Re: [jose] Call for adoption

Hi Jim, 

I agree with Richard on the serialization documents. 

On the use cases I have a mixed view. As we have seen in the OAuth working group with use cases it is easy to get the group to add a new use case document but very difficult to get others to find reviewers to get it finished. I am not sure what the target audience would be with such a document. 

Let's assume that the audience for the document is the JOSE group. First, the requirements are not really adding a lot to the discussion since they are really basic (more or less what can be found in the charter). The use cases in Section 4 are out-of-date and are typically better described in the referenced documents. One of the four use cases is obsolete by now: the ATOCA use case is gone with the decisions from the last IETF meeting since the group entire group got trashed. ALTO IMHO does not seem to go anywhere either.

Sorry if I do not get excited anymore about the value of use case (and requirements) documents. The main challenges are that 

a) you don't want to describe use cases that relate to work where it hasn't even been decided to use the specific technology (in this case JSON), and 
b) when a use case of interest to the group is found that requires additional functionality then a new extension/solution is defined in a separate document that typically provides a better description than in the use case document itself.

Consequently, the value of separate use case document goes close to zero. 

Ciao
Hannes

On Feb 14, 2013, at 5:23 AM, Richard Barnes wrote:

> I support the adoption of the use cases draft.  Clearer use cases will help this group refine a lot of the ideas that are floating around. 
> 
> I do not support the adoption of the JSON serialization documents.  A JSON serialization should be part of the base documents. I have already made a proposal to the list for how to do this, which is essentially the same as the one in the JSON serialization documents.  It would have a small impact on the base specs, and make the base format much more usable. 
> http://www.ietf.org/mail-archive/web/jose/current/msg01465.html
> 
> --Richard
> 
> 
> 
> On Wednesday, February 13, 2013, Jim Schaad wrote:
> The chairs of the JOSE working group have dropped the ball on this (really me).
> 
>  
> 
> At the last face-to-face meeting there was a call for the following documents to become working group documents:
> 
>  
> 
> Draft-barnes-jose-use-cases – Use Cases and Requirements for JSON Object Signing and Encryption (JOSE)
> 
>  
> 
> Draft-jones-jose-jwe-json-serialization – JSON Web Encryption JSON Serialization (JWE-JS)
> 
>  
> 
> Draft-jones-jose-jws-json-serialization – JSON Web Signature JSON Serialization (JWS-JS)
> 
>  
> 
>  
> 
> The chairs are going to assume that the working group wants to adopt these three documents as that was the overwhelming response in Atlanta.  Thus you only need to reply if you object to these documents being adopted.  This call will end 27 February.
> 
>  
> 
> (Note that we will be looking at the private key drafts during the Orlando meeting and issuing an adoption call shortly after that meeting.)
> 
>  
> 
> Jim
> 
>  
> 
> _______________________________________________
> jose mailing list
> jose@ietf.org
> https://www.ietf.org/mailman/listinfo/jose