[woes] New WOES charter proposal

Paul Hoffman <paul.hoffman@vpnc.org> Tue, 05 July 2011 20:44 UTC

Return-Path: <paul.hoffman@vpnc.org>
X-Original-To: woes@ietfa.amsl.com
Delivered-To: woes@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B3E3F21F890F for <woes@ietfa.amsl.com>; Tue, 5 Jul 2011 13:44:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.599
X-Spam-Level:
X-Spam-Status: No, score=-102.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id aDt2w6eQBfwU for <woes@ietfa.amsl.com>; Tue, 5 Jul 2011 13:44:23 -0700 (PDT)
Received: from hoffman.proper.com (IPv6.Hoffman.Proper.COM [IPv6:2605:8e00:100:41::81]) by ietfa.amsl.com (Postfix) with ESMTP id 509E821F88FD for <woes@ietf.org>; Tue, 5 Jul 2011 13:44:17 -0700 (PDT)
Received: from sn87.proper.com (sn87.proper.com [75.101.18.87]) (authenticated bits=0) by hoffman.proper.com (8.14.4/8.14.3) with ESMTP id p65Khx8K065036 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NO) for <woes@ietf.org>; Tue, 5 Jul 2011 13:44:00 -0700 (MST) (envelope-from paul.hoffman@vpnc.org)
From: Paul Hoffman <paul.hoffman@vpnc.org>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: quoted-printable
Date: Tue, 5 Jul 2011 13:44:07 -0700
Message-Id: <B2ABF893-10E6-496A-8F63-FFA2C9C89541@vpnc.org>
To: woes@ietf.org
Mime-Version: 1.0 (Apple Message framework v1084)
X-Mailer: Apple Mail (2.1084)
Subject: [woes] New WOES charter proposal
X-BeenThere: woes@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "Web Object Encryption and Signing \(woes\) BOF discussion list" <woes.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/woes>, <mailto:woes-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/woes>
List-Post: <mailto:woes@ietf.org>
List-Help: <mailto:woes-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/woes>, <mailto:woes-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 05 Jul 2011 20:44:23 -0000

Greetings again. After discussion with our ADs about having a much more limited charter than what was initially proposed, Richard Barnes and I have come up with the following. We would like this discussed as much as possible on the list before the Quebec meeting so that the meeting can be about finalizing the charter. Thus, comments are welcome.

We also note that the WG might want to change its name to JOES (JavaScript Object Encryption and Signing) to make its work clearer to people who don't read the first paragraph of the charter.

Web Object Encryption and Signing (woes) 
========================================

Background 
----------

JSON is a text format for the serialization of structured data described in RFC 4627. The JSON format is often used for serializing and transmitting structured data over a network connection. With the increased usage of JSON in protocols in the IETF and elsewhere, there is now a desire to offer security services such as object encryption and message signing for data that is being carried in JSON format.

Different proposals for providing such security services have already been defined and implemented. This Working Group's task is to standardize two security services, encrypting and digitally signing, in order to increase interoperability of security features between protocols that use JSON. The Working Group will base its work on the Cryptographic Message Syntax (CMS), and will solicit input from the rest of the IETF Security Area to be sure that the security functionality in the JSON format is correct.

This group is chartered to work on one or two documents:

1) A Standards Track document specifying how to apply a JSON-structured digital signature to data, including (but not limited to) JSON data structures.

2) A Standards Track document specifying how to apply a JSON-structured encryption to data, including (but not limited to) JSON data structures.

The working group may decide to address both of these goals in a single document, in which case the concrete milestones for signing/encryption below will both be satisfied by the single document.

Goals and Milestones 
--------------------

Aug 2011    Submit JSON object signing document as a WG item.

Aug 2011    Submit JSON object encryption document as a WG item.

Jan 2012    Start Working Group Last Call on JSON object signing document.

Jan 2012    Start Working Group Last Call on JSON object encryption document.

Feb 2012    Submit JSON object signing document to IESG for consideration as 
Standards Track document.

Feb 2012    Submit JSON object encryption document to IESG for consideration 
as Standards Track document.

--Paul Hoffman