1. Yes, I support the charter text. 2. Yes, I am willing to participate in the development of the WG drafts. 3. Yes, I am willing to review charter drafts. 4. Yes, I am willing to work on implementations, and have already explored and prototyped implementations.
Regards, OS On Tue, Oct 18, 2022, 1:53 PM Wayne Chang <[email protected]> wrote: > 1. Yes, I support the charter text. > 2. Yes, I am willing to participate in the development of the WG drafts. > 3. Yes, I am willing to review charter drafts. > 4. Yes, I am willing to work on implementations--we have resourcing > available for this later in the quarter. > > On Mon, Oct 17, 2022 at 6:45 PM Karen O'Donoghue <odonoghue= > [email protected]> wrote: > >> Everyone... >> >> On 12 October 2022, we held the second BoF for JSON Web Proofs proposed >> work [1] as a follow-on to the BoF held at IETF 114 [2]. >> >> We had a robust discussion on problem to be solved and the proposed scope >> of work. A draft charter was previously circulated on the mailing list and >> discussed during the meeting. Polling of the BoF participants showed a >> strong consensus on understanding of the problem and interest to solve it >> in the IETF. There was also critical mass of energy to do this work. There >> was some feedback on the charter along with consensus to reuse the JOSE >> mailing list. >> >> The charter was updated based on the feedback from the BoF and is >> available here and included below: >> >> https://github.com/json-web-proofs/json-web-proofs/blob/main/charter-ietf-jose-03.md >> >> Now with a revised charter available, we'd like to continue this BoF >> conversion with an email thread to gauge interest to forming a WG to ensure >> we also capture views from those who were unable to attend the BoF or those >> who want to reiterate their positions. Please respond to the list: >> >> (1) Do you support the charter text? Or do you have objections or >> blocking concerns (please describe what they might be)? >> >> If you do support the charter text: >> (2) Are you willing to author or participate in the developed of the WG >> drafts? >> (3) Are you willing to review the WG drafts? >> (4) Are you interested in implementing the WG drafts? >> >> If you previously spoke of at the BoF, you are welcome to repeat yourself >> here. >> >> If you have been following along on the mailing list, the charter text >> below is the one that was being polished in GitHub ( >> https://github.com/json-web-proofs/json-web-proofs/blob/main/charter-ietf-jose-03.md). >> >> >> This call for feedback will end on Monday, 24 October 2022. >> >> Thanks, >> Karen and John >> >> [1] >> https://datatracker.ietf.org/meeting/interim-2022-jwp-01/materials/minutes-interim-2022-jwp-01-202210121300-00 >> [2] https://notes.ietf.org/notes-ietf-114-jwp# >> [3] >> https://github.com/json-web-proofs/json-web-proofs/blob/main/charter-ietf-jose-03.md >> >> *Draft Charter:* >> >> The original JSON Object Signing and Encryption (JOSE) working group >> <https://datatracker.ietf.org/doc/charter-ietf-jose/02/> standardized >> JSON-based representations for: >> >> - Integrity-protected objects – JSON Web Signatures (JWS) [RFC 7515 >> <https://www.rfc-editor.org/rfc/rfc7515.html>] >> - Encrypted objects – JSON Web Encryption (JWE) [RFC 7516 >> <https://www.rfc-editor.org/rfc/rfc7516.html>] >> - Key representations – JSON Web Key (JWK) [RFC 7517 >> <https://www.rfc-editor.org/rfc/rfc7517.html>] >> - Algorithm definitions – JSON Web Algorithms (JWA) [RFC 7518 >> <https://www.rfc-editor.org/rfc/rfc7518.html>] >> - Test vectors for the above – Examples of Protecting Content Using >> JSON Object Signing and Encryption [RFC 7520 >> <https://www.rfc-editor.org/rfc/rfc7520.html>] >> >> These were used to define the JSON Web Token (JWT) [RFC 7519 >> <https://www.rfc-editor.org/rfc/rfc7519.html>], which in turn, has seen >> widespread deployment in areas as diverse as digital identity >> <https://openid.net/connect/> and secure telephony >> <https://www.ietf.org/blog/stir-action/>. >> >> Concurrent to the growth of adoption of these standards to express and >> communicate sensitive data has been an increasing societal focus on >> privacy. Common privacy themes in identity solutions are user consent, >> minimal disclosure, and unlinkability. >> >> A multi-decade research activity for a sizeable academic and applied >> cryptography community, often referred to as anonymous credentials, targets >> privacy and knowledge protection. Some of the cryptographic techniques >> developed in this space involve pairing-friendly curves and zero-knowledge >> proofs (ZKPs) (to name just a few). Some of the benefits of zero-knowledge >> proof algorithms include unlinkability, selective disclosure, and the >> ability to use predicate proofs. >> >> The current container formats defined by JOSE and JWT are not able to >> represent data using zero-knowledge proof algorithms. Among the reasons are >> that most require an additional transform or finalize step, many are >> designed to operate on sets and not single messages, and the interface to >> ZKP algorithms has more inputs than conventional signing algorithms. The >> reconstituted JSON Object Signing and Encryption (JOSE) working group will >> address these new needs, while reusing aspects of JOSE and JWT, where >> applicable. >> >> This group is chartered to work on the following deliverables: >> >> - >> >> An Informational document detailing Use Cases and Requirements for >> new specifications enabling JSON-based selective disclosure and >> zero-knowledge proofs. >> - >> >> Standards Track document(s) specifying representation(s) of >> independently-disclosable integrity-protected sets of data and/or proofs >> using JSON-based data structures, which also aims to prevent the ability >> to >> correlate by different verifiers. >> - >> >> Standards Track document(s) specifying representation(s) of >> JSON-based claims and/or proofs enabling selective disclosure of these >> claims and/or proofs, and that also aims to prevent the ability to >> correlate by different verifiers. >> - >> >> Standards Track document(s) specifying how to use existing >> cryptographic algorithms and defining their algorithm identifiers. The >> working group will not invent new cryptographic algorithms. >> - >> >> Standards Track document(s) specifying how to represent keys for >> these new algorithms as JSON Web Keys (JWKs). >> - >> >> An Informational document defining test vectors for these new >> specifications. >> - >> >> Standards Track document(s) defining CBOR-based representations >> corresponding to all the above, building upon the COSE and CWT >> specifications in the same way that the above build on JOSE and JWT. >> >> One or more of these goals may be combined into a single document, in >> which case the concrete milestones for these goals will be satisfied by the >> consolidated document(s). >> >> An informal goal of the working group is close coordination with the >> rechartered >> W3C Verifiable Credentials WG >> <https://www.w3.org/2022/05/proposed-vc-wg-charter.html>, which has >> taken a dependency on this work for the second version of its Verifiable >> Credentials specification. The working group will also coordinate with the >> Selective >> Disclosure JWT >> <https://datatracker.ietf.org/doc/draft-ietf-oauth-selective-disclosure-jwt/> >> work in the OAuth working group, the Privacy Pass >> <https://datatracker.ietf.org/doc/charter-ietf-privacypass/> working >> group, and the CFRG. >> >> _______________________________________________ >> jose mailing list >> [email protected] >> https://www.ietf.org/mailman/listinfo/jose >> > _______________________________________________ > jose mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/jose >
_______________________________________________ jose mailing list [email protected] https://www.ietf.org/mailman/listinfo/jose
