Re: [woes] New WOES charter proposal

Paul Hoffman <paul.hoffman@vpnc.org> Thu, 07 July 2011 17:58 UTC

Return-Path: <paul.hoffman@vpnc.org>
X-Original-To: woes@ietfa.amsl.com
Delivered-To: woes@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A7FCA1F0C73 for <woes@ietfa.amsl.com>; Thu, 7 Jul 2011 10:58:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.755
X-Spam-Level:
X-Spam-Status: No, score=-102.755 tagged_above=-999 required=5 tests=[AWL=-0.156, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BqZswluwWo5k for <woes@ietfa.amsl.com>; Thu, 7 Jul 2011 10:58:32 -0700 (PDT)
Received: from hoffman.proper.com (IPv6.Hoffman.Proper.COM [IPv6:2605:8e00:100:41::81]) by ietfa.amsl.com (Postfix) with ESMTP id D44DE1F0C6F for <woes@ietf.org>; Thu, 7 Jul 2011 10:58:31 -0700 (PDT)
Received: from [10.20.30.101] (50-0-66-4.dsl.dynamic.fusionbroadband.com [50.0.66.4] (may be forged)) (authenticated bits=0) by hoffman.proper.com (8.14.4/8.14.3) with ESMTP id p67HwLxS099268 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NO); Thu, 7 Jul 2011 10:58:21 -0700 (MST) (envelope-from paul.hoffman@vpnc.org)
Mime-Version: 1.0 (Apple Message framework v1084)
Content-Type: text/plain; charset="us-ascii"
From: Paul Hoffman <paul.hoffman@vpnc.org>
In-Reply-To: <4E1F6AAD24975D4BA5B168042967394348D3BC49@TK5EX14MBXC201.redmond.corp.microsoft.com>
Date: Thu, 07 Jul 2011 10:58:29 -0700
Content-Transfer-Encoding: quoted-printable
Message-Id: <265D01FB-3C2B-47C4-A5B5-0A78A867D443@vpnc.org>
References: <B2ABF893-10E6-496A-8F63-FFA2C9C89541@vpnc.org> <4E1F6AAD24975D4BA5B168042967394348D3BC49@TK5EX14MBXC201.redmond.corp.microsoft.com>
To: Mike Jones <Michael.Jones@microsoft.com>
X-Mailer: Apple Mail (2.1084)
Cc: "woes@ietf.org" <woes@ietf.org>
Subject: Re: [woes] New WOES charter proposal
X-BeenThere: woes@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "Web Object Encryption and Signing \(woes\) BOF discussion list" <woes.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/woes>, <mailto:woes-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/woes>
List-Post: <mailto:woes@ietf.org>
List-Help: <mailto:woes-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/woes>, <mailto:woes-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 07 Jul 2011 17:58:32 -0000

On Jul 5, 2011, at 2:55 PM, Mike Jones wrote:

> I'm still going to hold out for inclusion of the third document or capability needed for end-to-end JSON-based signing and encryption:
> 
> 3) A Standards Track document specifying how to represent public keys as JSON data structures.
> 
> I know, for instance that the JSON Web Signature (JWS) doc needs to contain a reference to the JSON Web Key (JWK) format, so that also needs to be defined.

The question is what is the value of defining it in this WG. Why is the key format important for interoperability with the signing and encrypting specs? If we have a strong answer for that, the ADs might be more amenable to adding it; otherwise, it probably falls into the "might be nice to have in the future" category.

--Paul Hoffman