I am also interested in these options and can review the spec. Thanks,
George
On 7/15/15 4:44 PM, Salvatore D'Agostino wrote:
Also very late to the conversations but my feelings align with Phil
and Nat.
*From:*Nat Sakimura [mailto:[email protected]]
*Sent:* Sunday, July 12, 2015 1:32 PM
*To:* Kathleen Moriarty
*Cc:* Mike Jones; Karen O'Donoghue; [email protected]
*Subject:* Re: [jose] way forward for two remaining drafts
Sorry to chime in so late. I have been completely under water for
sometime now.
Like Phil, I do see that draft-jones-jose-jws-signing-input-options
sort of thing can be very useful, though I may want to have slightly
different way of encoding the things. Being able to do detached
signature is quite attractive.
Best,
Nat
2015-07-10 2:37 GMT+09:00 Kathleen Moriarty
<[email protected]
<mailto:[email protected]>>:
Hi,
Sent from my iPhone
On Jul 9, 2015, at 1:16 PM, Mike Jones <[email protected]
<mailto:[email protected]>> wrote:
About
https://tools.ietf.org/html/draft-jones-jose-jws-signing-input-options-00,
I’ll add that this addresses the requests make by Jim Schaad and
Richard Barnes in JOSE Issues #26 “Allow for signature payload to
not be base64 encoded” and #23
http://trac.tools.ietf.org/wg/jose/trac/ticket/23 “Make crypto
independent of binary encoding (base64)”.
About
https://tools.ietf.org/html/draft-jones-jose-key-managed-json-web-signature-01,
I’ll add that this addresses the request made by Jim Schaad in
JOSE Issue #2 http://trac.tools.ietf.org/wg/jose/trac/ticket/2 “No
key management for MAC”.
Also, there’s a highly relevant discussion about key management
for MACs going on in the COSE working group. See the thread
“[Cose] Key management for MACs (was Re: Review of
draft-schaad-cose-msg-01)” – especially
https://mailarchive.ietf.org/arch/msg/cose/aUehU6O7Ui8CXcGxy3TquZOxWH4
and
https://mailarchive.ietf.org/arch/msg/cose/ouOIdAOe2P-W8BjGLJ7BNvvRr10.
One could take the view that our decision on the JOSE key
management draft should be informed by the related decision in
COSE. Specifically, that if COSE decides to support key
management for MACs, the same reasoning likely should apply to our
decision on whether to define a standard mechanism for supporting
key management for MACs in JOSE.
Key management is explicitly out-of-scope for COSE as stated in the
charter. The discussion referenced had this point at the close of
that discussion.
I'm not seeing much support for these drafts moving forward in JOSE.
I'm also not seeing enough to justify standards track and AD
sponsored. If you think these are important to have move forward in
the WG or as standards track, please say so soon. They can still go
forward through the Independent submission process through the ISE.
Thank you,
Kathleen
-- Mike
*From:*jose [mailto:[email protected]] *On Behalf Of *Karen O'Donoghue
*Sent:* Wednesday, July 01, 2015 8:38 AM
*To:* [email protected] <mailto:[email protected]>
*Subject:* [jose] way forward for two remaining drafts
Folks,
With the thumbprint draft progressing through the process, we have two
remaining individual drafts to decide what to do with. The options
include: 1) adopt as working group drafts; 2) ask for AD sponsorship
of individual drafts; or 3) recommend that they not be published.
Please express your thoughts on what we should do with these drafts.
Jim, Kathleen, and I would like to make a decision in the Prague
timeframe, so please respond by 15 July.
https://tools.ietf.org/id/draft-jones-jose-jws-signing-input-options-00.txt
https://tools.ietf.org/id/draft-jones-jose-key-managed-json-web-signature-01.txt
Thanks,
Karen
_______________________________________________
jose mailing list
[email protected] <mailto:[email protected]>
https://www.ietf.org/mailman/listinfo/jose
_______________________________________________
jose mailing list
[email protected] <mailto:[email protected]>
https://www.ietf.org/mailman/listinfo/jose
--
Nat Sakimura (=nat)
Chairman, OpenID Foundation
http://nat.sakimura.org/
@_nat_en
_______________________________________________
jose mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/jose
_______________________________________________
jose mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/jose
