062BA10D43FBF511144B@XMB111CNC.rim.net>
References: <513CCD31.8050408@isoc.org> <4E1F6AAD24975D4BA5B1680429673943674F6B1E@TK5EX14MBXC283.redmond.corp.microsoft.com>
In-Reply-To: <4E1F6AAD24975D4BA5B1680429673943674F6B1E@TK5EX14MBXC283.redmond.corp.microsoft.com>
Accept-Language: en-CA, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.65.160.251]
Content-Type: text/plain; charset="us-ascii"
content-transfer-encoding: quoted-printable
MIME-Version: 1.0
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFrrBKsWRmVeSWpSXmKPExsXC5bjwgq6Mml2gwZxVahZr1nQzWeyd9onF Ytaj/cwOzB5Llvxk8ng1rZHVo3XHX/YA5qgGRpukxJKy4Mz0PH07m8S8vPySxJJUhZTU4mRb JZ/U9MQchYCizLLE5EoFl8zi5JzEzNzUIiWFzBRbJRMlhYKcxOTU3NS8ElulxIKC1LwUJTsu BQxgA1SWmaeQmpecn5KZl26r5Bnsr2thYWqpa6hkp5vQyZPRfegQU8Fy1YovV2eyNTDuk+ti 5OCQEDCReNxj1MXICWSKSVy4t56ti5GLQ0hgFaPEnkUHmCCclYwSt18fZYVw5jBKbN94jhWk hU1AVeL+0XPMILaIQI1Ed+cCMFtYwEvi156Z7BBxb4nXy+azQNhWEseOHQHrZQHqvbXuMBuI zSvgJnF5ywSwGiGBOokfDW/AejkFEiVeXtgLFmcUkJXYffY6E4jNLCAucevJfCaIswUkluw5 zwxhi0q8fPyPFcJWlHgx+RwLRL2OxILdn9ggbG2JZQtfM0PsFZQ4OfMJ1F4FiSvX97FMYBSf hWTFLCTts5C0z0LSvoCRZRWjYG5GsYGZQXJesl5RZq5eXmrJJkZwUtHQ38H49r3FIUYBDkYl Hl4dJbtAIdbEsuLK3EOMEhzMSiK8KzfZBArxpiRWVqUW5ccXleakFh9idAWG0ERmKe7kfGDC yyuJNzYwwM1REucVCRQNFBJIB6ar7NTUgtQimDlMHJwge7ikRIqBSSe1KLG0JCMelBrji4HJ UaqBUd5eK+mTz4UkxdyFChLJ5yYHTmYU3N3fETfBUvq24fvqeZMaQw2UGu+pV277sj0uyC3Y IjvKeP3+B4ELT+WGCrmvqnh4qf7Rn7QvBvMnrv+0vrjyxqVVfS6vA5oTPFenMwV+8D3yb4tj WqrdAR8vFW4u5xNb5lwQMdiy7WDL5F/LjgSenso/VYmlOCPRUIu5qDgRAGJa1uprAwAA
Subject: Re: [jose] updated draft charter text incorporating AD's comments
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/jose>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 11 Mar 2013 18:44:59 -0000

I just joined JOSE, and have a brief comment about JWA:

For ECC-based encryption, it may make sense to use ECIES, because it complies with ANSI X9.63, IEEE P1363, ISO 18033-2, and SEC1.  (The current CMS-based approach is slightly different.)  If the list has already discussed this issue, then please excuse me (and point me to the archive thread).

Best regards,

Daniel Brown
Research In Motion Limited

> -----Original Message-----
> From: jose-bounces@ietf.org [mailto:jose-bounces@ietf.org] On Behalf Of
> Mike Jones
> Sent: Monday, March 11, 2013 1:22 PM
> To: odonoghue@isoc.org; jose@ietf.org
> Subject: Re: [jose] updated draft charter text incorporating AD's
> comments
> 
> Looks good to me
> 
> -----Original Message-----
> From: jose-bounces@ietf.org [mailto:jose-bounces@ietf.org] On Behalf Of
> Karen O'Donoghue
> Sent: Sunday, March 10, 2013 11:13 AM
> To: jose@ietf.org
> Subject: [jose] updated draft charter text incorporating AD's comments
> 
> Folks,
> 
> Here is the updated charter text based on Sean's comments and Mike's
> response. If there are any errors, please identify them asap as I plan
> to forward this back to Sean (and thus the IESG) in the very near
> future.
> 
> Regards,
> Karen
> 
> 
> Description of JOSE Working Group
> 
> JavaScript Object Notation (JSON) is a text format for the
> serialization of structured data described in RFC 4627.  The JSON
> format is often used for serializing and transmitting structured data
> over a network connection. With the increased usage of JSON in
> protocols in the IETF and elsewhere, there is now a desire to offer
> security services for JSON with encryption, digital signatures, and
> message authentication codes (MACs).
> 
> Different proposals for providing such security services have already
> been defined and implemented.  This Working Group will standardize the
> mechanism for integrity protection (signature and MAC) and encryption
> as well as the format for keys and algorithm identifiers to support
> interoperability of security services for protocols that use JSON. The
> Working Group will base its work on well-known message security
> primitives (e.g., CMS), and will solicit input from the rest of the
> IETF Security Area to be sure that the security functionality in the
> JSON format is sound.
> 
> As JSON adoption expands, the different applications utilizing JSON
> security services will grow and this leads to the need to support
> different requirements.
> The WG will
> develop a generic syntax that can be used by applications to secure
> JSON-data, but it will be up to the application to fully specify the
> use of the WG's documents much the same way S/MIME is the application
> of CMS to MIME-based media types.
> 
> This group is chartered to work on the following deliverables:
> 
> (1) A Standards Track document or documents specifying how to apply
> JSON-structured integrity protection to data, including (but not
> limited to) JSON data structures.
> "Integrity protection" includes public-key digital signatures as well
> as symmetric-key MACs.
> 
> (2) A Standards Track document or documents specifying how to apply a
> JSON-structured encryption to data, including (but not limited to) JSON
> data structures.
> 
> (3) A Standards Track document specifying how to encode public keys as
> JSON- structured objects.
> 
> (4) A Standards Track document specifying algorithms and algorithm
> identifiers for the previous three documents.
> 
> (5) A Standards Track document specifying how to encode private and
> symmetric keys as JSON-structured objects.  This document will build
> upon the concepts and structures in (3).
> 
> (6) A Standards Track document specifying a means of protecting private
> and symmetric keys via encryption.  This document will build upon the
> concepts and structures in (2) and (5).  This document may register
> additional algorithms in registries defined by (4).
> 
> (7) An Informational document detailing Use Cases and Requirements for
> JSON Object Signing and Encryption (JOSE).
> 
> (8) An Informational document that tells an application what needs to
> be specified in order to implement JOSE.
> 
> One or more of these goals may be combined into a single document, in
> which case the concrete milestones for these goals will be satisfied by
> the consolidated document(s).
> 
> _______________________________________________
> jose mailing list
> jose@ietf.org
> https://www.ietf.org/mailman/listinfo/jose
> _______________________________________________
> jose mailing list
> jose@ietf.org
> https://www.ietf.org/mailman/listinfo/jose

---------------------------------------------------------------------
This transmission (including any attachments) may contain confidential information, privileged material (including material protected by the solicitor-client or other applicable privileges), or constitute non-public information. Any use of this information by anyone other than the intended recipient is prohibited. If you have received this transmission in error, please immediately reply to the sender and delete this information from your system. Use, dissemination, distribution, or reproduction of this transmission by unintended recipients is not authorized and may be unlawful.

v2.23.0 | Report a Bug | By Email