Re: [woes] Proposed charter, post-Quebec edition
Sean Turner <turners@ieca.com> Thu, 04 August 2011 13:02 UTC
Return-Path: <turners@ieca.com>
X-Original-To: woes@ietfa.amsl.com
Delivered-To: woes@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5D1D021F8888 for <woes@ietfa.amsl.com>; Thu, 4 Aug 2011 06:02:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.229
X-Spam-Level:
X-Spam-Status: No, score=-102.229 tagged_above=-999 required=5 tests=[AWL=0.369, BAYES_00=-2.599, UNPARSEABLE_RELAY=0.001, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VD1Tc6yzEfAN for <woes@ietfa.amsl.com>; Thu, 4 Aug 2011 06:02:53 -0700 (PDT)
Received: from nm26-vm0.access.bullet.mail.mud.yahoo.com (nm26-vm0.access.bullet.mail.mud.yahoo.com [66.94.236.225]) by ietfa.amsl.com (Postfix) with SMTP id AC8C021F8698 for <woes@ietf.org>; Thu, 4 Aug 2011 06:02:53 -0700 (PDT)
Received: from [66.94.237.198] by nm26.access.bullet.mail.mud.yahoo.com with NNFMP; 04 Aug 2011 13:03:03 -0000
Received: from [98.139.221.60] by tm9.access.bullet.mail.mud.yahoo.com with NNFMP; 04 Aug 2011 13:03:03 -0000
Received: from [127.0.0.1] by smtp101.biz.mail.bf1.yahoo.com with NNFMP; 04 Aug 2011 13:03:02 -0000
X-Yahoo-Newman-Id: 991537.455.bm@smtp101.biz.mail.bf1.yahoo.com
X-Yahoo-Newman-Property: ymail-3
X-YMail-OSG: u3eNkAwVM1m5mOmEfqmyYGwN2BJ1CvVBcUJ8FGks4AXHMcU M6FdVWSjr953lpX3sxnY3G5X8myFYooHIUC0ZMtJuNwBM_He7l0hG03qQ4oy yEoacW0qdeVhBitfjJbKeUymF.Nrlm9Q1szROyUQK2hodAUfNN4UeF6Nl7U0 O9vQCKObQW1fBFahQG6p7nVsPTDNbDLIGui1IEz3bNlSkZlR0A5qgxhZUnKy LTZxFmqt9D3kMTLjpZobO8tonIpHUEKFlo6kZ5_6iBfWq9yd9.FLGy04j.fx PO1oyUnsv3kqAxPMIRx5Ipt_Mv7L7d8SIZx9fbis.qZIpNt3Rzxy9Jc3vGog gG6ingA5qdKOrzqgGjAd5xQupzPJvv_jvHh52LdR.VO3oZaY5QLhKAGp8GPu 9SSpvKiENIlTtbUUAyoKrDw--
X-Yahoo-SMTP: ZrP3VLSswBDL75pF8ymZHDSu9B.vcMfDPgLJ
Received: from thunderfish.westell.com (turners@96.231.115.219 with plain) by smtp101.biz.mail.bf1.yahoo.com with SMTP; 04 Aug 2011 06:03:02 -0700 PDT
Message-ID: <4E3A9885.50600@ieca.com>
Date: Thu, 04 Aug 2011 09:03:01 -0400
From: Sean Turner <turners@ieca.com>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:5.0) Gecko/20110624 Thunderbird/5.0
MIME-Version: 1.0
To: woes@ietf.org
References: <4F25253E-A870-4956-AAB1-20890B655984@vpnc.org>
In-Reply-To: <4F25253E-A870-4956-AAB1-20890B655984@vpnc.org>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
Subject: Re: [woes] Proposed charter, post-Quebec edition
X-BeenThere: woes@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "Web Object Encryption and Signing \(woes\) BOF discussion list" <woes.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/woes>, <mailto:woes-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/woes>
List-Post: <mailto:woes@ietf.org>
List-Help: <mailto:woes-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/woes>, <mailto:woes-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 04 Aug 2011 13:02:54 -0000
On 8/2/11 7:13 PM, Paul Hoffman wrote: > Here is a proposal for the charter based on the discussion in the BoF last week and later discussion with Sean Turner. Comments, praise, scorn, etc., are welcome. > > --Paul and Richard > > Javascript Object Signing and Encrypting (jose) > =============================================== > > Background > ---------- > > Javascript Object Notation (JSON) is a text format for the serialization of structured data described in RFC 4627. The JSON format is often used for serializing and transmitting structured data over a network connection. With the increased usage of JSON in protocols in the IETF and elsewhere, there is now a desire to offer security services such as encryption and digital signatures for data that is being carried in JSON format. > > Different proposals for providing such security services have already been defined and implemented. This Working Group's task is to standardize two security services, encrypting and digitally signing, in order to increase interoperability of security features between protocols that use JSON. The Working Group will base its work on well-known message security primitives (e.g., CMS), and will solicit input from the rest of the IETF Security Area to be sure that the security functionality in the JSON format is correct. > > This group is chartered to work on four documents: > > 1) A Standards Track document specifying how to apply a JSON-structured digital signature to data, including (but not limited to) JSON data structures. "Digital signature" is defined as a hash operation followed by a signature operation using asymmetric keys. I just want to make sure that we agree now that a digital signature is a hash followed by a signature algorithm (e.g., RSA with SHA-256). I've seen a couple of drafts that tried to say an HMAC (e.g., HMAC-SHA256) was a digital signature; one called it a symmetric key based digital signature algorithm (note this phrase didn't get through the IESG). > 2) A Standards Track document specifying how to apply a JSON-structured encryption to data, including (but not limited to) JSON data structures. > > 3) A Standards Track document specifying how to encode public keys as JSON-structured objects. > > 4) A Standards Track document specifying mandatory-to-implement algorithms for the other three documents. I think this addition is good. In the past we've bundled the MTI algorithms with the protocol and then reving the MTI algorithms caused unnecessary churn on the protocol even if the protocol is stable. I also think this draft need not only include MTI algorithms, but the draft definitely needs to say which ones are the MTI algorithms. > The working group may decide to address one or more of these goals in a single document, in which case the concrete milestones for signing/encryption below will both be satisfied by the single document. > > Goals and Milestones > -------------------- > > Aug 2011 Submit JSON object signing document as a WG item. > > Aug 2011 Submit JSON object encryption document as a WG item. > > Aug 2011 Submit JSON key format document as a WG item. > > Aug 2011 Submit JSON algoritm document as a WG item. > > Jan 2012 Start Working Group Last Call on JSON object signing document. > > Jan 2012 Start Working Group Last Call on JSON object encryption document. > > Jan 2012 Start Working Group Last Call on JSON key format document. > > Jan 2012 Start Working Group Last Call on JSON algorithm document. > > Feb 2012 Submit JSON object signing document to IESG for consideration as > Standards Track document. > > Feb 2012 Submit JSON object encryption document to IESG for consideration > as Standards Track document. > > Feb 2012 Submit JSON key format document to IESG for consideration > as Standards Track document. > > Feb 2012 Submit JSON algorithm document to IESG for consideration > as Standards Track document. The dates are little ambitious. Just based on the process, I doubt this can be charter by the end of August. I'd swap Aug->Oct, Jan->Mar, and leave Feb as-is. spt
- Re: [woes] Proposed charter, post-Quebec edition Sean Turner
- [woes] Proposed charter, post-Quebec edition Paul Hoffman
- Re: [woes] Proposed charter, post-Quebec edition Peter Saint-Andre
- Re: [woes] Proposed charter, post-Quebec edition Paul Hoffman
- Re: [woes] Proposed charter, post-Quebec edition Matt Miller
- Re: [woes] Proposed charter, post-Quebec edition Thomas Hardjono
- Re: [woes] Proposed charter, post-Quebec edition Matt Miller
- Re: [woes] Proposed charter, post-Quebec edition Thomas Hardjono
- Re: [woes] Proposed charter, post-Quebec edition Peter Saint-Andre
- Re: [woes] Proposed charter, post-Quebec edition Peter Saint-Andre
- Re: [woes] Proposed charter, post-Quebec edition Paul C. Bryan
- Re: [woes] Proposed charter, post-Quebec edition Matt Miller
- Re: [woes] Proposed charter, post-Quebec edition Phillip Hallam-Baker
- Re: [woes] Proposed charter, post-Quebec edition Phillip Hallam-Baker
- Re: [woes] Proposed charter, post-Quebec edition John Bradley
- Re: [woes] Proposed charter, post-Quebec edition John Bradley
- Re: [woes] Proposed charter, post-Quebec edition Phillip Hallam-Baker
- Re: [woes] Proposed charter, post-Quebec edition John Bradley
- Re: [woes] Proposed charter, post-Quebec edition Sean Turner
- Re: [woes] Proposed charter, post-Quebec edition Phillip Hallam-Baker
- Re: [woes] Proposed charter, post-Quebec edition Phillip Hallam-Baker
- Re: [woes] Proposed charter, post-Quebec edition John Bradley
- Re: [woes] Proposed charter, post-Quebec edition John Bradley
- Re: [woes] Proposed charter, post-Quebec edition Phillip Hallam-Baker
- Re: [woes] Proposed charter, post-Quebec edition Matt Miller
- Re: [woes] Proposed charter, post-Quebec edition John Bradley
- Re: [woes] Proposed charter, post-Quebec edition Paul C. Bryan
- Re: [woes] Proposed charter, post-Quebec edition Paul Hoffman
- Re: [woes] Proposed charter, post-Quebec edition Eric Rescorla
- Re: [woes] Proposed charter, post-Quebec edition Paul Hoffman
- Re: [woes] Proposed charter, post-Quebec edition Paul C. Bryan
- Re: [woes] Proposed charter, post-Quebec edition Jeremy Laurenson
- Re: [woes] Proposed charter, post-Quebec edition Richard L. Barnes
- Re: [woes] Proposed charter, post-Quebec edition Hal Lockhart
- [woes] Naked Public Key, was: RE: Proposed charte… Hal Lockhart
- Re: [woes] Naked Public Key, was: RE: Proposed ch… Eric Rescorla
- Re: [woes] Proposed charter, post-Quebec edition Joe Hildebrand
- Re: [woes] Naked Public Key, was: RE: Proposed ch… Joe Hildebrand
- Re: [woes] Naked Public Key, was: RE: Proposed ch… Leif Johansson
- Re: [woes] Naked Public Key, was: RE: Proposed ch… Phillip Hallam-Baker
- Re: [woes] Naked Public Key, was: RE: Proposed ch… Leif Johansson
- Re: [woes] Naked Public Key, was: RE: Proposed ch… John Bradley
- Re: [woes] Naked Public Key, was: RE: Proposed ch… Eric Rescorla
- Re: [woes] Naked Public Key, was: RE: Proposed ch… Leif Johansson
- Re: [woes] Naked Public Key, was: RE: Proposed ch… Phillip Hallam-Baker
- Re: [woes] Naked Public Key, was: RE: Proposed ch… Phillip Hallam-Baker
- Re: [woes] Naked Public Key, was: RE: Proposed ch… Eric Rescorla
- Re: [woes] Naked Public Key, was: RE: Proposed ch… Sean Turner
- Re: [woes] Proposed charter, post-Quebec edition Sean Turner
- Re: [woes] Proposed charter, post-Quebec edition Sean Turner
- Re: [woes] Naked Public Key, was: RE: Proposed ch… Phillip Hallam-Baker
- Re: [woes] Proposed charter, post-Quebec edition Phillip Hallam-Baker
- Re: [woes] Proposed charter, post-Quebec edition Phillip Hallam-Baker
- Re: [woes] Naked Public Key, was: RE: Proposed ch… Sean Turner
- Re: [woes] Proposed charter, post-Quebec edition Sean Turner
- Re: [woes] Naked Public Key, was: RE: Proposed ch… Phillip Hallam-Baker
- Re: [woes] Proposed charter, post-Quebec edition Jeremy Laurenson
- Re: [woes] Naked Public Key, was: RE: Proposed ch… Leif Johansson
- Re: [woes] Proposed charter, post-Quebec edition Phillip Hallam-Baker
- Re: [woes] Naked Public Key, was: RE: Proposed ch… Phillip Hallam-Baker
- Re: [woes] Naked Public Key, was: RE: Proposed ch… Joe Hildebrand
- Re: [woes] Naked Public Key, was: RE: Proposed ch… John Bradley
- Re: [woes] Naked Public Key, was: RE: Proposed ch… Leif Johansson
- Re: [woes] Proposed charter, post-Quebec edition Hal Lockhart
- Re: [woes] Naked Public Key, was: RE: Proposed ch… Hal Lockhart
- Re: [woes] Naked Public Key, was: RE: Proposed ch… Paul C. Bryan
- Re: [woes] Naked Public Key, was: RE: Proposed ch… Ben Adida
- Re: [woes] Naked Public Key, was: RE: Proposed ch… John Bradley
- Re: [woes] Naked Public Key, was: RE: Proposed ch… Paul C. Bryan
- Re: [woes] Naked Public Key, was: RE: Proposed ch… John Bradley
- Re: [woes] Naked Public Key, was: RE: Proposed ch… Ben Adida
- Re: [woes] Naked Public Key, was: RE: Proposed ch… John Bradley
- Re: [woes] Naked Public Key, was: RE: Proposed ch… Hal Lockhart
- [woes] Support multiple Crypto algorithms? was RE… Hal Lockhart
- Re: [woes] Support multiple Crypto algorithms? wa… John Bradley
- Re: [woes] Support multiple Crypto algorithms? wa… Paul C. Bryan
- Re: [woes] Support multiple Crypto algorithms? wa… Joe Hildebrand
- Re: [woes] Support multiple Crypto algorithms? wa… Richard L. Barnes
- Re: [woes] Support multiple Crypto algorithms? wa… Phillip Hallam-Baker
- Re: [woes] Support multiple Crypto algorithms? wa… Thomas Hardjono
- Re: [woes] Support multiple Crypto algorithms? wa… Joe Hildebrand
- Re: [woes] Support multiple Crypto algorithms? wa… Thomas Hardjono
- Re: [woes] Support multiple Crypto algorithms? wa… Joe Hildebrand
- Re: [woes] Support multiple Crypto algorithms? wa… Thomas Hardjono
- Re: [woes] Support multiple Crypto algorithms? wa… Joe Hildebrand