[jose] Re: WGLC for draft-ietf-jose-fully-specified-algorithms

Michael Jones <michael_b_jones@hotmail.com> Tue, 09 July 2024 20:43 UTC

Return-Path: <michael_b_jones@hotmail.com>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1BA36C1654EB for <jose@ietfa.amsl.com>; Tue, 9 Jul 2024 13:43:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.236
X-Spam-Level:
X-Spam-Status: No, score=-1.236 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FORGED_HOTMAIL_RCVD2=0.874, FREEMAIL_FROM=0.001, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=hotmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id n2ckxY3JfbmZ for <jose@ietfa.amsl.com>; Tue, 9 Jul 2024 13:43:13 -0700 (PDT)
Received: from CH1PR05CU001.outbound.protection.outlook.com (mail-northcentralusazolkn19010009.outbound.protection.outlook.com [52.103.20.9]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9F41DC151983 for <jose@ietf.org>; Tue, 9 Jul 2024 13:43:13 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=BjimZ2tGd5zCTrFpKqSZtTWybK9fKq8xu/fozx0L66gDHTUr/ElD1+rJLS1sGsH9fZ01SdB2efyEMuL5TDSsWMzWLDtGEwp8dHWzfXNr1YzJGs8nz/IbLW9LcMBTf82083qWIoV4oWejTjgwnepI7zSi2IWi77l9IzcKtqouCv9sg5iECcDHORMAd/9r1mCbMYxUxZqwj/9Y4GeoPKV26VBwfByvf1wRawUarNl9mYTrPzmJwE89/yE/dP+rQ7D2zK1X85p+1TijcW7Tbs/Yd0c6Y6RbokzZLWr9TZb+8jPXeOMqPtsVbCXdu6B8PRmBba8rgwxti86VA2SJvc8L6w==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=7DnEI5WUW2w+7N/71xQUquLAqNP1iU5t+NOJR98cI64=; b=fBeaRXH6g1T6N1qm9x3Xn3zdu9Wk60efEfiLnJJaRGxCBU7phwh4DRwSOEmnKyx6giMEZkCn8KO8QB8tw/5UlKa8qKQz5+MYbAx+waeG60HGFIcDprpGoLOZ0oTxh4xucd5oWKrdywa4OWNxvpnxS2jwzhS6qbFCCcPjoEykbmEHcEO2pJfwMSbUhYVcmgI4yKD6R3ALJ0K/WmCwK9VNZg3ZSQEWnDl0bFITbrR2dxV8Y5URUz4bfrMkzRKWd/4kQ6ISg2FP/YfkjSdEhdnHNc6mLStzG5AzgU8WuT4ya/xPpElkcITVjU1Yb1n0mx8pRKGkT1aQw/UT5Ex1gW+DIw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none; dkim=none; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=hotmail.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=7DnEI5WUW2w+7N/71xQUquLAqNP1iU5t+NOJR98cI64=; b=NzGUVHUWf+nFgtLmmltGACyQcGr5W4xpNrvuXSpDF3Gf8ObxP0hKPFLl3tZffegG1wJwL+wB8U5n45+Hk9ytmYG4vSXEd/sKGNqMabCPQkNqTsa+Tqrudd8hEli2Afb9TBqa8HZ6q9hY+KdG+gkMXxNIN/gLbB9CLj+Amqtl6ZOyx9yEEX6Dzqqy6gld3w82J9RKlvB3o0aqldVitI9oEjzIP/uczUwAYnkUy3/oxCa3MIMl+lA0Gbcp5ErJc54jTMM3FfcmVC+CGkou4700HlcXBlm3Y+zs8UMZMTdbFDT2rVKdNgmQ67c49KnO6WqdCXeFprldZy3+abwdrP1QAA==
Received: from PH0PR02MB7430.namprd02.prod.outlook.com (2603:10b6:510:b::9) by IA0PR02MB9266.namprd02.prod.outlook.com (2603:10b6:208:435::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7741.35; Tue, 9 Jul 2024 20:43:11 +0000
Received: from PH0PR02MB7430.namprd02.prod.outlook.com ([fe80::67ac:16c1:95b5:fcdc]) by PH0PR02MB7430.namprd02.prod.outlook.com ([fe80::67ac:16c1:95b5:fcdc%6]) with mapi id 15.20.7741.033; Tue, 9 Jul 2024 20:43:11 +0000
From: Michael Jones <michael_b_jones@hotmail.com>
To: Simo Sorce <simo@redhat.com>, Brian Campbell <bcampbell=40pingidentity.com@dmarc.ietf.org>
Thread-Topic: [jose] Re: WGLC for draft-ietf-jose-fully-specified-algorithms
Thread-Index: AQHaoXPS9YBYaBoSGEOGG/pnrqruKbGVXiyAgFnO2VA=
Date: Tue, 09 Jul 2024 20:43:11 +0000
Message-ID: <PH0PR02MB7430F5E729EE44244C0F1326B7DB2@PH0PR02MB7430.namprd02.prod.outlook.com>
References: <78A999A1-7010-4FD6-A0AB-493EF1D91BF6@gmail.com> <14C7D4BA-9E3A-406E-A3EC-9223249BC4F1@gmail.com> <SJ0PR02MB74395B11FA1BA279519A2FDBB71C2@SJ0PR02MB7439.namprd02.prod.outlook.com> <CA+k3eCTB5dzDVMc41Dm0DTt3FWOo-+-oGbGQaNzcqvxHNp+hTQ@mail.gmail.com> <c859f5b20b602edb85c63769e6eecd38b7e6a6c5.camel@redhat.com>
In-Reply-To: <c859f5b20b602edb85c63769e6eecd38b7e6a6c5.camel@redhat.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-tmn: [FrzLzDYfttPdCRSdgOjLD6JciWZiXnhE]
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: PH0PR02MB7430:EE_|IA0PR02MB9266:EE_
x-ms-office365-filtering-correlation-id: e41a5671-fd62-443f-6a01-08dca057bf66
x-microsoft-antispam: BCL:0;ARA:14566002|8060799006|19110799003|12050799003|6040799006|461199028|440099028|3412199025|102099032;
x-microsoft-antispam-message-info: qV/BFZo1S3oFDL/07p2pwG2s1F6tIXHgNqbSk+ZfgjENLfgBdf03bOTTgwdaGYZYkLMvQtpUwJNC+b42JwpenNWIFqZQyxtnLIF7YvyCwjwz1HttsKAgYClGKyZw3gCOBljrmqmNYwsKJqgM41H/r62v3OKSF5PJk/SrRFgtCP8eVf8LnbromoXeocIC7ynPI+dGeTkXbMkVfIQtpMXOpePJrhEBDsDo3VI5Cj9YK6jEp2AoyvMvOA9LVEhZhPzyc3T+j1g8/tFLMnS+0VlDJ2BSzKYX18FPZ3y+Zo/dpIRHOlUcleiStmsFgy2hJRS4byrdcWBlEPvrWUQpHm73staQDiaN64z9GOp/q/S/C0idc9GbEnnnozFYy+V5erCs3FbxGNKgym7DE/21chCWFDnc+WAj7TBYPKslkEuME6gOvLKDaYREXiZEAbsjOWoX7hgIzQiDQ2Eho4KFfDJ8xmbspZpww617lGn+ZIa2/uVfWAiwbT9jCsUzfdiTYexCF4wLAQvFl25Em+eNF+4J8g+qngZY60U9Bz7AwHAQNqGAs2pT8PrvIQM8r2XmZBzClq7UmzItwuKEuG+7HMN8WYscEZRovqitQtSlxUXOz4j6ZP6FxWd0MGpcercTavc16/09TCr6IW3scg++EZUcXzvGhPz4xyssOdWn+3CkTg+EY4pe8CgeSUGO7IM5zrJaMXw9oN2rI10Wdj6lknRB2g==
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: HL3w7GO7NvrgLA9+MAEuYf4U3LPoM5R/CEMil9KZfawB8+eSqonzUCs5jikgM5oQeq1kSzMn0SIiJj/5kQLageSS8azL1dG9iyPAEdrSgYoOeyVfHT+E4ZTqOGVMpB/TiVFiYVGrgkLbjNW2jbpfSCbjAR46hd/u0O6z9Kfiff6+Bl0OAm8qNG9qa/KKQupBfKRZiFKidjoTeoUD4tO6WRzIUQvCnphOt4UwKrs3TAQ6OyGfX7N0ESj4JjIn3/MemPjclswY4tMzFZEKCHNk5nElzrq12+yO2sgBt3rJATnNxn+DQQnT2fAzuQOIpk/zuibb/r2xrcG0uEhCAHQN8QSvR+HHejN0USxUCQisTiO0QdVmPA7ziFsiAtTqS731qLbWCP4p93riVGfegNVQiz6Cojp/GaUkQYWDnCXN+n6yUp8+zgKwJL9DHTjSsMkdyZJsdQT7uDasb+yL40XZxw746g5XnRVeoGlNC1Zvkg9QIGRPBhHe8moy4qzaQRuv/lYKng1NWHO7fYDipzbVCzYBr+EB45eGmAfyd9n/OQ3JajY6/esGlFwJj+IvV+Ftg+M5dlFzIe1u4NxsPsRX+NxQyla9+DCL2ddaDqe88WEbHNlUdP5u+wnz68iNFZSwD/3bKElkKm4yDdwF0ql+MHXdN3QQ2cUJhcTk5rdnOJgb01dxuwhMhr8mdJHwbl7qaQXyvipRhBkipzAADPm7K/srEeIzlwl2yFXMHHgUwGWjtzJh1B+mBleE01GTZo/oz1+F07Zftx1suZ4mTcyIPtPzxFiA1iMRdCrYOn1gL9oNY1B+IrYZ3zBqzX9gIym08af6Wf9wmSjHc3o5DZV70GkDXZfzn6ZbzgEFEws5AJIQAegx7HxQ0ftDA1qHWhCVM88DHMdO2qn6rVSMKt0V6PXxOICCm86rFPE4T6T9j1AIDiY+RJWpeA0MnaUnVpwH7y3QE5CrI8NbFA6sWjDfLtyzS3FC98Haf5sh3PCIEHLozc4p441lux3TkieEtibKVPPz+RqIRZi8KQWBwALyeG4dMfpqjhS0lzEvHmpeFcF1cuQfTIRmn8utlJsfkaa+SC6Mk614ytPmlsGM16xWpXWH5PD3O3cwHmX1jifInYN3jUB9KUdg34wcFjknaEDnL3VXoAOVy4k71LIf2UkUGsTMvbkTZ68juJHgNvHNzuRoceLbaYYz1K0z9Xn7sHU9Th3/lObg+aIi2Rqvci2AWWYDq35noaocH+miwS2MewU=
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: sct-15-20-7719-20-msonline-outlook-0f88b.templateTenant
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: PH0PR02MB7430.namprd02.prod.outlook.com
X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 00000000-0000-0000-0000-000000000000
X-MS-Exchange-CrossTenant-Network-Message-Id: e41a5671-fd62-443f-6a01-08dca057bf66
X-MS-Exchange-CrossTenant-rms-persistedconsumerorg: 00000000-0000-0000-0000-000000000000
X-MS-Exchange-CrossTenant-originalarrivaltime: 09 Jul 2024 20:43:11.3274 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa
X-MS-Exchange-Transport-CrossTenantHeadersStamped: IA0PR02MB9266
Message-ID-Hash: HC4YW665Z2MMDTUXDOD2BPR42A4SKU23
X-Message-ID-Hash: HC4YW665Z2MMDTUXDOD2BPR42A4SKU23
X-MailFrom: michael_b_jones@hotmail.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-jose.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: Karen ODonoghue <kodonog@gmail.com>, "jose@ietf.org" <jose@ietf.org>
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [jose] Re: WGLC for draft-ietf-jose-fully-specified-algorithms
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/jose/yfaaYtTr658CZEspe0Rk4UxEBuM>
List-Archive: <https://mailarchive.ietf.org/arch/browse/jose>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Owner: <mailto:jose-owner@ietf.org>
List-Post: <mailto:jose@ietf.org>
List-Subscribe: <mailto:jose-join@ietf.org>
List-Unsubscribe: <mailto:jose-leave@ietf.org>

Thanks for your WGLC feedback, Brian and Simo.  As we also replied to Neil, draft -03 should now be unambiguous about which parts of the problem space the specification is solving and not.  The statements implying that every aspect of the problem space are solved were removed, and replaced by a discussion of which parts of the space *are* being solved now *and* how future specifications could solve more of the problems, when desired.

Practically, this specification provides fully-specified alternatives to all registered JOSE and COSE polymorphic signature algorithms.  In the encryption space, it defines a limited number of fully-specified ECDH algorithms for both JOSE and COSE, while providing clear guidance in a new appendix how future specifications could register additional fully-specified ECDH algorithms when needed.  The encryption section has also been augmented with a much more comprehensive discussion about what it means for encryption algorithms to be fully-specified.

				Best wishes,
				-- Mike

-----Original Message-----
From: Simo Sorce <simo@redhat.com> 
Sent: Monday, May 13, 2024 9:14 AM
To: Brian Campbell <bcampbell=40pingidentity.com@dmarc.ietf.org>; Michael Jones <michael_b_jones@hotmail.com>
Cc: Neil Madden <neil.e.madden@gmail.com>; Karen ODonoghue <kodonog@gmail.com>; jose@ietf.org
Subject: Re: [jose] Re: WGLC for draft-ietf-jose-fully-specified-algorithms

On Wed, 2024-05-08 at 12:15 -0600, Brian Campbell wrote:
> 
> I might humbly suggest that the prospective updates, while perhaps 
> mostly editorial, are fairly fundamental to the content of the draft 
> itself and should be applied to the draft prior to (a new) WGCL. 
> Resolving the draft's many outright self-contradictory statements 
> would likely go a long way towards avoiding feedback at the level of 
> "this draft is still deeply confused and not anywhere near ready for 
> publication" and facilitate a more productive last call cycle that's a better use of everyone's time.

100% this, it is there is rough agreement on the direction, but the wording of the draft is nowhere near what is needed for a WGLC. 

--
Simo Sorce
Distinguished Engineer
RHEL Crypto Team
Red Hat, Inc