Re: [jose] way forward for two remaining drafts

[Mike Jones <Michael.Jones@microsoft.com>]

FYI, I've been asked by Rich Salz to give a presentation on draft-jones-jose-jws-signing-input-options<https://tools.ietf.org/html/draft-jones-jose-jws-signing-input-options-00> to the ACME working group, which meets Thursday 1520-1720 in Congress III.  The presentation is attached.  You’re all invited to attend (which *can* be done remotely, per the Remote Participation section of https://www.ietf.org/meeting/93/).



                                                            -- Mike



-----Original Message-----
From: Wendy Seltzer [mailto:wseltzer@w3.org]
Sent: Monday, July 20, 2015 5:16 AM
To: Kathleen Moriarty
Cc: Mike Jones; Nat Sakimura; jose@ietf.org; Karen O'Donoghue
Subject: Re: [jose] way forward for two remaining drafts



Hi,



I'm sending draft-jones-jose-jws-signing-input-options draft to the W3C Web Payments Interest Group for reviews, as some participants there have expressed interest in a more developer-readable method for signed linked data.



--Wendy



On 07/13/2015 02:24 PM, Kathleen Moriarty wrote:

> Hello,

>

> It's good too see that a few people do support these drafts.  Will each of you be sending reviews and comments to the list shortly on these drafts?  If the chairs think it's reasonable to accept the drafts, they will also need to know there will be active support.

>

> Thanks,

> Kathleen

>

> Sent from my iPhone

>

>> On Jul 13, 2015, at 1:10 PM, Edmund Jay <ejay@mgi1.com<mailto:ejay@mgi1.com>> wrote:

>>

>> +1

>>

>>

>> From: Nat Sakimura <sakimura@gmail.com<mailto:sakimura@gmail.com>>

>> To: Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com<mailto:kathleen.moriarty.ietf@gmail.com>>

>> Cc: Mike Jones <Michael.Jones@microsoft.com<mailto:Michael.Jones@microsoft.com>>; Karen O'Donoghue

>> <odonoghue@isoc.org<mailto:odonoghue@isoc.org>>; "jose@ietf.org<mailto:jose@ietf.org>" <jose@ietf.org<mailto:jose@ietf.org>>

>> Sent: Sunday, July 12, 2015 10:32 AM

>> Subject: Re: [jose] way forward for two remaining drafts

>>

>> Sorry to chime in so late. I have been completely under water for sometime now.

>>

>> Like Phil, I do see that draft-jones-jose-jws-signing-input-options sort of thing can be very useful, though I may want to have slightly different way of encoding the things. Being able to do detached signature is quite attractive.

>>

>> Best,

>>

>> Nat

>>

>> 2015-07-10 2:37 GMT+09:00 Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com<mailto:kathleen.moriarty.ietf@gmail.com>>:

>>

>>

>> Hi,

>>

>> Sent from my iPhone

>>

>>> On Jul 9, 2015, at 1:16 PM, Mike Jones <Michael.Jones@microsoft.com<mailto:Michael.Jones@microsoft.com>> wrote:

>>>

>>> About https://na01.safelinks.protection.outlook.com/?url=https%3a%2f%2ftools.ietf.org%2fhtml%2fdraft-jones-jose-jws-signing-input-options-00%2c&data=01%7c01%7cMichael.Jones%40microsoft.com%7ccf4fbf7c1ae44f7f605e08d290b17ed2%7c72f988bf86f141af91ab2d7cd011db47%7c1&sdata=YxE6NmUaQ5diKIYxBONO7%2bPOxz6X%2fW9trXmEDaNP4ME%3d I’ll add that this addresses the requests make by Jim Schaad and Richard Barnes in JOSE Issues #26 “Allow for signature payload to not be base64 encoded” and #23 https://na01.safelinks.protection.outlook.com/?url=http%3a%2f%2ftrac.tools.ietf.org%2fwg%2fjose%2ftrac%2fticket%2f23&data=01%7c01%7cMichael.Jones%40microsoft.com%7ccf4fbf7c1ae44f7f605e08d290b17ed2%7c72f988bf86f141af91ab2d7cd011db47%7c1&sdata=PUcoz6T7G6wFGKglEsrvJTR6CuD7fVSmOmSpfI%2fNcLU%3d “Make crypto independent of binary encoding (base64)”.

>>>

>>> About https://na01.safelinks.protection.outlook.com/?url=https%3a%2f%2ftools.ietf.org%2fhtml%2fdraft-jones-jose-key-managed-json-web-signature-01%2c&data=01%7c01%7cMichael.Jones%40microsoft.com%7ccf4fbf7c1ae44f7f605e08d290b17ed2%7c72f988bf86f141af91ab2d7cd011db47%7c1&sdata=i1gON5RevmYKIRp%2ffpa0IUM4mMATz9GzlqJwaZOV8Kw%3d I’ll add that this addresses the request made by Jim Schaad in JOSE Issue #2 https://na01.safelinks.protection.outlook.com/?url=http%3a%2f%2ftrac.tools.ietf.org%2fwg%2fjose%2ftrac%2fticket%2f2&data=01%7c01%7cMichael.Jones%40microsoft.com%7ccf4fbf7c1ae44f7f605e08d290b17ed2%7c72f988bf86f141af91ab2d7cd011db47%7c1&sdata=TQ8KWP1LnDtnf8qC%2bdQSOvwTEaN2e%2fcOHquXSSskWns%3d “No key management for MAC”.

>>>

>>> Also, there’s a highly relevant discussion about key management for

>>> MACs going on in the COSE working group.  See the thread “[Cose] Key

>>> management for MACs (was Re: Review of draft-schaad-cose-msg-01)” –

>>> especially

>>> https://na01.safelinks.protection.outlook.com/?url=https%3a%2f%2fmai

>>> larchive.ietf.org%2farch%2fmsg%2fcose%2faUehU6O7Ui8CXcGxy3TquZOxWH4&

>>> data=01%7c01%7cMichael.Jones%40microsoft.com%7ccf4fbf7c1ae44f7f605e0

>>> 8d290b17ed2%7c72f988bf86f141af91ab2d7cd011db47%7c1&sdata=BlB8JqzOTuh

>>> hSYzi7ygO1QJqHZOipOqva8uMEsMzrR4%3d and

>>> https://na01.safelinks.protection.outlook.com/?url=https%3a%2f%2fmai

>>> larchive.ietf.org%2farch%2fmsg%2fcose%2fouOIdAOe2P-W8BjGLJ7BNvvRr10.

>>> &data=01%7c01%7cMichael.Jones%40microsoft.com%7ccf4fbf7c1ae44f7f605e

>>> 08d290b17ed2%7c72f988bf86f141af91ab2d7cd011db47%7c1&sdata=cvpIAhvIo1

>>> eFLaubzc6hC%2bCnAR7YBNR7dVUsVmDtiys%3d

>>>

>>> One could take the view that our decision on the JOSE key management draft should be informed by the related decision in COSE.  Specifically, that if COSE decides to support key management for MACs, the same reasoning likely should apply to our decision on whether to define a standard mechanism for supporting key management for MACs in JOSE.

>> Key management is explicitly out-of-scope for COSE as stated in the charter.  The discussion referenced had this point at the close of that discussion.

>>

>> I'm not seeing much support for these drafts moving forward in JOSE.  I'm also not seeing enough to justify standards track and AD sponsored.  If you think these are important to have move forward in the WG or as standards track, please say so soon.  They can still go forward through the Independent submission process through the ISE.

>>

>> Thank you,

>> Kathleen

>>

>>>                                                             -- Mike

>>>

>>> From: jose [mailto:jose-bounces@ietf.org] On Behalf Of Karen

>>> O'Donoghue

>>> Sent: Wednesday, July 01, 2015 8:38 AM

>>> To: jose@ietf.org<mailto:jose@ietf.org>

>>> Subject: [jose] way forward for two remaining drafts

>>>

>>> Folks,

>>>

>>> With the thumbprint draft progressing through the process, we have two remaining individual drafts to decide what to do with. The options include: 1) adopt as working group drafts; 2) ask for AD sponsorship of individual drafts; or 3) recommend that they not be published. Please express your thoughts on what we should do with these drafts. Jim, Kathleen, and I would like to make a decision in the Prague timeframe, so please respond by 15 July.

>>>

>>> https://na01.safelinks.protection.outlook.com/?url=https%3a%2f%2ftoo

>>> ls.ietf.org%2fid%2fdraft-jones-jose-jws-signing-input-options-00.txt

>>> &data=01%7c01%7cMichael.Jones%40microsoft.com%7ccf4fbf7c1ae44f7f605e

>>> 08d290b17ed2%7c72f988bf86f141af91ab2d7cd011db47%7c1&sdata=gVViP9znYo

>>> fwYtoIL%2fhIQC%2f1OQwTLxRtQT8PayvYpi8%3d

>>>

>>> https://na01.safelinks.protection.outlook.com/?url=https%3a%2f%2ftoo

>>> ls.ietf.org%2fid%2fdraft-jones-jose-key-managed-json-web-signature-0

>>> 1.txt&data=01%7c01%7cMichael.Jones%40microsoft.com%7ccf4fbf7c1ae44f7

>>> f605e08d290b17ed2%7c72f988bf86f141af91ab2d7cd011db47%7c1&sdata=wIoGj

>>> 1dJzp3QiT0IycqtKLGf0fWoKfrvOlv90a41Xhc%3d

>>>

>>> Thanks,

>>> Karen

_____________________________________________

> jose mailing list

> jose@ietf.org<mailto:jose@ietf.org>

> https://na01.safelinks.protection.outlook.com/?url=https%3a%2f%2fwww.i

> etf.org%2fmailman%2flistinfo%2fjose&data=01%7c01%7cMichael.Jones%40mic

> rosoft.com%7ccf4fbf7c1ae44f7f605e08d290b17ed2%7c72f988bf86f141af91ab2d

> 7cd011db47%7c1&sdata=4df%2bwGYpkyLt8fqw6VW3Ea%2bsQLcJhSEkQHp7tWpqYY4%3

> d

>





--

Wendy Seltzer -- wseltzer@w3.org<mailto:wseltzer@w3.org> +1.617.715.4883 (office) Policy Counsel and Domain Lead, World Wide Web Consortium (W3C)

https://na01.safelinks.protection.outlook.com/?url=http%3a%2f%2fwendy.seltzer.org%2f&data=01%7c01%7cMichael.Jones%40microsoft.com%7ccf4fbf7c1ae44f7f605e08d290b17ed2%7c72f988bf86f141af91ab2d7cd011db47%7c1&sdata=KROQCeTKvY0IFOT%2bUGhssnjl2hOROZOalSNNbEFFVXk%3d        +1.617.863.0613 (mobile)