IETF Logo Mail Archive

Re: [jose] way forward for two remaining drafts

"Nat Sakimura" <n-sakimura@nri.co.jp> Fri, 17 July 2015 06:41 UTC

Return-Path: <n-sakimura@nri.co.jp>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5D2111B2E8B for <jose@ietfa.amsl.com>; Thu, 16 Jul 2015 23:41:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.091
X-Spam-Level:
X-Spam-Status: No, score=-0.091 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HELO_EQ_JP=1.244, HOST_EQ_JP=1.265, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rngaXjZzcVRl for <jose@ietfa.amsl.com>; Thu, 16 Jul 2015 23:41:16 -0700 (PDT)
Received: from nrifs01.index.or.jp (nrigw01.index.or.jp [133.250.250.1]) by ietfa.amsl.com (Postfix) with ESMTP id A38C81B2E99 for <jose@ietf.org>; Thu, 16 Jul 2015 23:41:13 -0700 (PDT)
Received: from nriea04.index.or.jp (unknown [172.19.246.39]) by nrifs01.index.or.jp (Postfix) with SMTP id 06F5E77F5B; Fri, 17 Jul 2015 15:41:13 +0900 (JST)
Received: from nrims00a.nri.co.jp ([192.50.135.11]) by nriea04.index.or.jp (unknown) with ESMTP id t6H6fCxN004694; Fri, 17 Jul 2015 15:41:12 +0900
Received: from nrims00a.nri.co.jp (localhost.localdomain [127.0.0.1]) by nrims00a.nri.co.jp (Switch-3.3.4/Switch-3.3.4) with ESMTP id t6H6fCFD050945; Fri, 17 Jul 2015 15:41:12 +0900
Received: (from mailnull@localhost) by nrims00a.nri.co.jp (Switch-3.3.4/Switch-3.3.0/Submit) id t6H6fCk2050944; Fri, 17 Jul 2015 15:41:12 +0900
X-Authentication-Warning: nrims00a.nri.co.jp: mailnull set sender to n-sakimura@nri.co.jp using -f
Received: from nrizmf14.index.or.jp ([172.100.25.23]) by nrims00a.nri.co.jp (Switch-3.3.4/Switch-3.3.4) with ESMTP id t6H6fCal050941; Fri, 17 Jul 2015 15:41:12 +0900
Received: from NatCFRZ4 (unknown [172.31.163.94]) by nrivpnfs01.index.or.jp (Postfix) with ESMTP id F13AFBF93E; Fri, 17 Jul 2015 15:41:06 +0900 (JST)
From: Nat Sakimura <n-sakimura@nri.co.jp>
To: Axel.Nennker@telekom.de, kathleen.moriarty.ietf@gmail.com, ejay@mgi1.com
References: <CABzCy2A_yxx+WFSLJiw5ZBPfGaR5de5Lf0uaPFbaMGOnzWSnpg@mail.gmail.com> <1984212955.1265704.1436807438162.JavaMail.yahoo@mail.yahoo.com> <9823EFCA-CE49-4AD5-BC6A-BCD15A1C765E@gmail.com> <CE8995AB5D178F44A2154F5C9A97CAF4028D07DBA788@HE111541.emea1.cds.t-internal.com>
In-Reply-To: <CE8995AB5D178F44A2154F5C9A97CAF4028D07DBA788@HE111541.emea1.cds.t-internal.com>
Date: Fri, 17 Jul 2015 15:41:08 +0900
Message-ID: <00bf01d0c05b$91bf3a90$b53dafb0$@nri.co.jp>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----=_NextPart_000_00C0_01D0C0A7.01AE0E80"
X-Mailer: Microsoft Outlook 15.0
Thread-Index: AQGeybncJV5K1XQS/dmEFwZkceOLFwJYI2VdAepnzdoCKOWC6Z4PxMHw
Content-Language: ja
X-MailAdviser: 20150401
Archived-At: <http://mailarchive.ietf.org/arch/msg/jose/OykxP7UuXaxH6NhBdHMHwd7RBjY>
Cc: Michael.Jones@microsoft.com, jose@ietf.org, odonoghue@isoc.org
Subject: Re: [jose] way forward for two remaining drafts
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/jose/>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 17 Jul 2015 06:41:19 -0000

Axel wrote: 

Is it an argument for not base64url encoding payloads that they remain human/developer readable? 

This argument would make draft-jones-jose-jws-signing-input-options useful for small payloads too.

 

 

Indeed. It is one of my use case – small and I want to keep it readable. 

 

For the case the headers are not needed to be protected, the readability extends to the headers as well. 

 

Re: header parameters, for the sake of size, I am inclined to combine “sph” and “b64” to “pb” or something and represent the value as a number. 

So: (Sorry for an HTML table)

 


"sph"

"b64"

“pb”


true

true

3


false

true

1


true

false

2


false

false

0

 

 

-- 

Nat Sakimura < <mailto:n-sakimura@nri.co.jp> n-sakimura@nri.co.jp>

Nomura Research Institute, Ltd. 

 

PLEASE READ:

The information contained in this e-mail is confidential and intended for the named recipient(s) only.

If you are not an intended recipient of this e-mail, you are hereby notified that any review, dissemination, distribution or duplication of this message is strictly prohibited. If you have received this message in error, please notify the sender immediately and delete your copy from your system.

 

From: jose [mailto:jose-bounces@ietf.org] On Behalf Of Axel.Nennker@telekom.de
Sent: Thursday, July 16, 2015 2:55 PM
To: kathleen.moriarty.ietf@gmail.com; ejay@mgi1.com
Cc: Michael.Jones@microsoft.com; sakimura@gmail.com; odonoghue@isoc.org; jose@ietf.org
Subject: Re: [jose] way forward for two remaining drafts

 

Will review and probably implement this.

 

Nits: s/some of have/some have/

   While this

   cryptographically binds the protected Header Parameters to the

   integrity protected payload, some of have described use cases in

   which this binding is unnecessary and/or an impediment to adoption,

   especially when the payload is large and/or detached.

Should read:

   While this
   cryptographically binds the protected Header Parameters to the
   integrity protected payload, some have described use cases in
   which this binding is unnecessary and/or an impediment to adoption,
   especially when the payload is large and/or detached.

 

Is it an argument for not base64url encoding payloads that they remain human/developer readable? 

This argument would make draft-jones-jose-jws-signing-input-options useful for small payloads too.

 

-Axel

 

From: jose [mailto:jose-bounces@ietf.org] On Behalf Of Kathleen Moriarty
Sent: Montag, 13. Juli 2015 20:25
To: Edmund Jay
Cc: Mike Jones; Nat Sakimura; jose@ietf.org <mailto:jose@ietf.org> ; Karen O'Donoghue
Subject: Re: [jose] way forward for two remaining drafts

 

Hello,

 

It's good too see that a few people do support these drafts.  Will each of you be sending reviews and comments to the list shortly on these drafts?  If the chairs think it's reasonable to accept the drafts, they will also need to know there will be active support.

 

Thanks,

Kathleen 

Sent from my iPhone


On Jul 13, 2015, at 1:10 PM, Edmund Jay <ejay@mgi1.com <mailto:ejay@mgi1.com> > wrote:

+1

 

 


  _____  


From: Nat Sakimura <sakimura@gmail.com <mailto:sakimura@gmail.com> >
To: Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com <mailto:kathleen.moriarty.ietf@gmail.com> > 
Cc: Mike Jones <Michael.Jones@microsoft.com <mailto:Michael.Jones@microsoft.com> >; Karen O'Donoghue <odonoghue@isoc.org <mailto:odonoghue@isoc.org> >; "jose@ietf.org <mailto:jose@ietf.org> " <jose@ietf.org <mailto:jose@ietf.org> > 
Sent: Sunday, July 12, 2015 10:32 AM
Subject: Re: [jose] way forward for two remaining drafts

 

Sorry to chime in so late. I have been completely under water for sometime now. 

 

Like Phil, I do see that draft-jones-jose-jws-signing-input-options sort of thing can be very useful, though I may want to have slightly different way of encoding the things. Being able to do detached signature is quite attractive. 

 

Best, 

 

Nat

 

2015-07-10 2:37 GMT+09:00 Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com <mailto:kathleen.moriarty.ietf@gmail.com> >:

 

Hi,

Sent from my iPhone


On Jul 9, 2015, at 1:16 PM, Mike Jones <Michael.Jones@microsoft.com <mailto:Michael.Jones@microsoft.com> > wrote:

About https://tools.ietf.org/html/draft-jones-jose-jws-signing-input-options-00, I’ll add that this addresses the requests make by Jim Schaad and Richard Barnes in JOSE Issues #26 “Allow for signature payload to not be base64 encoded” and #23 http://trac.tools.ietf.org/wg/jose/trac/ticket/23 “Make crypto independent of binary encoding (base64)”.

 

About https://tools.ietf.org/html/draft-jones-jose-key-managed-json-web-signature-01, I’ll add that this addresses the request made by Jim Schaad in JOSE Issue #2 http://trac.tools.ietf.org/wg/jose/trac/ticket/2 “No key management for MAC”.

 

Also, there’s a highly relevant discussion about key management for MACs going on in the COSE working group.  See the thread “[Cose] Key management for MACs (was Re: Review of draft-schaad-cose-msg-01)” – especially https://mailarchive.ietf.org/arch/msg/cose/aUehU6O7Ui8CXcGxy3TquZOxWH4 and https://mailarchive.ietf.org/arch/msg/cose/ouOIdAOe2P-W8BjGLJ7BNvvRr10.

 

One could take the view that our decision on the JOSE key management draft should be informed by the related decision in COSE.  Specifically, that if COSE decides to support key management for MACs, the same reasoning likely should apply to our decision on whether to define a standard mechanism for supporting key management for MACs in JOSE.

 

Key management is explicitly out-of-scope for COSE as stated in the charter.  The discussion referenced had this point at the close of that discussion.

 

I'm not seeing much support for these drafts moving forward in JOSE.  I'm also not seeing enough to justify standards track and AD sponsored.  If you think these are important to have move forward in the WG or as standards track, please say so soon.  They can still go forward through the Independent submission process through the ISE.

 

Thank you,

Kathleen 

 

                                                            -- Mike

 

From: jose [mailto:jose-bounces@ietf.org] On Behalf Of Karen O'Donoghue
Sent: Wednesday, July 01, 2015 8:38 AM
To: jose@ietf.org <mailto:jose@ietf.org> 
Subject: [jose] way forward for two remaining drafts

 

Folks, 

 

With the thumbprint draft progressing through the process, we have two remaining individual drafts to decide what to do with. The options include: 1) adopt as working group drafts; 2) ask for AD sponsorship of individual drafts; or 3) recommend that they not be published. Please express your thoughts on what we should do with these drafts. Jim, Kathleen, and I would like to make a decision in the Prague timeframe, so please respond by 15 July. 

 

https://tools.ietf.org/id/draft-jones-jose-jws-signing-input-options-00.txt

 

https://tools.ietf.org/id/draft-jones-jose-key-managed-json-web-signature-01.txt

 

Thanks,

Karen

_______________________________________________
jose mailing list
jose@ietf.org <mailto:jose@ietf.org> 
https://www.ietf.org/mailman/listinfo/jose


_______________________________________________
jose mailing list
jose@ietf.org <mailto:jose@ietf.org> 
https://www.ietf.org/mailman/listinfo/jose





 

-- 

Nat Sakimura (=nat)

Chairman, OpenID Foundation
http://nat.sakimura.org/
@_nat_en

 

_______________________________________________
jose mailing list
jose@ietf.org <mailto:jose@ietf.org> 
https://www.ietf.org/mailman/listinfo/jose

v2.23.0 | Report a Bug | By Email