Is the object here to arrive at an RFC or to arrive at a standard with a broad base of support in the web services apps community?
If the latter the I suggest much more time so as to have the ability to get buy in from the relevant community. Sent from my angry birds pad On Aug 2, 2011, at 19:13, Paul Hoffman <[email protected]> wrote: > Here is a proposal for the charter based on the discussion in the BoF last > week and later discussion with Sean Turner. Comments, praise, scorn, etc., > are welcome. > > --Paul and Richard > > Javascript Object Signing and Encrypting (jose) > =============================================== > > Background > ---------- > > Javascript Object Notation (JSON) is a text format for the serialization of > structured data described in RFC 4627. The JSON format is often used for > serializing and transmitting structured data over a network connection. With > the increased usage of JSON in protocols in the IETF and elsewhere, there is > now a desire to offer security services such as encryption and digital > signatures for data that is being carried in JSON format. > > Different proposals for providing such security services have already been > defined and implemented. This Working Group's task is to standardize two > security services, encrypting and digitally signing, in order to increase > interoperability of security features between protocols that use JSON. The > Working Group will base its work on well-known message security primitives > (e.g., CMS), and will solicit input from the rest of the IETF Security Area > to be sure that the security functionality in the JSON format is correct. > > This group is chartered to work on four documents: > > 1) A Standards Track document specifying how to apply a JSON-structured > digital signature to data, including (but not limited to) JSON data > structures. "Digital signature" is defined as a hash operation followed by a > signature operation using asymmetric keys. > > 2) A Standards Track document specifying how to apply a JSON-structured > encryption to data, including (but not limited to) JSON data structures. > > 3) A Standards Track document specifying how to encode public keys as > JSON-structured objects. > > 4) A Standards Track document specifying mandatory-to-implement algorithms > for the other three documents. > > The working group may decide to address one or more of these goals in a > single document, in which case the concrete milestones for signing/encryption > below will both be satisfied by the single document. > > Goals and Milestones > -------------------- > > Aug 2011 Submit JSON object signing document as a WG item. > > Aug 2011 Submit JSON object encryption document as a WG item. > > Aug 2011 Submit JSON key format document as a WG item. > > Aug 2011 Submit JSON algoritm document as a WG item. > > Jan 2012 Start Working Group Last Call on JSON object signing document. > > Jan 2012 Start Working Group Last Call on JSON object encryption document. > > Jan 2012 Start Working Group Last Call on JSON key format document. > > Jan 2012 Start Working Group Last Call on JSON algorithm document. > > Feb 2012 Submit JSON object signing document to IESG for consideration as > Standards Track document. > > Feb 2012 Submit JSON object encryption document to IESG for consideration > as Standards Track document. > > Feb 2012 Submit JSON key format document to IESG for consideration > as Standards Track document. > > Feb 2012 Submit JSON algorithm document to IESG for consideration > as Standards Track document. > > _______________________________________________ > woes mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/woes _______________________________________________ woes mailing list [email protected] https://www.ietf.org/mailman/listinfo/woes
