+1
From: Nat Sakimura <[email protected]>
To: Kathleen Moriarty <[email protected]>
Cc: Mike Jones <[email protected]>; Karen O'Donoghue
<[email protected]>; "[email protected]" <[email protected]>
Sent: Sunday, July 12, 2015 10:32 AM
Subject: Re: [jose] way forward for two remaining drafts
Sorry to chime in so late. I have been completely under water for sometime now.
Like Phil, I do see that draft-jones-jose-jws-signing-input-options sort of
thing can be very useful, though I may want to have slightly different way of
encoding the things. Being able to do detached signature is quite attractive.
Best,
Nat
2015-07-10 2:37 GMT+09:00 Kathleen Moriarty <[email protected]>:
Hi,
Sent from my iPhone
On Jul 9, 2015, at 1:16 PM, Mike Jones <[email protected]> wrote:
Abouthttps://tools.ietf.org/html/draft-jones-jose-jws-signing-input-options-00,
I’ll add that this addresses the requests make by Jim Schaad and Richard Barnes
in JOSE Issues #26 “Allow for signature payload to not be base64 encoded” and
#23http://trac.tools.ietf.org/wg/jose/trac/ticket/23 “Make crypto independent
of binary encoding (base64)”.
Abouthttps://tools.ietf.org/html/draft-jones-jose-key-managed-json-web-signature-01,
I’ll add that this addresses the request made by Jim Schaad in JOSE Issue
#2http://trac.tools.ietf.org/wg/jose/trac/ticket/2 “No key management for MAC”.
Also, there’s a highly relevant discussion about key management for MACs going
on in the COSE working group. See the thread “[Cose] Key management for MACs
(was Re: Review of draft-schaad-cose-msg-01)” –
especiallyhttps://mailarchive.ietf.org/arch/msg/cose/aUehU6O7Ui8CXcGxy3TquZOxWH4
and https://mailarchive.ietf.org/arch/msg/cose/ouOIdAOe2P-W8BjGLJ7BNvvRr10.
One could take the view that our decision on the JOSE key management draft
should be informed by the related decision in COSE. Specifically, that if COSE
decides to support key management for MACs, the same reasoning likely should
apply to our decision on whether to define a standard mechanism for supporting
key management for MACs in JOSE.
Key management is explicitly out-of-scope for COSE as stated in the charter.
The discussion referenced had this point at the close of that discussion.
I'm not seeing much support for these drafts moving forward in JOSE. I'm also
not seeing enough to justify standards track and AD sponsored. If you think
these are important to have move forward in the WG or as standards track,
please say so soon. They can still go forward through the Independent
submission process through the ISE.
Thank you,Kathleen
-- Mike From: jose
[mailto:[email protected]]On Behalf Of Karen O'Donoghue
Sent: Wednesday, July 01, 2015 8:38 AM
To: [email protected]
Subject: [jose] way forward for two remaining drafts Folks, With the
thumbprint draft progressing through the process, we have two remaining
individual drafts to decide what to do with. The options include: 1) adopt as
working group drafts; 2) ask for AD sponsorship of individual drafts; or 3)
recommend that they not be published. Please express your thoughts on what we
should do with these drafts. Jim, Kathleen, and I would like to make a decision
in the Prague timeframe, so please respond by 15 July.
https://tools.ietf.org/id/draft-jones-jose-jws-signing-input-options-00.txt
https://tools.ietf.org/id/draft-jones-jose-key-managed-json-web-signature-01.txt
Thanks,Karen
_______________________________________________
jose mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/jose
_______________________________________________
jose mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/jose
--
Nat Sakimura (=nat)Chairman, OpenID Foundation
http://nat.sakimura.org/
@_nat_en
_______________________________________________
jose mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/jose
_______________________________________________
jose mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/jose
