Re: [woes] Proposed charter, post-Quebec edition

Thomas Hardjono <hardjono@MIT.EDU> Wed, 03 August 2011 20:33 UTC

Return-Path: <hardjono@mit.edu>
X-Original-To: woes@ietfa.amsl.com
Delivered-To: woes@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A27F95E8003 for <woes@ietfa.amsl.com>; Wed, 3 Aug 2011 13:33:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.349
X-Spam-Level:
X-Spam-Status: No, score=-4.349 tagged_above=-999 required=5 tests=[AWL=-0.750, BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QwcRWyCZA14Y for <woes@ietfa.amsl.com>; Wed, 3 Aug 2011 13:33:47 -0700 (PDT)
Received: from dmz-mailsec-scanner-6.mit.edu (DMZ-MAILSEC-SCANNER-6.MIT.EDU [18.7.68.35]) by ietfa.amsl.com (Postfix) with ESMTP id 9432022800D for <woes@ietf.org>; Wed, 3 Aug 2011 13:33:47 -0700 (PDT)
X-AuditID: 12074423-b7b31ae000000a3c-14-4e39b0ba0c30
Received: from mailhub-auth-1.mit.edu ( [18.9.21.35]) by dmz-mailsec-scanner-6.mit.edu (Symantec Messaging Gateway) with SMTP id 68.DE.02620.AB0B93E4; Wed, 3 Aug 2011 16:34:02 -0400 (EDT)
Received: from outgoing-exchange-2.mit.edu (OUTGOING-EXCHANGE-2.MIT.EDU [18.9.28.16]) by mailhub-auth-1.mit.edu (8.13.8/8.9.2) with ESMTP id p73KXxss002160; Wed, 3 Aug 2011 16:33:59 -0400
Received: from W92EXEDGE6.EXCHANGE.MIT.EDU (W92EXEDGE6.EXCHANGE.MIT.EDU [18.7.73.28]) by outgoing-exchange-2.mit.edu (8.13.8/8.12.4) with ESMTP id p73KXusC021921; Wed, 3 Aug 2011 16:33:58 -0400
Received: from w92exhub5.exchange.mit.edu (18.7.73.11) by W92EXEDGE6.EXCHANGE.MIT.EDU (18.7.73.28) with Microsoft SMTP Server (TLS) id 14.1.289.1; Wed, 3 Aug 2011 13:33:24 -0700
Received: from EXPO10.exchange.mit.edu ([18.9.4.15]) by w92exhub5.exchange.mit.edu ([18.7.73.11]) with mapi; Wed, 3 Aug 2011 16:33:56 -0400
From: Thomas Hardjono <hardjono@MIT.EDU>
To: Paul Hoffman <paul.hoffman@vpnc.org>, "woes@ietf.org" <woes@ietf.org>
Date: Wed, 3 Aug 2011 16:33:55 -0400
Thread-Topic: [woes] Proposed charter, post-Quebec edition
Thread-Index: AcxRadwR8xBFRNTnTUWfSjonksgscgAsbrLQ
Message-ID: <DADD7EAD88AB484D8CCC328D40214CCD0E743D3330@EXPO10.exchange.mit.edu>
References: <4F25253E-A870-4956-AAB1-20890B655984@vpnc.org>
In-Reply-To: <4F25253E-A870-4956-AAB1-20890B655984@vpnc.org>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg=SHA1; boundary="----=_NextPart_000_0051_01CC51FB.23043060"
MIME-Version: 1.0
X-Brightmail-Tracker: H4sIAAAAAAAAA02Sa0gUURiGOTOz66w4Ma2XPWohjoElrWmlaWr0o/BSiVB/sjBn3cld2l1l ZhXXIpTASgmVonS9ZkJ4qTXLMqPLGoJpF02tUBMt0zRMdBXxgjbj5OXfyzzv95zzMQdH5csS N1xrMDKsgdZRUntMLnP2UjbVBUf7zZf4BvVaZiRBHXNFyGEkorJyHomwFfWgMUisfaia0WlT GXbPoXh7TUNVP5a8dCat+2e+NAN0nswGMhyS+2HGmzFMzC6wY8AizQb2uJx8BeCd+vuIAOTk awA/5chE0AXgvZa+/6ABwB99USLIBbBuvAwVgJTcCT8uvrQTshMZCSt6pyRCxsgdcKWneHXY kQyGDx7eRsTOQTixaJOIeS+c7WuXCpkgY+Dv3AVUPCwEmisHVzsyMhS+rZ4BQgb8tefaalc9 KKmAvcNliLiOExzqFD3CastNQ1Kx7wz7r1qAcGmUvAHgyOxfTDxsK3xXOIzlAYV5k8u8uWfe 1DMDnAe+MOsREPse8NlEMSrmEFiwYJWK2RPeyhmyE3MA/NMyBcoBXg22q/XpSj2t1XFMgpJL oA0GhlUG+uq1Rl9GnVIPhN9sd8SrESxZqWZA4oByIDJUwdFyCZ3KmfTNwBVHKGfisYX/tEWV pDZpaE5zjk3RMVwzgDhKORGlJp4RatqUzrBJa8gdxygFoT+2ckJOJtJG5gLDJDPsGt2G4xQk 5gXpVpZJZNLOa3XGDYzgMkHuwMt31QlyLpnWc9pEkbcBTzcF4S4AUgCaFMP67NqzHQcKfhVH wkdoOfCPen16nBcjvHhlMkgQG+kN5JYBPPbVauOM4W2RgwFPr9uiS6PS5kvMbGmhSt+aMm1T HaBM6Zm/JF9nom+qmiMdR1ysNeHWy5d2V2V+f95VG1ZUMVIz0BF2rdv1aFaBX1Lg+7Ot5Vc8 2uO8G2O/JNB3U4ml0ckK79OjSiz+ouwz9KNPlbyYHrN8a/Jz/HD8SZ4/l09hnIb290FZjv4H cYr1e5EDAAA=
Subject: Re: [woes] Proposed charter, post-Quebec edition
X-BeenThere: woes@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "Web Object Encryption and Signing \(woes\) BOF discussion list" <woes.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/woes>, <mailto:woes-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/woes>
List-Post: <mailto:woes@ietf.org>
List-Help: <mailto:woes-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/woes>, <mailto:woes-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 03 Aug 2011 20:33:48 -0000

Paul,

Looks good.

Just my clarification, looking at 1) and 2) does it mean that the
resulting JOSE WG specifications can be applied to non-JSON data
structures? (I'm ok with this).

Also, will RFC4627 be "upgraded" to standards track?

Thanks.

/thomas/

__________________________________________


> -----Original Message-----
> From: woes-bounces@ietf.org [mailto:woes-bounces@ietf.org] On Behalf
Of
> Paul Hoffman
> Sent: Tuesday, August 02, 2011 7:14 PM
> To: woes@ietf.org
> Subject: [woes] Proposed charter, post-Quebec edition
> 
> Here is a proposal for the charter based on the discussion in the
BoF
> last week and later discussion with Sean Turner. Comments, praise,
> scorn, etc., are welcome.
> 
> --Paul and Richard
> 
> Javascript Object Signing and Encrypting (jose)
> ===============================================
> 
> Background
> ----------
> 
> Javascript Object Notation (JSON) is a text format for the
> serialization of structured data described in RFC 4627. The JSON
format
> is often used for serializing and transmitting structured data over
a
> network connection. With the increased usage of JSON in protocols in
> the IETF and elsewhere, there is now a desire to offer security
> services such as encryption and digital signatures for data that is
> being carried in JSON format.
> 
> Different proposals for providing such security services have
already
> been defined and implemented. This Working Group's task is to
> standardize two security services, encrypting and digitally signing,
in
> order to increase interoperability of security features between
> protocols that use JSON.  The Working Group will base its work on
well-
> known message security primitives (e.g., CMS), and will solicit
input
> from the rest of the IETF Security Area to be sure that the security
> functionality in the JSON format is correct.
> 
> This group is chartered to work on four documents:
> 
> 1) A Standards Track document specifying how to apply a
JSON-structured
> digital signature to data, including (but not limited to) JSON data
> structures. "Digital signature" is defined as a hash operation
followed
> by a signature operation using asymmetric keys.
> 
> 2) A Standards Track document specifying how to apply a
JSON-structured
> encryption to data, including (but not limited to) JSON data
> structures.
> 
> 3) A Standards Track document specifying how to encode public keys
as
> JSON-structured objects.
> 
> 4) A Standards Track document specifying mandatory-to-implement
> algorithms for the other three documents.
> 
> The working group may decide to address one or more of these goals
in a
> single document, in which case the concrete milestones for
> signing/encryption below will both be satisfied by the single
document.
> 
> Goals and Milestones
> --------------------
> 
> Aug 2011    Submit JSON object signing document as a WG item.
> 
> Aug 2011    Submit JSON object encryption document as a WG item.
> 
> Aug 2011    Submit JSON key format document as a WG item.
> 
> Aug 2011    Submit JSON algoritm document as a WG item.
> 
> Jan 2012    Start Working Group Last Call on JSON object signing
> document.
> 
> Jan 2012    Start Working Group Last Call on JSON object encryption
> document.
> 
> Jan 2012    Start Working Group Last Call on JSON key format
document.
> 
> Jan 2012    Start Working Group Last Call on JSON algorithm
document.
> 
> Feb 2012    Submit JSON object signing document to IESG for
> consideration as
> Standards Track document.
> 
> Feb 2012    Submit JSON object encryption document to IESG for
> consideration
> as Standards Track document.
> 
> Feb 2012    Submit JSON key format document to IESG for
consideration
> as Standards Track document.
> 
> Feb 2012    Submit JSON algorithm document to IESG for consideration
> as Standards Track document.
> 
> _______________________________________________
> woes mailing list
> woes@ietf.org
> https://www.ietf.org/mailman/listinfo/woes