Re: [woes] New WOES charter proposal

Anthony Nadalin <tonynad@microsoft.com> Fri, 08 July 2011 16:16 UTC

Return-Path: <tonynad@microsoft.com>
X-Original-To: woes@ietfa.amsl.com
Delivered-To: woes@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 97B2521F8B92 for <woes@ietfa.amsl.com>; Fri, 8 Jul 2011 09:16:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.467
X-Spam-Level:
X-Spam-Status: No, score=-7.467 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8, UNRESOLVED_TEMPLATE=3.132]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1IDVY0ZFx6Ol for <woes@ietfa.amsl.com>; Fri, 8 Jul 2011 09:16:07 -0700 (PDT)
Received: from smtp.microsoft.com (mailc.microsoft.com [131.107.115.214]) by ietfa.amsl.com (Postfix) with ESMTP id D6A9621F8BB0 for <woes@ietf.org>; Fri, 8 Jul 2011 09:16:06 -0700 (PDT)
Received: from TK5EX14MLTC101.redmond.corp.microsoft.com (157.54.79.178) by TK5-EXGWY-E803.partners.extranet.microsoft.com (10.251.56.169) with Microsoft SMTP Server (TLS) id 8.2.176.0; Fri, 8 Jul 2011 09:15:59 -0700
Received: from DB3EHSOBE005.bigfish.com (157.54.51.113) by mail.microsoft.com (157.54.79.178) with Microsoft SMTP Server (TLS) id 14.1.323.2; Fri, 8 Jul 2011 09:15:58 -0700
Received: from mail117-db3-R.bigfish.com (10.3.81.242) by DB3EHSOBE005.bigfish.com (10.3.84.25) with Microsoft SMTP Server id 14.1.225.22; Fri, 8 Jul 2011 16:15:57 +0000
Received: from mail117-db3 (localhost.localdomain [127.0.0.1]) by mail117-db3-R.bigfish.com (Postfix) with ESMTP id 333B01400408 for <woes@ietf.org.FOPE.CONNECTOR.OVERRIDE>; Fri, 8 Jul 2011 16:15:57 +0000 (UTC)
X-SpamScore: -36
X-BigFish: PS-36(zz9371M542M1432N98dKzz1202h1082kzz1033IL8275dhz31h2a8h668h839h944h61h)
X-Spam-TCS-SCL: 0:0
X-Forefront-Antispam-Report: CIP:157.55.61.146; KIP:(null); UIP:(null); IPV:SKI; H:CH1PRD0302HT002.namprd03.prod.outlook.com; R:internal; EFV:INT
Received-SPF: softfail (mail117-db3: transitioning domain of microsoft.com does not designate 157.55.61.146 as permitted sender) client-ip=157.55.61.146; envelope-from=tonynad@microsoft.com; helo=CH1PRD0302HT002.namprd03.prod.outlook.com ; .outlook.com ;
Received: from mail117-db3 (localhost.localdomain [127.0.0.1]) by mail117-db3 (MessageSwitch) id 1310141756925066_11497; Fri, 8 Jul 2011 16:15:56 +0000 (UTC)
Received: from DB3EHSMHS015.bigfish.com (unknown [10.3.81.244]) by mail117-db3.bigfish.com (Postfix) with ESMTP id DC84B170053; Fri, 8 Jul 2011 16:15:56 +0000 (UTC)
Received: from CH1PRD0302HT002.namprd03.prod.outlook.com (157.55.61.146) by DB3EHSMHS015.bigfish.com (10.3.87.115) with Microsoft SMTP Server (TLS) id 14.1.225.22; Fri, 8 Jul 2011 16:15:55 +0000
Received: from CH1PRD0302MB115.namprd03.prod.outlook.com ([169.254.1.23]) by CH1PRD0302HT002.namprd03.prod.outlook.com ([10.28.28.64]) with mapi id 14.01.0225.056; Fri, 8 Jul 2011 16:15:53 +0000
From: Anthony Nadalin <tonynad@microsoft.com>
To: "Richard L. Barnes" <rbarnes@bbn.com>
Thread-Topic: [woes] New WOES charter proposal
Thread-Index: AQHMPNilFU944g7pLkKbBiuQjc0TyJThXKaQgAAeogCAAAM/gIAAIJwQgADgWwCAABm8YA==
Date: Fri, 8 Jul 2011 16:15:52 +0000
Message-ID: <B26C1EF377CB694EAB6BDDC8E624B6E723162E9F@CH1PRD0302MB115.namprd03.prod.outlook.com>
References: <B2ABF893-10E6-496A-8F63-FFA2C9C89541@vpnc.org> <0DE0E2DE-A2FC-40DF-978B-594658571658@vpnc.org> <B26C1EF377CB694EAB6BDDC8E624B6E723160841@CH1PRD0302MB115.namprd03.prod.outlook.com> <23656536-E4BA-41BE-AA61-A23654246826@gmx.net> <A42506AF-BE66-4308-AD7B-03B4323D87CE@vpnc.org> <B26C1EF377CB694EAB6BDDC8E624B6E723162B27@CH1PRD0302MB115.namprd03.prod.outlook.com> <2478222E-0C0F-4CB9-B6D0-D8798AF8B86E@bbn.com>
In-Reply-To: <2478222E-0C0F-4CB9-B6D0-D8798AF8B86E@bbn.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.28.29.165]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OrganizationHeadersPreserved: CH1PRD0302HT002.namprd03.prod.outlook.com
X-FOPE-CONNECTOR: Id%0$Dn%*$RO%0$TLS%0$FQDN%$TlsDn%
X-FOPE-CONNECTOR: Id%59$Dn%BBN.COM$RO%2$TLS%6$FQDN%131.107.125.5$TlsDn%
X-FOPE-CONNECTOR: Id%59$Dn%VPNC.ORG$RO%2$TLS%6$FQDN%131.107.125.5$TlsDn%
X-FOPE-CONNECTOR: Id%59$Dn%GMX.NET$RO%2$TLS%6$FQDN%131.107.125.5$TlsDn%
X-FOPE-CONNECTOR: Id%59$Dn%IETF.ORG$RO%2$TLS%6$FQDN%131.107.125.5$TlsDn%
X-OriginatorOrg: microsoft.com
X-CrossPremisesHeadersPromoted: TK5EX14MLTC101.redmond.corp.microsoft.com
X-CrossPremisesHeadersFiltered: TK5EX14MLTC101.redmond.corp.microsoft.com
Cc: Paul Hoffman <paul.hoffman@vpnc.org>, "woes@ietf.org" <woes@ietf.org>
Subject: Re: [woes] New WOES charter proposal
X-BeenThere: woes@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "Web Object Encryption and Signing \(woes\) BOF discussion list" <woes.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/woes>, <mailto:woes-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/woes>
List-Post: <mailto:woes@ietf.org>
List-Help: <mailto:woes-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/woes>, <mailto:woes-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 08 Jul 2011 16:16:07 -0000

So I don't expect that equivalence would have to be ASN.1 structures or DER/BER encodings. I would also not to have to support full objects like SignedData.

-----Original Message-----
From: Richard L. Barnes [mailto:rbarnes@bbn.com] 
Sent: Friday, July 08, 2011 7:38 AM
To: Anthony Nadalin
Cc: Paul Hoffman; Hannes Tschofenig; woes@ietf.org
Subject: Re: [woes] New WOES charter proposal

<hat type="individual"/>

As I read that part of the charter, I understood it to suggest that there should be some sort of logical equivalence between the two encodings -- that the parts of the WOES object should correspond to some subset of the parts in a CMS object.  Kind of like the JSMS proposal does now.  

It seems like this gets around Sean's concern about re-designing a security protocol, and actually saves some design work, because you can push hard things off to RFC 5652.  At the same time, it keeps you free to make a compact encoding; you can use "s" instead of "Signer" as long as you say so in the spec.

--Richard



On Jul 7, 2011, at 9:18 PM, Anthony Nadalin wrote:

> Concern is if folks think that the same formats have to be preserved and same algorithms, etc. If it is simply signing and encrypting and that can be done in any format and algorithms then I think we are fine, but it should be made a little clearer and say something like "similar signing and encrypting function that CMS provides"
> 
> -----Original Message-----
> From: Paul Hoffman [mailto:paul.hoffman@vpnc.org] 
> Sent: Thursday, July 07, 2011 4:18 PM
> To: Hannes Tschofenig
> Cc: Anthony Nadalin; woes@ietf.org
> Subject: Re: [woes] New WOES charter proposal
> 
> On Jul 7, 2011, at 4:06 PM, Hannes Tschofenig wrote:
> 
>> And what does it mean to "base it on CMS"? 
>> 
>> It could, for example, mean that 
>> 1) the same functionality as CMS has to be provided (but with a JSON encoding)
>> 2) folks should look at CMS to get inspired
>> 3) for a chosen subset of CMS that the JSON-based realization must be semantically equivalent (for example, to make translation easy or so)
>> 4) re-use of parts is encouraged (such as registries, etc.) 
>> 
>> What did you had in mind, Paul? 
> 
> I was reflecting an earlier message from our AD. On Jun 14, 2011, at 9:31 AM, Sean Turner wrote:
> 
>> In Prague, I thought the goal was pretty straightforward: JSONize CMS.
> 
> 
> That seems clear to me. It's closer to your #1 above, but the rest of the proposed charter makes it clear that it is a subset of CMS, namely signing and encrypting.
> 
> --Paul Hoffman
> 
> 
> 
> 
> 
> _______________________________________________
> woes mailing list
> woes@ietf.org
> https://www.ietf.org/mailman/listinfo/woes