Re: [woes] Proposed charter, post-Quebec edition

Sean Turner <turners@ieca.com> Fri, 05 August 2011 18:44 UTC

Return-Path: <turners@ieca.com>
X-Original-To: woes@ietfa.amsl.com
Delivered-To: woes@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6AD5D11E80B2 for <woes@ietfa.amsl.com>; Fri, 5 Aug 2011 11:44:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.246
X-Spam-Level:
X-Spam-Status: No, score=-102.246 tagged_above=-999 required=5 tests=[AWL=0.352, BAYES_00=-2.599, UNPARSEABLE_RELAY=0.001, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DltPL+e5DFtF for <woes@ietfa.amsl.com>; Fri, 5 Aug 2011 11:44:55 -0700 (PDT)
Received: from nm21.access.bullet.mail.mud.yahoo.com (nm21.access.bullet.mail.mud.yahoo.com [66.94.237.222]) by ietfa.amsl.com (Postfix) with SMTP id CC12111E80BB for <woes@ietf.org>; Fri, 5 Aug 2011 11:44:55 -0700 (PDT)
Received: from [66.94.237.199] by nm21.access.bullet.mail.mud.yahoo.com with NNFMP; 05 Aug 2011 18:45:10 -0000
Received: from [98.139.221.63] by tm10.access.bullet.mail.mud.yahoo.com with NNFMP; 05 Aug 2011 18:45:10 -0000
Received: from [127.0.0.1] by smtp104.biz.mail.bf1.yahoo.com with NNFMP; 05 Aug 2011 18:45:10 -0000
X-Yahoo-Newman-Id: 726290.10739.bm@smtp104.biz.mail.bf1.yahoo.com
X-Yahoo-Newman-Property: ymail-3
X-YMail-OSG: THoJsOcVM1m8EuTFAmul1Ow8S5c9eXeqmwKRAMeQ9IAI170 zIMe3R6yF5V9SZn5004EEpfJIh8YCrMUAym_hWLWXvJYN0biQzFP1c9yt7KN 1zNn9EcVT8idJLnEvzbvp9V0Jt.qpQUZelnV4coA3_6riOQSaY5iUBrQhw1k ju6_Chr9IXlN7lHF9tJkMtp7hwlmtRHAsOqXP7rg8jFSkfxnykuJ8kHpzIEU eTiJy3xODQ5NmSBEXKmCDr3Pk0DB033b4uGv83iCxUlb8HSeOMlSzZCyGrw. Uvcm2UIngf.1BPlNz6HiVw2TkuJkRH3YB9QtC6hmjG30FAxINe61cj5LPKY4 i.fd11PCVjtWQWiV9PRp7hDznwUfwgGfh_tE1pQbMNnPmpqOXle6_Da291cR bGqnxqeHrY27O.z.kAA--
X-Yahoo-SMTP: ZrP3VLSswBDL75pF8ymZHDSu9B.vcMfDPgLJ
Received: from thunderfish.westell.com (turners@71.191.6.113 with plain) by smtp104.biz.mail.bf1.yahoo.com with SMTP; 05 Aug 2011 11:45:10 -0700 PDT
Message-ID: <4E3C3A35.70408@ieca.com>
Date: Fri, 05 Aug 2011 14:45:09 -0400
From: Sean Turner <turners@ieca.com>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:5.0) Gecko/20110624 Thunderbird/5.0
MIME-Version: 1.0
To: woes@ietf.org
References: <6663f860-9de7-4960-8e7b-1c2d23142009@default>
In-Reply-To: <6663f860-9de7-4960-8e7b-1c2d23142009@default>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Cc: Paul Hoffman <paul.hoffman@vpnc.org>
Subject: Re: [woes] Proposed charter, post-Quebec edition
X-BeenThere: woes@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "Web Object Encryption and Signing \(woes\) BOF discussion list" <woes.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/woes>, <mailto:woes-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/woes>
List-Post: <mailto:woes@ietf.org>
List-Help: <mailto:woes-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/woes>, <mailto:woes-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 05 Aug 2011 18:44:56 -0000

On 8/4/11 4:41 PM, Hal Lockhart wrote:
> +1
>
>> -----Original Message-----
>> From: Paul Hoffman [mailto:paul.hoffman@vpnc.org]
>> Sent: Thursday, August 04, 2011 12:03 PM
>> To: Eric Rescorla
>> Cc: woes@ietf.org
>> Subject: Re: [woes] Proposed charter, post-Quebec edition
>>
>>
>>
>> On Aug 4, 2011, at 8:52 AM, Eric Rescorla wrote:
>>
>>> IMO, symmetric integrity protection is a useful primitive, and it's
>>> already part of the
>>> JWT spec. I think all that's required here in the charter is to
>>> wordsmith it to separate
>>> out symmetric from asymmetric integrity algorithms,
>>
>> Current:
>> 1) A Standards Track document specifying how to apply a
>> JSON-structured digital signature to data, including (but not
>> limited to) JSON data structures. "Digital signature" is
>> defined as a hash operation followed by a signature operation
>> using asymmetric keys.
>>
>> It sounds like you would prefer something like:
>> 1) A Standards Track document specifying how to apply
>> integrity protection to data, including (but not limited to)
>> JSON data structures. This integrity protection can be
>> achieved with both symmetric and asymmetric algorithms.
>>
>> Is that right?

I'm liking what Paul B. suggested but tweaked ever so slightly:

1) A Standards Track document specifying how to ensure the integrity 
and/or authenticity of data, including (but not limited to) JSON data 
structures.  HMAC-based (RFC 2104) and Asymmetric cryptographic 
algorithms both need to be supported.

I'd like to not just call out integrity - and we should just call out 
the HMAC-based algs because that's what folks really want to use (or 
have I gotten this wrong?).

Any violent objections to this?

spt