Re: [woes] Proposed JOSE Charter

Sean Turner <turners@ieca.com> Thu, 18 August 2011 13:01 UTC

Return-Path: <turners@ieca.com>
X-Original-To: woes@ietfa.amsl.com
Delivered-To: woes@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D643C21F8B34 for <woes@ietfa.amsl.com>; Thu, 18 Aug 2011 06:01:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.255
X-Spam-Level:
X-Spam-Status: No, score=-102.255 tagged_above=-999 required=5 tests=[AWL=0.343, BAYES_00=-2.599, UNPARSEABLE_RELAY=0.001, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id X37TN4FAxy3i for <woes@ietfa.amsl.com>; Thu, 18 Aug 2011 06:01:06 -0700 (PDT)
Received: from nm20.bullet.mail.sp2.yahoo.com (nm20.bullet.mail.sp2.yahoo.com [98.139.91.90]) by ietfa.amsl.com (Postfix) with SMTP id 49B0121F8B32 for <woes@ietf.org>; Thu, 18 Aug 2011 06:01:06 -0700 (PDT)
Received: from [98.139.91.61] by nm20.bullet.mail.sp2.yahoo.com with NNFMP; 18 Aug 2011 13:01:57 -0000
Received: from [98.139.91.46] by tm1.bullet.mail.sp2.yahoo.com with NNFMP; 18 Aug 2011 13:01:57 -0000
Received: from [127.0.0.1] by omp1046.mail.sp2.yahoo.com with NNFMP; 18 Aug 2011 13:01:57 -0000
X-Yahoo-Newman-Id: 468900.51509.bm@omp1046.mail.sp2.yahoo.com
Received: (qmail 33028 invoked from network); 18 Aug 2011 13:01:56 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s1024; t=1313672516; bh=lHEq+hoqcxO6EqM5jspBd5rrmV+9PDd9BwjaXfhELkk=; h=X-Yahoo-Newman-Property:X-YMail-OSG:X-Yahoo-SMTP:Received:Message-ID:Date:From:User-Agent:MIME-Version:To:CC:Subject:References:In-Reply-To:Content-Type:Content-Transfer-Encoding; b=cs9NfqeFma6lvw5kA1oDWVSdizwk6wcmrZMPTU2he5o3AHhZ7cA5DAOQf16UmuFdq3v28GnYEAmlUTXG8i4Rj6bBtsfeny3te8KKjfPkEcq7TzBz8vOGeo1lqivXjp/QKbQEzNMZ+dKmbqfYv3Mj9DjYbpkY9k5E9/oXHBmvP+g=
X-Yahoo-Newman-Property: ymail-3
X-YMail-OSG: pcHwChcVM1mU0w2KMjKiVef68dEWjlrMKt5xoP_sXb46K8j wQdlrEmPMobFl9LRE6qRFo6q3z0XEBslgjnonL3aP_EFNJZwlWQJNpJy8qpp K7RDBod0WTPZJ.DJ8aX02bNsKZPcmGqsDLEti_ejrWhM1rh3m9JaQatCYKFT 4zN1rOe20CbTgiqj2b152ANUonkNJaTwfulBa_HRfAi2g2oEO3Jrdg6Gn.21 6KPAMWBQ9qssc01Oe7531iVSTYHyjc2SNIEjuTxrqE6PRgOiLS4uk6Dzqm3m f2bj6COMV47V6ldZxM7ZCobmNXfdlgfr1oZ_9_F5hSihjuroX6ZBsByOtA0. 6CY4Zwj1uMEaaG19UOpYFrz_vx8YS5CmXBHMnn_cPbbtUkAtzCeXoEncAiBB 3BYfPEBbEZv2tvRm_dzMb88FSzpvjcn2k1DJChSSs.ccsd1SgqZqOdqZR9Fh 0zY6KBhi9HMqzEuIrm6QCMz8siJTMIycpjqhyvKA1fJPgXL6MSfke_.M5Wgr xwGK3Cu5EvRTx5LJU4dmMlaPDdA--
X-Yahoo-SMTP: ZrP3VLSswBDL75pF8ymZHDSu9B.vcMfDPgLJ
Received: from thunderfish.westell.com (turners@71.191.9.94 with plain) by smtp111.biz.mail.mud.yahoo.com with SMTP; 18 Aug 2011 06:01:55 -0700 PDT
Message-ID: <4E4D0D42.5010309@ieca.com>
Date: Thu, 18 Aug 2011 09:01:54 -0400
From: Sean Turner <turners@ieca.com>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:5.0) Gecko/20110624 Thunderbird/5.0
MIME-Version: 1.0
To: "Richard L. Barnes" <rbarnes@bbn.com>, woes@ietf.org
References: <60A80A8A-B8B5-461E-814B-7A243213995E@bbn.com>
In-Reply-To: <60A80A8A-B8B5-461E-814B-7A243213995E@bbn.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Subject: Re: [woes] Proposed JOSE Charter
X-BeenThere: woes@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "Web Object Encryption and Signing \(woes\) BOF discussion list" <woes.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/woes>, <mailto:woes-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/woes>
List-Post: <mailto:woes@ietf.org>
List-Help: <mailto:woes-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/woes>, <mailto:woes-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 18 Aug 2011 13:01:06 -0000

Richard,

Thanks for pulling this together.

All,

I've forwarded this to the IESG secretariat for inclusion on the 
2011-08-28 IESG telechat.  Assuming all goes well with the IESG, it'll 
go out to the entire IETF and the new-work mailing list for a two week 
review period.  To ensure no surprises next week with the IESG, I've 
also added it to today's informal IESG telechat (to get first impressions).

spt

On 8/17/11 1:34 PM, Richard L. Barnes wrote:
> Dear ADs,
>
> Please find below an updated charter proposal for a working group on JSON integrity and encryption.  Based on working group discussions, I believe there is consensus around the current text.
>
> Changes from<http://www.ietf.org/mail-archive/web/woes/current/msg00160.html>ml>:
> -- Moved milestone dates forward 5 months
> -- Changed "signing" to "integrity protection", to encompass asymmetric and symmetric
>
> Thanks,
> --Richard
>
>
>
>
> Javascript Object Signing and Encryption (jose)
> =================================================
>
> Background
> ----------
>
> Javascript Object Notation (JSON) is a text format for the serialization of structured data described in RFC 4627. The JSON format is often used for serializing and transmitting structured data over a network connection. With the increased usage of JSON in protocols in the IETF and elsewhere, there is now a desire to offer security services such as encryption, digital signatures, and message authentication codes (MACs) for data that is being carried in JSON format.
>
> Different proposals for providing such security services have already been defined and implemented. This Working Group's task is to standardize two security services, integrity protection (signature and MAC) and encryption, in order to increase interoperability of security features between protocols that use JSON.  The Working Group will base its work on well-known message security primitives (e.g., CMS), and will solicit input from the rest of the IETF Security Area to be sure that the security functionality in the JSON format is correct.
>
> This group is chartered to work on four documents:
>
> 1) A Standards Track document specifying how to apply JSON-structured integrity protection to data, including (but not limited to) JSON data structures.  "Integrity protection" includes public-key digital signatures as well as symmetric-key MACs.
>
> 2) A Standards Track document specifying how to apply a JSON-structured encryption to data, including (but not limited to) JSON data structures.
>
> 3) A Standards Track document specifying how to encode public keys as JSON-structured objects.
>
> 4) A Standards Track document specifying mandatory-to-implement algorithms for the other three documents.
>
> The working group may decide to address one or more of these goals in a single document, in which case the concrete milestones for signing/encryption below will both be satisfied by the single document.
>
> Goals and Milestones
> --------------------
>
> Jan 2012    Submit JSON object integrity document as a WG item.
>
> Jan 2012    Submit JSON object encryption document as a WG item.
>
> Jan 2012    Submit JSON key format document as a WG item.
>
> Jan 2012    Submit JSON algoritm document as a WG item.
>
> Jun 2012    Start Working Group Last Call on JSON object integrity document.
>
> Jun 2012    Start Working Group Last Call on JSON object encryption document.
>
> Jun 2012    Start Working Group Last Call on JSON key format document.
>
> Jun 2012    Start Working Group Last Call on JSON algorithm document.
>
> Jul 2012    Submit JSON object integrity document to IESG for consideration as
> Standards Track document.
>
> Jul 2012    Submit JSON object encryption document to IESG for consideration
> as Standards Track document.
>
> Jul 2012    Submit JSON key format document to IESG for consideration
> as Standards Track document.
>
> Jul 2012    Submit JSON algorithm document to IESG for consideration
> as Standards Track document.
>
>
>