<hat type="individual"/> As I read that part of the charter, I understood it to suggest that there should be some sort of logical equivalence between the two encodings -- that the parts of the WOES object should correspond to some subset of the parts in a CMS object. Kind of like the JSMS proposal does now.
It seems like this gets around Sean's concern about re-designing a security protocol, and actually saves some design work, because you can push hard things off to RFC 5652. At the same time, it keeps you free to make a compact encoding; you can use "s" instead of "Signer" as long as you say so in the spec. --Richard On Jul 7, 2011, at 9:18 PM, Anthony Nadalin wrote: > Concern is if folks think that the same formats have to be preserved and same > algorithms, etc. If it is simply signing and encrypting and that can be done > in any format and algorithms then I think we are fine, but it should be made > a little clearer and say something like "similar signing and encrypting > function that CMS provides" > > -----Original Message----- > From: Paul Hoffman [mailto:[email protected]] > Sent: Thursday, July 07, 2011 4:18 PM > To: Hannes Tschofenig > Cc: Anthony Nadalin; [email protected] > Subject: Re: [woes] New WOES charter proposal > > On Jul 7, 2011, at 4:06 PM, Hannes Tschofenig wrote: > >> And what does it mean to "base it on CMS"? >> >> It could, for example, mean that >> 1) the same functionality as CMS has to be provided (but with a JSON >> encoding) >> 2) folks should look at CMS to get inspired >> 3) for a chosen subset of CMS that the JSON-based realization must be >> semantically equivalent (for example, to make translation easy or so) >> 4) re-use of parts is encouraged (such as registries, etc.) >> >> What did you had in mind, Paul? > > I was reflecting an earlier message from our AD. On Jun 14, 2011, at 9:31 AM, > Sean Turner wrote: > >> In Prague, I thought the goal was pretty straightforward: JSONize CMS. > > > That seems clear to me. It's closer to your #1 above, but the rest of the > proposed charter makes it clear that it is a subset of CMS, namely signing > and encrypting. > > --Paul Hoffman > > > > > > _______________________________________________ > woes mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/woes _______________________________________________ woes mailing list [email protected] https://www.ietf.org/mailman/listinfo/woes
