Re: [woes] New WOES charter proposal
"Paul C. Bryan" <paul.bryan@forgerock.com> Mon, 25 July 2011 17:00 UTC
Return-Path: <paul.bryan@forgerock.com>
X-Original-To: woes@ietfa.amsl.com
Delivered-To: woes@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0B32311E8080 for <woes@ietfa.amsl.com>; Mon, 25 Jul 2011 10:00:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.598
X-Spam-Level:
X-Spam-Status: No, score=-6.598 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KDIkxp7vEX1t for <woes@ietfa.amsl.com>; Mon, 25 Jul 2011 10:00:06 -0700 (PDT)
Received: from eu1sys200aog120.obsmtp.com (eu1sys200aog120.obsmtp.com [207.126.144.149]) by ietfa.amsl.com (Postfix) with SMTP id 02F0B21F888A for <woes@ietf.org>; Mon, 25 Jul 2011 10:00:01 -0700 (PDT)
Received: from mail-pz0-f48.google.com ([209.85.210.48]) (using TLSv1) by eu1sys200aob120.postini.com ([207.126.147.11]) with SMTP ID DSNKTi2hCUEI30wQb2/ZSnR6h7JC0Tv9pY15@postini.com; Mon, 25 Jul 2011 17:00:05 UTC
Received: by pzk32 with SMTP id 32so11196782pzk.35 for <woes@ietf.org>; Mon, 25 Jul 2011 09:59:50 -0700 (PDT)
Received: by 10.68.15.225 with SMTP id a1mr8208672pbd.15.1311613189059; Mon, 25 Jul 2011 09:59:49 -0700 (PDT)
Received: from [192.168.1.177] (S0106001346fbe4af.vf.shawcable.net [174.1.44.35]) by mx.google.com with ESMTPS id g4sm4728001pbj.25.2011.07.25.09.59.48 (version=TLSv1/SSLv3 cipher=OTHER); Mon, 25 Jul 2011 09:59:48 -0700 (PDT)
From: "Paul C. Bryan" <paul.bryan@forgerock.com>
To: woes@ietf.org
In-Reply-To: <428F491B-718F-4B5D-BF96-C82CE0777A53@bbn.com>
References: <B2ABF893-10E6-496A-8F63-FFA2C9C89541@vpnc.org> <0DE0E2DE-A2FC-40DF-978B-594658571658@vpnc.org> <B26C1EF377CB694EAB6BDDC8E624B6E723160841@CH1PRD0302MB115.namprd03.prod.outlook.com> <23656536-E4BA-41BE-AA61-A23654246826@gmx.net> <A42506AF-BE66-4308-AD7B-03B4323D87CE@vpnc.org> <4E1F6AAD24975D4BA5B168042967394348D3F7F1@TK5EX14MBXC201.redmond.corp.microsoft.com> <4E164455.9020309@cs.tcd.ie> <4E171C20.8000305@dcrocker.net> <4E1F557F.8030500@cs.tcd.ie> <4E20DA1E.1020201@bbiw.net> <4E20DD0B.2080106@cs.tcd.ie> <4E1F6AAD24975D4BA5B168042967394348D4C6D2@TK5EX14MBXC201.redmond.corp.microsoft.com> <428F491B-718F-4B5D-BF96-C82CE0777A53@bbn.com>
Content-Type: multipart/alternative; boundary="=-a6Z+OixzDqHn34C/7TcF"
Date: Mon, 25 Jul 2011 09:59:58 -0700
Message-ID: <1311613198.28852.54.camel@dynamo>
Mime-Version: 1.0
X-Mailer: Evolution 2.30.3
Subject: Re: [woes] New WOES charter proposal
X-BeenThere: woes@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "Web Object Encryption and Signing \(woes\) BOF discussion list" <woes.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/woes>, <mailto:woes-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/woes>
List-Post: <mailto:woes@ietf.org>
List-Help: <mailto:woes-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/woes>, <mailto:woes-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 25 Jul 2011 17:00:07 -0000
I now find myself hoping this is not the beginning someone making a case for ASN.1 encoding in WOES. For my edification, can someone comment on how CMS would likely be referenced in WOES? Would it likely be a normative reference (i.e. key transport/wrapping, as it is in xmlenc-core), or otherwise would it probably be just informational? Paul On Mon, 2011-07-25 at 10:21 -0400, Richard L. Barnes wrote: > <hat type="individual"/> > > It's not clear to me what practical difference this requirement makes. I would expect that the DER encoding of CMS is probably more compact than a comparable JSON format, so you're not optimizing length by using JSON. And JSON doesn't define a URL-safe encoding. If minimizing the size of something in a URL is really your goal, it seems likely that size(base64(cms)) < size(urlencode(json)). > > Or, if you're willing to take the JSON penalty in byte-efficiency, are you trying to argue that there are fields that should be left out relative to CMS? Could you point to some examples? > > --Richard > > > > On Jul 15, 2011, at 9:13 PM, Mike Jones wrote: > > > Some use cases require a compact, URL-safe data representation. For instance, this is needed when the data is passed in a URL query parameter - particularly for feature phone browsers that may limit URLs to 1024 or sometimes even 256 characters. That's one concrete example of something not covered by CMS. > > > > Some end-to-end use cases require a JSON key representation and ways of referring to them. That's another concrete example of something not covered in CMS. > > > > -- Mike > > > > -----Original Message----- > > From: woes-bounces@ietf.org [mailto:woes-bounces@ietf.org] On Behalf Of Stephen Farrell > > Sent: Friday, July 15, 2011 5:36 PM > > To: Dave CROCKER > > Cc: woes@ietf.org > > Subject: Re: [woes] New WOES charter proposal > > > > > > > > On 16/07/11 01:23, Dave CROCKER wrote: > >> > >> On 7/14/2011 1:45 PM, Stephen Farrell wrote: > >>>> The first requirement is for proponents to provide much more > >>>> explicit details about what is being proposed in the use of CMS. > >> ... > >>> Well, I don't really follow your logic there, but we're not aiming to > >>> do a new thing here. > >> ... > >>> Anyway the path for developing yet another crypto format is a pretty > >>> well trodden one and IMO CMS is the best current starting point for > >>> that process, so I think its entirely reasonable to ask people why > >>> they disagree with that. > >>> > >>> It does of course presume familiarity with CMS, but then that should > >>> be a prerequisite for working on woes, really. > >> > >> > >> Steve, > >> > >> Oh. This working group is merely a CMS encoding exercise? That was > >> not at all clear previously. > >> > >> I suspect I am not the only one who missed this as the anchoring and > >> inflexible premise to the work. (For reference, that requires even > >> stronger language than is in the current draft.) > > > > Maybe you could put [] around the sarcasm, given that this is JSON related? :-) > > > > I asked for examples of what's not covered by CMS but is needed here. I did that actually wanting to get an answer since I may well be missing something. (So far, no substantive answer has been offered.) I was not trying to score some rhetorical points. > > > > S. > > _______________________________________________ > > woes mailing list > > woes@ietf.org > > https://www.ietf.org/mailman/listinfo/woes > > > > _______________________________________________ > > woes mailing list > > woes@ietf.org > > https://www.ietf.org/mailman/listinfo/woes > > _______________________________________________ > woes mailing list > woes@ietf.org > https://www.ietf.org/mailman/listinfo/woes
- [woes] New WOES charter proposal Paul Hoffman
- Re: [woes] New WOES charter proposal Mike Jones
- Re: [woes] New WOES charter proposal Paul Hoffman
- Re: [woes] New WOES charter proposal Paul Hoffman
- Re: [woes] New WOES charter proposal Anthony Nadalin
- Re: [woes] New WOES charter proposal Matt Miller
- Re: [woes] New WOES charter proposal Hannes Tschofenig
- Re: [woes] New WOES charter proposal Paul Hoffman
- Re: [woes] New WOES charter proposal Mike Jones
- Re: [woes] New WOES charter proposal Stephen Farrell
- Re: [woes] New WOES charter proposal Sean Turner
- Re: [woes] New WOES charter proposal Anthony Nadalin
- Re: [woes] New WOES charter proposal Richard L. Barnes
- Re: [woes] New WOES charter proposal Dave CROCKER
- Re: [woes] New WOES charter proposal Dave CROCKER
- Re: [woes] New WOES charter proposal Anthony Nadalin
- Re: [woes] New WOES charter proposal Stephen Farrell
- Re: [woes] New WOES charter proposal Stephen Farrell
- Re: [woes] New WOES charter proposal Mike Jones
- Re: [woes] New WOES charter proposal Stephen Farrell
- Re: [woes] New WOES charter proposal John Bradley
- Re: [woes] New WOES charter proposal Dave CROCKER
- Re: [woes] New WOES charter proposal Mike Jones
- Re: [woes] New WOES charter proposal Richard L. Barnes
- Re: [woes] New WOES charter proposal Paul C. Bryan
- Re: [woes] New WOES charter proposal Leif Johansson
- Re: [woes] New WOES charter proposal Matt Miller
- Re: [woes] New WOES charter proposal Paul C. Bryan
- Re: [woes] New WOES charter proposal Torsten Lodderstedt
- Re: [woes] New WOES charter proposal Eric Rescorla
- Re: [woes] New WOES charter proposal Leif Johansson
- Re: [woes] New WOES charter proposal Richard L. Barnes
- Re: [woes] New WOES charter proposal Mike Jones
- Re: [woes] New WOES charter proposal Dave CROCKER
- Re: [woes] New WOES charter proposal Leif Johansson
- Re: [woes] New WOES charter proposal Paul C. Bryan
- Re: [woes] New WOES charter proposal Stephen Farrell
- Re: [woes] New WOES charter proposal Peter Saint-Andre
- Re: [woes] New WOES charter proposal Leif Johansson