Hi Orie, Please see inline
On Thu, 2 Oct 2025 at 18:40, Orie <[email protected]> wrote: > Hi, > > Adding COSE because of the draft title. > > I think composite signatures for JOSE & COSE do not make a lot of sense > for the common cases of short lived access tokens. > For longer lived identity credentials they might make sense, especially if > you are shipping hardware with no ability to upgrade that is going to speak > COSE, perhaps in long lived smart building IoT scenarios? > I would tend to wait for TLS / LAMPs (to successfully adopt documents) and > align with them. > LAMPS has https://datatracker.ietf.org/doc/draft-ietf-lamps-pq-composite-sigs/ which is in WGLC and TLS/IPSec have individual drafts which leverage draft-ietf-lamps-pq-composite-sigs. TLS/IPsec handshake transcript binding prevents MiTM from a single-component compromise. In the case of JOSE, mutual key binding and cross-signing would prevent the duplicate attack mentioned by John to achieve SUF-CMA. -Tiru > > OS > > > > > > On Thu, Oct 2, 2025 at 5:17 AM John Mattsson <john.mattsson= > [email protected]> wrote: > >> Dear Lucas, >> >> >> >> My recollection is that the draft was presented at IETF 121 where several >> people stated that they did not think JOSE should work on composite >> signatures. At IETF 123 the draft almost did not get any time and there >> were no discussion. >> >> >> >> I am sorry that the chairs did not do their AP to "Chairs will send an >> email soliciting comments on whether we are ready to do a call for >> adoption." Good that you did. >> >> >> >> I notice that TLS WG at IETF 123 seems to have decided to not work on >> composites at this point in time. >> >> >> https://datatracker.ietf.org/meeting/123/materials/slides-123-tls-wg-status-00 >> >> >> >> The chairs would like to hear the current opinion of the working group. >> >> >> >> Cheers, >> >> John >> >> >> >> *From: *Lucas Prabel <[email protected]> >> *Date: *Thursday, 2 October 2025 at 10:06 >> *To: *[email protected] <[email protected]> >> *Cc: *[email protected] <[email protected]> >> *Subject: *[jose] Call for Adoption request: >> draft-prabel-jose-pq-composite-sigs-04 >> >> Dear JOSE WG, >> >> >> >> I am one of the co-authors of the individual draft >> *draft-prabel-jose-pq-composite-sigs-04 >> (*draft-prabel-jose-pq-composite-sigs-04 - PQ/T Hybrid Composite >> Signatures for JOSE and COSE >> <https://datatracker.ietf.org/doc/draft-prabel-jose-pq-composite-sigs/04/> >> ). >> >> >> >> The draft has been presented in two IETF meetings, including IETF 123 in >> July. We have addressed the feedback received both on the mailing list and >> onsite during the sessions. The draft is also aligned with related work in >> other groups, in particular the COSE draft on ML-DSA and the LAMPS draft on >> composite signatures. >> >> >> >> We believe the document is in a good state to serve as a starting point >> for further work within the JOSE WG. Therefore, we would like to ask the >> chairs to consider issuing a Call for Adoption. >> >> >> >> We also welcome further comments and feedback on the draft from the >> working group. >> >> >> >> Best regards, >> >> Lucas >> _______________________________________________ >> jose mailing list -- [email protected] >> To unsubscribe send an email to [email protected] >> > _______________________________________________ > jose mailing list -- [email protected] > To unsubscribe send an email to [email protected] >
_______________________________________________ jose mailing list -- [email protected] To unsubscribe send an email to [email protected]
