Re: [woes] Proposed charter, post-Quebec edition
Phillip Hallam-Baker <hallam@gmail.com> Fri, 05 August 2011 19:04 UTC
Return-Path: <hallam@gmail.com>
X-Original-To: woes@ietfa.amsl.com
Delivered-To: woes@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3801E1F0C3F for <woes@ietfa.amsl.com>; Fri, 5 Aug 2011 12:04:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.628
X-Spam-Level:
X-Spam-Status: No, score=-2.628 tagged_above=-999 required=5 tests=[AWL=-0.696, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1, SARE_HTML_USL_OBFU=1.666]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rCC+2mauGDBq for <woes@ietfa.amsl.com>; Fri, 5 Aug 2011 12:04:31 -0700 (PDT)
Received: from mail-yw0-f44.google.com (mail-yw0-f44.google.com [209.85.213.44]) by ietfa.amsl.com (Postfix) with ESMTP id 503D41F0C35 for <woes@ietf.org>; Fri, 5 Aug 2011 12:04:31 -0700 (PDT)
Received: by ywm21 with SMTP id 21so2145041ywm.31 for <woes@ietf.org>; Fri, 05 Aug 2011 12:04:49 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=5ywpswj459NEQP2fpaceaF7fnuKzfpisMEgP+HJEEZ4=; b=LRy5NqXWOxrlc2YUa4FFnGTsPr/UO2O7PMas6DWPOAAqjRCfMSZ268ukMdzrIxyCv2 MwAQZMoaKf28Afjd0yGuloDhUXTSjYHgVMN3FAxK/gvy96q3VUawK6UsEaXjT6Gm3H3H LFwQ4hkF7UP3bvxW0o5ZKnyexci8SkqkL4OTU=
MIME-Version: 1.0
Received: by 10.101.131.33 with SMTP id i33mr2278356ann.28.1312571089334; Fri, 05 Aug 2011 12:04:49 -0700 (PDT)
Received: by 10.100.34.3 with HTTP; Fri, 5 Aug 2011 12:04:49 -0700 (PDT)
In-Reply-To: <4E3C3A35.70408@ieca.com>
References: <6663f860-9de7-4960-8e7b-1c2d23142009@default> <4E3C3A35.70408@ieca.com>
Date: Fri, 05 Aug 2011 15:04:49 -0400
Message-ID: <CAMm+LwgVQP00pgKkwfgT9+dzbL9mw9Ws9=34N_3togA3kP9CUw@mail.gmail.com>
From: Phillip Hallam-Baker <hallam@gmail.com>
To: Sean Turner <turners@ieca.com>
Content-Type: multipart/alternative; boundary="001636c5be9285b1e804a9c6c5a2"
Cc: woes@ietf.org, Paul Hoffman <paul.hoffman@vpnc.org>
Subject: Re: [woes] Proposed charter, post-Quebec edition
X-BeenThere: woes@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "Web Object Encryption and Signing \(woes\) BOF discussion list" <woes.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/woes>, <mailto:woes-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/woes>
List-Post: <mailto:woes@ietf.org>
List-Help: <mailto:woes-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/woes>, <mailto:woes-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 05 Aug 2011 19:04:32 -0000
Actually, I suspect that with AES in hand and having good MAC modes specified we might well want to use one of those in preference to the traditional HMAC. On Fri, Aug 5, 2011 at 2:45 PM, Sean Turner <turners@ieca.com> wrote: > On 8/4/11 4:41 PM, Hal Lockhart wrote: > >> +1 >> >> -----Original Message----- >>> From: Paul Hoffman [mailto:paul.hoffman@vpnc.org] >>> Sent: Thursday, August 04, 2011 12:03 PM >>> To: Eric Rescorla >>> Cc: woes@ietf.org >>> Subject: Re: [woes] Proposed charter, post-Quebec edition >>> >>> >>> >>> On Aug 4, 2011, at 8:52 AM, Eric Rescorla wrote: >>> >>> IMO, symmetric integrity protection is a useful primitive, and it's >>>> already part of the >>>> JWT spec. I think all that's required here in the charter is to >>>> wordsmith it to separate >>>> out symmetric from asymmetric integrity algorithms, >>>> >>> >>> Current: >>> 1) A Standards Track document specifying how to apply a >>> JSON-structured digital signature to data, including (but not >>> limited to) JSON data structures. "Digital signature" is >>> defined as a hash operation followed by a signature operation >>> using asymmetric keys. >>> >>> It sounds like you would prefer something like: >>> 1) A Standards Track document specifying how to apply >>> integrity protection to data, including (but not limited to) >>> JSON data structures. This integrity protection can be >>> achieved with both symmetric and asymmetric algorithms. >>> >>> Is that right? >>> >> > I'm liking what Paul B. suggested but tweaked ever so slightly: > > 1) A Standards Track document specifying how to ensure the integrity and/or > authenticity of data, including (but not limited to) JSON data structures. > HMAC-based (RFC 2104) and Asymmetric cryptographic algorithms both need to > be supported. > > I'd like to not just call out integrity - and we should just call out the > HMAC-based algs because that's what folks really want to use (or have I > gotten this wrong?). > > Any violent objections to this? > > spt > > ______________________________**_________________ > woes mailing list > woes@ietf.org > https://www.ietf.org/mailman/**listinfo/woes<https://www.ietf.org/mailman/listinfo/woes> > -- Website: http://hallambaker.com/
- Re: [woes] Proposed charter, post-Quebec edition Sean Turner
- [woes] Proposed charter, post-Quebec edition Paul Hoffman
- Re: [woes] Proposed charter, post-Quebec edition Peter Saint-Andre
- Re: [woes] Proposed charter, post-Quebec edition Paul Hoffman
- Re: [woes] Proposed charter, post-Quebec edition Matt Miller
- Re: [woes] Proposed charter, post-Quebec edition Thomas Hardjono
- Re: [woes] Proposed charter, post-Quebec edition Matt Miller
- Re: [woes] Proposed charter, post-Quebec edition Thomas Hardjono
- Re: [woes] Proposed charter, post-Quebec edition Peter Saint-Andre
- Re: [woes] Proposed charter, post-Quebec edition Peter Saint-Andre
- Re: [woes] Proposed charter, post-Quebec edition Paul C. Bryan
- Re: [woes] Proposed charter, post-Quebec edition Matt Miller
- Re: [woes] Proposed charter, post-Quebec edition Phillip Hallam-Baker
- Re: [woes] Proposed charter, post-Quebec edition Phillip Hallam-Baker
- Re: [woes] Proposed charter, post-Quebec edition John Bradley
- Re: [woes] Proposed charter, post-Quebec edition John Bradley
- Re: [woes] Proposed charter, post-Quebec edition Phillip Hallam-Baker
- Re: [woes] Proposed charter, post-Quebec edition John Bradley
- Re: [woes] Proposed charter, post-Quebec edition Sean Turner
- Re: [woes] Proposed charter, post-Quebec edition Phillip Hallam-Baker
- Re: [woes] Proposed charter, post-Quebec edition Phillip Hallam-Baker
- Re: [woes] Proposed charter, post-Quebec edition John Bradley
- Re: [woes] Proposed charter, post-Quebec edition John Bradley
- Re: [woes] Proposed charter, post-Quebec edition Phillip Hallam-Baker
- Re: [woes] Proposed charter, post-Quebec edition Matt Miller
- Re: [woes] Proposed charter, post-Quebec edition John Bradley
- Re: [woes] Proposed charter, post-Quebec edition Paul C. Bryan
- Re: [woes] Proposed charter, post-Quebec edition Paul Hoffman
- Re: [woes] Proposed charter, post-Quebec edition Eric Rescorla
- Re: [woes] Proposed charter, post-Quebec edition Paul Hoffman
- Re: [woes] Proposed charter, post-Quebec edition Paul C. Bryan
- Re: [woes] Proposed charter, post-Quebec edition Jeremy Laurenson
- Re: [woes] Proposed charter, post-Quebec edition Richard L. Barnes
- Re: [woes] Proposed charter, post-Quebec edition Hal Lockhart
- [woes] Naked Public Key, was: RE: Proposed charte… Hal Lockhart
- Re: [woes] Naked Public Key, was: RE: Proposed ch… Eric Rescorla
- Re: [woes] Proposed charter, post-Quebec edition Joe Hildebrand
- Re: [woes] Naked Public Key, was: RE: Proposed ch… Joe Hildebrand
- Re: [woes] Naked Public Key, was: RE: Proposed ch… Leif Johansson
- Re: [woes] Naked Public Key, was: RE: Proposed ch… Phillip Hallam-Baker
- Re: [woes] Naked Public Key, was: RE: Proposed ch… Leif Johansson
- Re: [woes] Naked Public Key, was: RE: Proposed ch… John Bradley
- Re: [woes] Naked Public Key, was: RE: Proposed ch… Eric Rescorla
- Re: [woes] Naked Public Key, was: RE: Proposed ch… Leif Johansson
- Re: [woes] Naked Public Key, was: RE: Proposed ch… Phillip Hallam-Baker
- Re: [woes] Naked Public Key, was: RE: Proposed ch… Phillip Hallam-Baker
- Re: [woes] Naked Public Key, was: RE: Proposed ch… Eric Rescorla
- Re: [woes] Naked Public Key, was: RE: Proposed ch… Sean Turner
- Re: [woes] Proposed charter, post-Quebec edition Sean Turner
- Re: [woes] Proposed charter, post-Quebec edition Sean Turner
- Re: [woes] Naked Public Key, was: RE: Proposed ch… Phillip Hallam-Baker
- Re: [woes] Proposed charter, post-Quebec edition Phillip Hallam-Baker
- Re: [woes] Proposed charter, post-Quebec edition Phillip Hallam-Baker
- Re: [woes] Naked Public Key, was: RE: Proposed ch… Sean Turner
- Re: [woes] Proposed charter, post-Quebec edition Sean Turner
- Re: [woes] Naked Public Key, was: RE: Proposed ch… Phillip Hallam-Baker
- Re: [woes] Proposed charter, post-Quebec edition Jeremy Laurenson
- Re: [woes] Naked Public Key, was: RE: Proposed ch… Leif Johansson
- Re: [woes] Proposed charter, post-Quebec edition Phillip Hallam-Baker
- Re: [woes] Naked Public Key, was: RE: Proposed ch… Phillip Hallam-Baker
- Re: [woes] Naked Public Key, was: RE: Proposed ch… Joe Hildebrand
- Re: [woes] Naked Public Key, was: RE: Proposed ch… John Bradley
- Re: [woes] Naked Public Key, was: RE: Proposed ch… Leif Johansson
- Re: [woes] Proposed charter, post-Quebec edition Hal Lockhart
- Re: [woes] Naked Public Key, was: RE: Proposed ch… Hal Lockhart
- Re: [woes] Naked Public Key, was: RE: Proposed ch… Paul C. Bryan
- Re: [woes] Naked Public Key, was: RE: Proposed ch… Ben Adida
- Re: [woes] Naked Public Key, was: RE: Proposed ch… John Bradley
- Re: [woes] Naked Public Key, was: RE: Proposed ch… Paul C. Bryan
- Re: [woes] Naked Public Key, was: RE: Proposed ch… John Bradley
- Re: [woes] Naked Public Key, was: RE: Proposed ch… Ben Adida
- Re: [woes] Naked Public Key, was: RE: Proposed ch… John Bradley
- Re: [woes] Naked Public Key, was: RE: Proposed ch… Hal Lockhart
- [woes] Support multiple Crypto algorithms? was RE… Hal Lockhart
- Re: [woes] Support multiple Crypto algorithms? wa… John Bradley
- Re: [woes] Support multiple Crypto algorithms? wa… Paul C. Bryan
- Re: [woes] Support multiple Crypto algorithms? wa… Joe Hildebrand
- Re: [woes] Support multiple Crypto algorithms? wa… Richard L. Barnes
- Re: [woes] Support multiple Crypto algorithms? wa… Phillip Hallam-Baker
- Re: [woes] Support multiple Crypto algorithms? wa… Thomas Hardjono
- Re: [woes] Support multiple Crypto algorithms? wa… Joe Hildebrand
- Re: [woes] Support multiple Crypto algorithms? wa… Thomas Hardjono
- Re: [woes] Support multiple Crypto algorithms? wa… Joe Hildebrand
- Re: [woes] Support multiple Crypto algorithms? wa… Thomas Hardjono
- Re: [woes] Support multiple Crypto algorithms? wa… Joe Hildebrand