Re: [woes] Proposed charter, post-Quebec edition

Peter Saint-Andre <stpeter@stpeter.im> Wed, 03 August 2011 02:23 UTC

Return-Path: <stpeter@stpeter.im>
X-Original-To: woes@ietfa.amsl.com
Delivered-To: woes@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C0ADF11E8081 for <woes@ietfa.amsl.com>; Tue, 2 Aug 2011 19:23:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.572
X-Spam-Level:
X-Spam-Status: No, score=-102.572 tagged_above=-999 required=5 tests=[AWL=0.027, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fxVgUknqvXlb for <woes@ietfa.amsl.com>; Tue, 2 Aug 2011 19:23:09 -0700 (PDT)
Received: from stpeter.im (mailhost.stpeter.im [207.210.219.225]) by ietfa.amsl.com (Postfix) with ESMTP id D59F111E8077 for <woes@ietf.org>; Tue, 2 Aug 2011 19:23:08 -0700 (PDT)
Received: from squire.local (unknown [216.17.251.72]) (Authenticated sender: stpeter) by stpeter.im (Postfix) with ESMTPSA id 16D2541326; Tue, 2 Aug 2011 20:24:38 -0600 (MDT)
Message-ID: <4E38B10B.8060202@stpeter.im>
Date: Tue, 02 Aug 2011 20:23:07 -0600
From: Peter Saint-Andre <stpeter@stpeter.im>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.5; rv:5.0) Gecko/20110624 Thunderbird/5.0
MIME-Version: 1.0
To: Paul Hoffman <paul.hoffman@vpnc.org>
References: <4F25253E-A870-4956-AAB1-20890B655984@vpnc.org>
In-Reply-To: <4F25253E-A870-4956-AAB1-20890B655984@vpnc.org>
X-Enigmail-Version: 1.2
OpenPGP: url=https://stpeter.im/stpeter.asc
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
Cc: woes@ietf.org
Subject: Re: [woes] Proposed charter, post-Quebec edition
X-BeenThere: woes@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "Web Object Encryption and Signing \(woes\) BOF discussion list" <woes.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/woes>, <mailto:woes-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/woes>
List-Post: <mailto:woes@ietf.org>
List-Help: <mailto:woes-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/woes>, <mailto:woes-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 03 Aug 2011 02:23:09 -0000

Looks good, although the dates seem a mite aggressive, especially since
it's doubtful that the WG would be approved this month (given the need
for internal IESG review, external review, and an IESG decision).

On 8/2/11 5:13 PM, Paul Hoffman wrote:
> Here is a proposal for the charter based on the discussion in the BoF last week and later discussion with Sean Turner. Comments, praise, scorn, etc., are welcome.
> 
> --Paul and Richard
> 
> Javascript Object Signing and Encrypting (jose)
> ===============================================
> 
> Background 
> ----------
> 
> Javascript Object Notation (JSON) is a text format for the serialization of structured data described in RFC 4627. The JSON format is often used for serializing and transmitting structured data over a network connection. With the increased usage of JSON in protocols in the IETF and elsewhere, there is now a desire to offer security services such as encryption and digital signatures for data that is being carried in JSON format.
> 
> Different proposals for providing such security services have already been defined and implemented. This Working Group's task is to standardize two security services, encrypting and digitally signing, in order to increase interoperability of security features between protocols that use JSON.  The Working Group will base its work on well-known message security primitives (e.g., CMS), and will solicit input from the rest of the IETF Security Area to be sure that the security functionality in the JSON format is correct.
> 
> This group is chartered to work on four documents:
> 
> 1) A Standards Track document specifying how to apply a JSON-structured digital signature to data, including (but not limited to) JSON data structures. "Digital signature" is defined as a hash operation followed by a signature operation using asymmetric keys.
> 
> 2) A Standards Track document specifying how to apply a JSON-structured encryption to data, including (but not limited to) JSON data structures.
> 
> 3) A Standards Track document specifying how to encode public keys as JSON-structured objects.
> 
> 4) A Standards Track document specifying mandatory-to-implement algorithms for the other three documents.
> 
> The working group may decide to address one or more of these goals in a single document, in which case the concrete milestones for signing/encryption below will both be satisfied by the single document.
> 
> Goals and Milestones 
> --------------------
> 
> Aug 2011    Submit JSON object signing document as a WG item.
> 
> Aug 2011    Submit JSON object encryption document as a WG item.
> 
> Aug 2011    Submit JSON key format document as a WG item.
> 
> Aug 2011    Submit JSON algoritm document as a WG item.
> 
> Jan 2012    Start Working Group Last Call on JSON object signing document.
> 
> Jan 2012    Start Working Group Last Call on JSON object encryption document.
> 
> Jan 2012    Start Working Group Last Call on JSON key format document.
> 
> Jan 2012    Start Working Group Last Call on JSON algorithm document.
> 
> Feb 2012    Submit JSON object signing document to IESG for consideration as 
> Standards Track document.
> 
> Feb 2012    Submit JSON object encryption document to IESG for consideration 
> as Standards Track document.
> 
> Feb 2012    Submit JSON key format document to IESG for consideration 
> as Standards Track document.
> 
> Feb 2012    Submit JSON algorithm document to IESG for consideration 
> as Standards Track document.