IETF
jose@jabber.ietf.org
Wednesday, March 13, 2013< ^ >
tyler has set the subject to: Hello
Room Configuration
Room Occupants

GMT+0
[12:33:11] jimsch joins the room
[12:46:20] Tobia Castaldi joins the room
[12:46:27] m&m joins the room
[12:47:18] bortzmeyer joins the room
[12:47:59] Sean Turner joins the room
[12:48:14] Alessandro Amirante joins the room
[12:58:01] Sean Turner leaves the room: Replaced by new connection
[12:58:02] Sean Turner joins the room
[13:00:04] Christian Faure joins the room
[13:01:30] <Tobia Castaldi> Hi all, Meetecho room available at http://www.meetecho.com/ietf86/jose
[13:02:10] <Tobia Castaldi> Slide 1: JSON Object Signing and Encryption (JOSE
[13:02:17] jimsch1 joins the room
[13:02:19] jimsch leaves the room
[13:03:01] <Tobia Castaldi> Slide 2: Note Well
[13:03:08] <Tobia Castaldi> Slide 3: JOSE WG
[13:03:13] <Tobia Castaldi> Slide 4: Milestones
[13:03:29] <Tobia Castaldi> Slide 5: Agenda
[13:03:43] <Tobia Castaldi> Slide 6: Agenda II
[13:04:10] wilton@jabber.isoc.org joins the room
[13:04:16] <Tobia Castaldi> Presentation stopped
[13:04:55] Yuichi Ioku joins the room
[13:04:58] bkihara.l joins the room
[13:05:02] hildjj joins the room
[13:05:04] <wilton@jabber.isoc.org> First presentation - Richard Barnes; Use Cases
[13:05:23] <Tobia Castaldi> Slide 2: Updates in this version
[13:05:25] Karen O'Donoghue joins the room
[13:05:27] <Tobia Castaldi> Slide 3: Indication of pre-negotiates parameters
[13:05:42] <Tobia Castaldi> Current presenter: Richard Barnes
[13:05:43] <Tobia Castaldi> Slide 3: Indication of pre-negotiates parameters
[13:06:45] <wilton@jabber.isoc.org> Use Cases document is http://tools.ietf.org/id/draft-barnes-jose-use-cases-02.txt (i.e. not draft-ietf-jose yet…)
[13:06:52] <Tobia Castaldi> Slide 4: WebCrypto use case
[13:09:06] <Tobia Castaldi> Slide 5: Summary of requirements
[13:09:07] <wilton@jabber.isoc.org> Tony Nadalin at the mic: web crypto is not necessarily exclusively browser; stand-alone javascript also needs to be catered for
[13:09:10] Christian Faure leaves the room
[13:09:50] <wilton@jabber.isoc.org> Richard: yes - for "browser" read "user agent"...
[13:10:30] <Tobia Castaldi> Slide 6: Next Steps
[13:11:22] <Tobia Castaldi> Presentation stopped
[13:11:41] <wilton@jabber.isoc.org> Presentation 2: John Bradley… JWS, JWE, JWK and JWA
[13:11:59] <Alessandro Amirante> Slide 1: JWS, JWE, JWK, and JWA
[13:12:10] <Alessandro Amirante> Current presenter: John Bradley
[13:12:10] <Alessandro Amirante> Slide 1: JWS, JWE, JWK, and JWA
[13:12:11] <Alessandro Amirante> Slide 2: •  JWS
–  Very stable since Mar
[13:13:48] <Alessandro Amirante> Slide 3: Primary Remaining Open Issue
[13:14:12] <Alessandro Amirante> Slide 2: •  JWS
–  Very stable since Mar
[13:14:46] <wilton@jabber.isoc.org> Richard Barnes at mic: there have been changes to the specs, some of them important
[13:15:32] <wilton@jabber.isoc.org> Prateek Mishra at mic: almost no public/open source implementations of these specs, apart from Nimbus… and not many toolkits
[13:15:53] <wilton@jabber.isoc.org> John Bradley: open source libraries exist
[13:16:24] <wilton@jabber.isoc.org> Sean Turner: at this stage, fewer than two interop test/toolkits are OK
[13:16:36] lef.jpn joins the room
[13:16:48] <wilton@jabber.isoc.org> Richard Barnes: need to publicise the existing tools better
[13:16:56] <wilton@jabber.isoc.org> Roland Berger: has a Python toolkit available
[13:17:07] <Alessandro Amirante> Slide 3: Primary Remaining Open Issue
[13:17:31] <Alessandro Amirante> Slide 4: Criticality Resolution Part 1 of 5
[13:18:14] <Alessandro Amirante> Slide 5: Criticality Resolution Part 2 of 5
[13:18:42] <bortzmeyer> wilton: this Python toolkit is available somewhere? Google does not think so
[13:18:54] <wilton@jabber.isoc.org> I'll check with Roland
[13:19:50] <Alessandro Amirante> Slide 6: Criticality Resolution Part 3 of 5
[13:20:35] <wilton@jabber.isoc.org> Correction: Roland Hedberg, not Roland Berger
[13:21:18] <wilton@jabber.isoc.org> Joe Hildebrand: not a great fan of the syntax, but it's OK...
[13:21:46] <Alessandro Amirante> Slide 7: Criticality Resolution Part 4 of 5
[13:21:54] <Alessandro Amirante> Slide 8: Criticality Resolution Part 5 of 5
[13:23:05] <Alessandro Amirante> any remote? if so, there is a Meetecho room associated with this session: www.meetecho.com/ietf86/jose
[13:24:56] <wilton@jabber.isoc.org> Richard Barnes: we should go ahead with the other 4 parts of the criticality resolution, even if consensus on 5/5 takes longer to achieve
[13:25:02] stpeter joins the room
[13:25:51] stpeter has set the subject to: JOSE WG | https://datatracker.ietf.org/wg/jose/
[13:26:08] satoru.kanno@jabber.org joins the room
[13:26:30] <wilton@jabber.isoc.org> Joe Hildebrand: what happens if "asd" is included in the list of critical elements, intentionally or otherwise?
[13:27:03] <wilton@jabber.isoc.org> Nat Miller: recommend discussion via the list
[13:27:23] <wilton@jabber.isoc.org> Tony Nadalin: desired behaviour needs to be made clearer in the spec…
[13:28:05] <wilton@jabber.isoc.org> Prateek Mishra: why are folks so keen to reuse the JWS and JWE headers for application purposes, rather than a more layered approach?
[13:28:32] <Alessandro Amirante> Slide 9: Other Key Remaining Issue (#3)
[13:28:36] <wilton@jabber.isoc.org> John/Richard: there are good reasons, but we should punt this to the list
[13:30:41] <wilton@jabber.isoc.org> Mike Jones: Security Considerations can describe what keys ought to be used (e.g. to ensure different keys in concatenated encrypted/signed elements)
[13:32:01] <wilton@jabber.isoc.org> Richard Barnes: group should appropriately invoke the cfrg/other crypto-related groups, not try to define crypto algorithms itself...
[13:32:57] <wilton@jabber.isoc.org> Mike Jones: 2 issues: (1) whether to change JWK format… (2) we aren't "defining" new algorithms, we're serially using two pre-defined algorithms - this is an encoding discussion, not an algorithm definition one
[13:33:19] <wilton@jabber.isoc.org> Sean Turner: we should still invoke the cfrg, even if we're "only" concatenating algorithms
[13:33:35] <wilton@jabber.isoc.org> Mat Miller: concatenation == definition of a new algorithm
[13:34:35] <wilton@jabber.isoc.org> Kevin Igoe: (cfrg co-chair) cfrg's draft paper is almost ready to go… (just buffing the chrome)
[13:35:06] <wilton@jabber.isoc.org> Mike Jones: I think there *is* consensus and we should close the issue since we can
[13:35:23] <wilton@jabber.isoc.org> Chair: I'm hearing the AD and cfrg co-chair advise otherwise...
[13:36:02] <wilton@jabber.isoc.org> John Bradley: we can reach a conclusion about this concatenation question without also having to make a decision on McGrew
[13:37:48] <wilton@jabber.isoc.org> Michael Peck: there are still algorithm-specific implementation decisions that would need to be resolved (e.g. non-approved use of the Concat KDF for another purpose)
[13:38:13] Mark Watson joins the room
[13:39:10] <wilton@jabber.isoc.org> Jim Schaad: still not clear to me how to formulate a call, i.e. on what "the change" to be made actually is.
[13:39:27] <Alessandro Amirante> Slide 10: New Issues Filed – Issue #2
[13:39:54] <Alessandro Amirante> Slide 11: New Issues Filed – Issue #4
[13:40:00] <wilton@jabber.isoc.org> Leif Johansson: could take the sense of the room… those present probably do feel they understand what changes need to be made.
[13:40:03] Mark Watson leaves the room
[13:40:04] <Alessandro Amirante> Slide 10: New Issues Filed – Issue #2
[13:40:32] <Alessandro Amirante> Slide 11: New Issues Filed – Issue #4
[13:40:39] Justin Richer joins the room
[13:40:47] <wilton@jabber.isoc.org> Richard Barnes: please submit comments about whether MAC keys should be included in the KM reqts for 'all symmetric keys'
[13:41:36] <wilton@jabber.isoc.org> Richard Barnes: Issue #4 - requirement to include key in integrity check is not adequately justified
[13:42:23] Justin Richer leaves the room
[13:42:35] <wilton@jabber.isoc.org> Richard B: Issue #4 points to a discrepancy between the security model and what the current spec describes (as to whether or not the key and data are cryptographically bound)
[13:43:13] Justin Richer joins the room
[13:43:26] <wilton@jabber.isoc.org> Prateek Mishra: was not aware that key management is in scope for this WG
[13:43:51] <wilton@jabber.isoc.org> Richard Barnes: "KM" here was a poor shorthand for "key representation" e.g. wrapped forms
[13:44:21] <wilton@jabber.isoc.org> Mike Jones: direct encryption does not imply that keys can't be separated
[13:44:51] tony.l.hansen joins the room
[13:45:18] <wilton@jabber.isoc.org> Richard Barnes: if the key and data weren't bound in the first place, no work-around would be needed. I can elaborate via the list if necessary
[13:45:59] <wilton@jabber.isoc.org> Richard Barnes: do those present feel it's important for key and data to be bound under an integrity check?
[13:46:06] <wilton@jabber.isoc.org> (some hands raised)
[13:46:32] <wilton@jabber.isoc.org> Richard Barnes: what's the threat analysis? If there's a compelling one please articulate it via the list?
[13:46:37] <Alessandro Amirante> Slide 12: New Issues Filed – Issue #5
[13:46:41] <wilton@jabber.isoc.org> Tony N: we can contribute use case via the list
[13:47:38] <wilton@jabber.isoc.org> Richard Barnes: Issue #5: instructions for key management leave it unclear what elements should be present in the JWE, even if pre-negotiated...
[13:48:24] <wilton@jabber.isoc.org> John B: completing work on which fields are critical will partly address this issue
[13:48:35] Mark Watson joins the room
[13:48:56] <wilton@jabber.isoc.org> Richard: need to address both (1) which fields *must* be present, and (2) what *must* be done with fields that are present
[13:49:12] <Alessandro Amirante> Slide 13: New Issues Filed – Issue #6
[13:49:19] <wilton@jabber.isoc.org> Chair: Mike Jones to propose text via the list
[13:49:41] Cicho Pernacho joins the room
[13:49:49] <Alessandro Amirante> Slide 14: New Issues Filed – Issue #7
[13:50:01] <wilton@jabber.isoc.org> Noting agreement on Issue #6 (!)
[13:51:57] <wilton@jabber.isoc.org> Richard Barnes: webcrypto and javascript API; both webcrypto and jose are defining lists of algorithm names that the API should cater for
[13:52:52] tony.l.hansen leaves the room
[13:53:09] <wilton@jabber.isoc.org> Joe Hildebrand: need to reconcile difference between the (increasing number of) "standard" lists of algorithm names
[13:54:16] <wilton@jabber.isoc.org> Ryan Sleevi (webcrypto editor): webcrypto WG still working on this issue; acknowledge that there is a wide range of lists (generic and language-specific)
[13:54:55] <wilton@jabber.isoc.org> Richard B: not looking for a concrete text change, just agreement that alignment is a valid design goal
[13:55:09] <Alessandro Amirante> Slide 15: New Issues Filed – Issue #8
[13:55:22] <wilton@jabber.isoc.org> Jim Schaad: "alignment review" is already envisaged
[13:55:38] Cicho Pernacho leaves the room
[13:56:05] <wilton@jabber.isoc.org> Jim Schaad: who will do the analysis on Direct Mode encryption to hand over to cfrg (for Issue #8)?
[13:56:15] Roland Hedberg joins the room
[13:56:16] <wilton@jabber.isoc.org> Richard Barnes: I will frame some text
[13:56:39] <wilton@jabber.isoc.org> Mike Jones: can get comments from Msft crypto review board within a couple of weeks
[13:56:39] Mark Watson leaves the room
[13:57:28] <Alessandro Amirante> Slide 16: New Issues Filed – Issue #9
[13:57:31] <wilton@jabber.isoc.org> Jim Schaad: Richard B to restate the issue via email
[13:58:34] <wilton@jabber.isoc.org> Correction to remove Jabber artifact: Jim Schaad: who will do the analysis on Direct Mode encryption to hand over to cfrg (for Issue # 9 ?)
[13:59:07] <wilton@jabber.isoc.org> Re-correction… Jim Schaad: who will do the analysis on Direct Mode encryption to hand over to cfrg (for Issue # 8 ) ?
[13:59:27] <Alessandro Amirante> Slide 17: New Issues Filed – Issue #10
[13:59:36] <wilton@jabber.isoc.org> Jim Schaad: Richard to document issue # 9 (spi) in more detail  
[14:02:13] <wilton@jabber.isoc.org> Mat Miller: applications should be able to determine what is MTI and what isn't, *but*… there probably is a base set of MTI algorithms that is generic and should be specified
[14:02:13] <Justin Richer> audio stream is breaking up for me, is it for anyone else?
[14:02:17] Mark Watson joins the room
[14:02:34] <Justin Richer> It was fine until a moment ago.
[14:03:20] <wilton@jabber.isoc.org> Tony Hansen: framing specs in terms of MUST raises the bar for anyone seeking to justify an exception...
[14:04:54] <wilton@jabber.isoc.org> Richard B: couple of generic concerns with MTI; (i) it brings along a burden of algorithm support… (ii) jose libraries won't be reaching out and modifying crypto libraries… they will be using what's on the shelf
[14:06:31] <wilton@jabber.isoc.org> Richard B: adding MTI algorithms can end up improving interop, but at the price of constraining progress to adoption/deployment of newer algorithms
[14:08:27] <wilton@jabber.isoc.org> Mike Jones: current MTI algorithms: HMAC SHA-256, RSA, PKCS 1, AES-CBC, HMAC 256 (NB - some of these are MIT at a specific key length… this Jabber record is not authoritative!)
[14:08:37] <wilton@jabber.isoc.org> *MTI
[14:10:31] <wilton@jabber.isoc.org> [missed name] Users/apps should make the decisions about what algorithms are appropriate…
[14:11:06] <Alessandro Amirante> Slide 18: Conclusions
[14:11:27] <wilton@jabber.isoc.org> Steve Kent/Matt Miller: thank chair for reiterating that MTI is not the same as MTU...
[14:11:52] <Alessandro Amirante> Sorry... this slide was not on the deck we uploaded :S
[14:12:11] <Alessandro Amirante> It's issue #12, BTW
[14:12:58] <wilton@jabber.isoc.org> Mike Jones: (Issue # 12 ) will propose fixes to the text
[14:13:44] Roland Hedberg leaves the room
[14:13:48] <wilton@jabber.isoc.org> Brian Campbell: would like to hear an actual use case to justify fixing Issue # 12...
[14:14:29] <Karen O'Donoghue> justin: how's the audio?
[14:15:08] <wilton@jabber.isoc.org> John Bradley: curse your Earth logic...
[14:16:46] <Justin Richer> Karen: The audio has cleared up now, thanks. I'm not sure what happened.
[14:17:11] lellel joins the room
[14:17:57] <wilton@jabber.isoc.org> Karen: requests volunteers to provide clearer documentation of (i) Issue # 3 and (ii) the other as yet unclear concerns related to (but not the same as) Issue # 3
[14:18:12] <wilton@jabber.isoc.org> Mike Jones: happy to provide unambiguous text
[14:18:37] <Alessandro Amirante> Presentation stopped
[14:19:05] <Alessandro Amirante> Slide 1: JOSE WG @ IETF 86
[14:19:06] <wilton@jabber.isoc.org> Presn 3: Nat Sakimura - JSON Serialization Specs (JWS and KWE)
[14:19:10] Roland Hedberg joins the room
[14:19:16] <Alessandro Amirante> Slide 2: Documents:
[14:20:14] <Alessandro Amirante> Slide 3: JSON Serialization Goals
[14:20:18] <Alessandro Amirante> Slide 4: Design Methodology
[14:20:37] <wilton@jabber.isoc.org> Here is the link to Roland Hedberg's Python toolkit on github: https://github.com/rohe/pyjwkest
[14:20:44] <Alessandro Amirante> Slide 5: Specs Very Stable
[14:21:07] <Alessandro Amirante> Slide 6: It’s Time for WG Draft Status
[14:21:38] <Alessandro Amirante> Slide 7: Backup Slides
[14:22:49] <wilton@jabber.isoc.org> Leif Johansson: is the compact representation still needed?
[14:22:56] <wilton@jabber.isoc.org> Richard Barnes: yes
[14:23:31] <wilton@jabber.isoc.org> Richard Barnes: this ought to go into the base specs
[14:24:11] <wilton@jabber.isoc.org> Jim Schaad: a call went out on the list and didn't produce any counter-proposals… therefore see no reason not to include these documents in the WG's programme
[14:24:36] <wilton@jabber.isoc.org> Jim: should the serialization docs me folded into the base docs or kept as discrete docs?
[14:24:42] <wilton@jabber.isoc.org> Richard: included in base
[14:24:56] <wilton@jabber.isoc.org> Jim H: does that mean we couldn't have alternate serialisations later?
[14:25:00] <wilton@jabber.isoc.org> Ricahrd: shakes head
[14:25:09] <wilton@jabber.isoc.org> *Richard
[14:26:29] <wilton@jabber.isoc.org> Richard: JSON serialisation should be incorporated in the base document, because that's what the WG signed up for
[14:27:22] <wilton@jabber.isoc.org> Mike Jones: some developers will only use compact serialisation, and won't be using the JSON serialisation - so a [discrete] document that doesn't include extraneous stuff is more useful/usable for them
[14:27:56] <wilton@jabber.isoc.org> Sean Turner: ONE serialisation doc good; TWO maybe ok; THREE.. starts to look iffy.
[14:28:04] Gabor Enyedi joins the room
[14:28:12] <wilton@jabber.isoc.org> Mike Jones; no concrete proposal for three at this point.
[14:28:21] <Sean Turner> not necessarily doc but choices
[14:28:25] Mark Watson leaves the room
[14:28:31] <wilton@jabber.isoc.org> ack
[14:28:59] <Sean Turner> btw - many thanks for taking notes ;)
[14:29:24] <Justin Richer> There are a lot of "ifs" in this while many people are already using the compact
[14:29:29] <Justin Richer> and I agree with Mike that neither is generic
[14:29:35] <wilton@jabber.isoc.org> Richard B: Inverse of Mike Jones' point also true - some JSON developers will never use compact serialisation...
[14:29:51] Gabor Enyedi leaves the room
[14:30:22] <wilton@jabber.isoc.org> Matt Miller: "one" is a nice-to-have; I have a specific serialisation for XMPP, but the existence of other docs is not a hindrance to me...
[14:30:32] <Alessandro Amirante> Presentation stopped
[14:31:01] <wilton@jabber.isoc.org> Jim Schaad: conclusion is to proceed on the basis of a combined document
[14:31:28] <Alessandro Amirante> Slide 1: JSON Private and Symmetric Key
[14:31:30] <wilton@jabber.isoc.org> Presn 4 - Mike Jones: JSON Private and Symmetric Key representations
[14:31:47] <Alessandro Amirante> Slide 2: Overview
[14:31:50] <wilton@jabber.isoc.org> (to complement Public Key representation)
[14:32:11] <Alessandro Amirante> Slide 3: Elliptic Curve Private Key Example
[14:32:37] <Alessandro Amirante> Slide 4: RSA Private Key Example
[14:32:59] <Alessandro Amirante> Slide 5: Symmetric Key Example
[14:33:17] <Alessandro Amirante> Slide 6: Request for WG Action
[14:33:29] <wilton@jabber.isoc.org> *busily writes down Mike's symmetric key*
[14:33:35] Mark Watson joins the room
[14:34:04] <Justin Richer> JOSE has enough documents -- fold them into JWK
[14:34:17] Mike Bannion joins the room
[14:34:30] <wilton@jabber.isoc.org> Matt Miller: WIBNI they were all in one draft, just to have all the "to be protected" assets described in one doc?
[14:34:56] <wilton@jabber.isoc.org> Sean Turner: arent' there already well defined and used formats for this stuff?
[14:35:00] <Alessandro Amirante> Presentation stopped
[14:35:03] <wilton@jabber.isoc.org> Mike Jones: not for JSON
[14:35:07] <wilton@jabber.isoc.org> *aren't
[14:35:10] Gabor Enyedi joins the room
[14:35:23] <Alessandro Amirante> Slide 1: Protec'ng*Keys*in*JOSE*
[14:35:33] <Alessandro Amirante> Slide 2: The*Problem*
[14:35:39] <wilton@jabber.isoc.org> Presn 5 - Matt Miller: Protecting keys in JOSE
[14:36:13] <Alessandro Amirante> Slide 3: One*Approach*
[14:36:49] <Alessandro Amirante> Slide 4: To*Wrap*…*
[14:37:25] <Alessandro Amirante> Slide 5: …*to*Unwrap*
[14:37:26] Gabor Enyedi leaves the room
[14:37:44] hildjj leaves the room
[14:37:46] <Alessandro Amirante> Slide 6: For*Humans*
[14:37:58] Gabor Enyedi joins the room
[14:38:53] <Alessandro Amirante> Slide 7: Next*Steps*
[14:39:04] hildjj joins the room
[14:39:49] <Alessandro Amirante> Presentation stopped
[14:40:01] <wilton@jabber.isoc.org> Sean Turner: need to put a little rationale behind any key-length recommendations...
[14:40:05] Gabor Enyedi leaves the room
[14:40:08] <Alessandro Amirante> Slide 1: A    
 Unified    
 Theory    
 of    
 
[14:40:09] hildjj leaves the room
[14:40:18] <Alessandro Amirante> Slide 2: What    
 do    
 we    
 want    
 in    
 a
[14:40:19] <wilton@jabber.isoc.org> Richard Barnes: <ommmmmmmmmm>
[14:40:49] hildjj joins the room
[14:41:23] Gabor Enyedi joins the room
[14:41:59] <Alessandro Amirante> Slide 3: What    
 do    
 we    
 already    
 have?
[14:42:00] <Alessandro Amirante> Slide 4: Goals    
 
[14:42:51] <Alessandro Amirante> Slide 5: What    
 do    
 we    
 need    
 to    
 d
[14:43:42] <Alessandro Amirante> Slide 6: The    
 Wrapping    
 Algorithm    
 (symm
[14:44:36] <Alessandro Amirante> Slide 7: The    
 Wrapping    
 Algorithm    
 (a<r)
[14:44:57] <Alessandro Amirante> Slide 8: The    
 Wrapping    
 Algorithm    
 (priv
[14:46:00] <Alessandro Amirante> Slide 9: The    
 Wrapping    
 Algorithm    
 (priv
[14:46:35] <Alessandro Amirante> Slide 10: JSON    
 with    
 Efficient    
 Binary
[14:48:35] <Alessandro Amirante> Slide 11: JEB    
 Example    
 (symm)    
 
[14:49:19] <Alessandro Amirante> Slide 12: JEB    
 Example    
 (priv)    
 
[14:50:11] <Alessandro Amirante> Slide 13: Recap    
 
[14:50:51] <Alessandro Amirante> Slide 14: QuesKons    
 
[14:50:58] <wilton@jabber.isoc.org> Richard B will write a draft to summarise the points covered in the presn (and those it glossed over)
[14:51:08] <wilton@jabber.isoc.org> 2 main questions:
[14:51:26] <wilton@jabber.isoc.org> 1 - What framework should we allow for key protection?
[14:51:41] <wilton@jabber.isoc.org> 2 - How should we encode the key to be protected?
[14:51:56] ghcooper joins the room
[14:52:03] <Mark Watson> Is defining our own binary format really worth the 25% saving, when there are multiple efforts like BSON, UBJSON etc. addressing this ?
[14:52:27] <wilton@jabber.isoc.org> Mark - would you like that relayed via the mic?
[14:52:54] <Mark Watson> yes please
[14:53:05] ghcooper leaves the room: offline
[14:53:26] <wilton@jabber.isoc.org> Matt Miller: Richard's approach is sound in principle; pragmatically, it might open a lot of questions that are close to resolution...
[14:54:28] <Alessandro Amirante> Presentation stopped
[14:55:08] <wilton@jabber.isoc.org> Mike Jones: seconds Mark Watson's question...
[14:56:05] <wilton@jabber.isoc.org> (a JSON group shouldn't be considering producing other binary representations… the Miller's Draft expresses the right approach
[14:57:07] andrew biggs joins the room
[14:57:12] <wilton@jabber.isoc.org> Joe Hildebrand: work on other serialisations should be done elsewhere… (e.g in 4627bis WG)
[14:57:29] <Justin Richer> +1 to the comments just now
[14:58:05] Jaromir Talir joins the room
[14:58:41] <hildjj> potential JSON wg charter: http://trac.tools.ietf.org/wg/appsawg/trac/wiki/JSON
[14:58:49] <wilton@jabber.isoc.org> Richard B: Private keys need to be incorporated in JSON specs, because otherwise there's a risk of ending up with different ways of treating private keys as opposed to public and/or symmetric keys… and that would be bad.
[14:58:53] <Alessandro Amirante> Slide 3: What    
 do    
 we    
 already    
 have?
[14:59:26] <Justin Richer> So perhaps the right question is why not change what JWE does with the content master key to use the JWK format instead?
[14:59:47] <stpeter> Justin Richer: let us know if you'd like your comments relayed to the mic
[14:59:51] <Justin Richer> + the miller draft.
[14:59:55] bortzmeyer leaves the room
[15:00:25] Tobia Castaldi leaves the room
[15:00:27] <wilton@jabber.isoc.org> At this rate, Miller Draft should be paying us royalties...
[15:00:28] bortzmeyer joins the room
[15:00:38] <Justin Richer> stpeter: I think it'd be worth bringing up but I think Mike is about to address it
[15:00:46] <stpeter> Justin Richer: ok!
[15:00:57] Tobia Castaldi joins the room
[15:01:28] <Mark Watson> One could argue that having a straightforward callout for the specific case of a symmetric key without attributes (wrap binary key directly) vs everything else (wrap JWK object) would be preferable to defining the new binary format which 'just happens' to implement the above distinction (sort of) naturally.
[15:01:32] <wilton@jabber.isoc.org> If remote folks would like Jabber comments relayed to the mic please preface them with mic:
[15:01:56] <wilton@jabber.isoc.org> (and apologies if there's a delay… am scribing and relaying…)
[15:02:45] <Mark Watson> Otherwise the comments are on the screen in the room, right ?
[15:03:03] <stpeter> Mark Watson: we are not showing the chatroom on the screen here
[15:03:37] <Mark Watson> ok
[15:04:31] <bortzmeyer> Yet Another Variant of JSON :  https://code.google.com/p/rson/
[15:05:05] <wilton@jabber.isoc.org> Richard B: Mark Watson's point above ("One could argue…") is what is Question 2 seeks to address.
[15:05:38] =JeffH joins the room
[15:05:58] <wilton@jabber.isoc.org> Jim Schaad: this soudns ripe for cfrg input...
[15:06:16] <hildjj> bortzmeyer: that doesn't help much
[15:06:31] =JeffH leaves the room
[15:06:48] <wilton@jabber.isoc.org> Kevin Igoe: there is a clear preference on algorithm use [sorry, I'm not going to try and reproduce the details on the fly here - will ask Kevin for the specifics. RW]
[15:08:09] <wilton@jabber.isoc.org> Steve Kent: the question on which algorithm to use for symmetric key exchange needs to be more precisely framed - e.g. because the shared state between parties will be different in, say, DH and RSA contexts…
[15:08:16] <Alessandro Amirante> Slide 14: QuesKons    
 
[15:08:36] Gabor Enyedi leaves the room
[15:08:57] <wilton@jabber.isoc.org> Richard B: back to Q1 - What framework should we allow for key protection? *Does* raise the question of what algorithms should be acceptable for wrapping keys...
[15:09:39] <wilton@jabber.isoc.org> Current JWE approach has the benefit of a defined key separation between 'key wrapping' and 'encryption' keys.
[15:10:52] <wilton@jabber.isoc.org> Jim Schaad: propose deferring decision until Richard B can submit a concrete proposal based on JSON encoding, for comparison with Miller draft
[15:11:12] <Alessandro Amirante> Presentation stopped
[15:11:23] <wilton@jabber.isoc.org> (Richard's submission should explicitly avoid the binary encoding issue, for the purposes of this step)
[15:12:14] <wilton@jabber.isoc.org> Next presn: JSON Web Key for PKIX Cetificates - Brian Campbell  
[15:12:31] <wilton@jabber.isoc.org> *Certificates
[15:12:32] <Tobia Castaldi> Slide 1: JWK for PKIX Certificates
[15:12:37] <Tobia Castaldi> Slide 2: Why Bother?
[15:12:44] Jaromir Talir leaves the room
[15:12:53] <Justin Richer> If you're going to be a bag, you should be a Useful bag, right? :)
[15:13:13] <Tobia Castaldi> Slide 3: What is it?
[15:13:47] <Sean Turner> or a cool bag
[15:13:49] Luis Nunez joins the room
[15:14:04] <wilton@jabber.isoc.org> At any rate, not the kind John Bradley referred to… ;^)
[15:14:10] Jaromir Talir joins the room
[15:14:50] Jaromir Talir leaves the room
[15:16:15] <Tobia Castaldi> Slide 4: Where It’s Useful
[15:16:48] <Tobia Castaldi> Slide 5: Other ways to skin the cat
[15:17:47] <wilton@jabber.isoc.org> Brian discovering that concatenating objects (presentations) is *not* semantically neutral ;^)
[15:19:07] <Tobia Castaldi> Slide 3: What is it?
[15:19:35] Mike Bannion leaves the room
[15:19:37] <wilton@jabber.isoc.org> Matt Miller: x5c expressed as a first order JWK member because it addresses some issues arising from potential mis-matches between 'bare' public keys and the public keys represented in the encoding...  
[15:20:07] <stpeter> (that was Brad Hill at the mic)
[15:20:28] <wilton@jabber.isoc.org> Brad Hill [thanks stpeter] : the spec as written does not eliminate all representational duplication…
[15:22:30] <wilton@jabber.isoc.org> Richard B: a proposed "new JWK key type" could be seen as analogous to a replacement for PKCS#7...
[15:22:40] <Tobia Castaldi> Slide 4: Where It’s Useful
[15:24:39] <wilton@jabber.isoc.org> Peter St Andre: Matt's posh model might well be reusable for use cases other than XMPP...
[15:24:59] <Tobia Castaldi> Slide 5: Other ways to skin the cat
[15:25:51] <Tobia Castaldi> Slide 6: Detractors to the useful bag
[15:25:58] <wilton@jabber.isoc.org> Joe Hildebrand: is there APP area work to be done on the x5c/JWK topic?
[15:26:35] <wilton@jabber.isoc.org> Please note my restraint concerning StPeter and "holder of key" remarks.. ;^)
[15:26:54] <Tobia Castaldi> Slide 7: What’s Next?
[15:27:05] Mark Watson leaves the room
[15:28:24] <wilton@jabber.isoc.org> Matt Miller: preference would be to include this (x5c/PKIX handling) in JWK
[15:28:32] <wilton@jabber.isoc.org> Richard B: +1
[15:28:55] <wilton@jabber.isoc.org> John Bradley: would like to take this rare opportunity to agree with Richard.
[15:29:28] <wilton@jabber.isoc.org> Tony N: not convinced it's quite ready to be rolled into JWK yet
[15:29:52] <wilton@jabber.isoc.org> Matt Miller/Richard B: it's probably close enough, modulo a tweak or two
[15:30:14] <wilton@jabber.isoc.org> Tony N: but still raises potential interop issues...
[15:30:30] <wilton@jabber.isoc.org> Jim Schaad: chairs' prerogative: adjourned...
[15:30:40] <wilton@jabber.isoc.org> Mike Jones: where are we on the re-charter?
[15:30:54] Roland Hedberg leaves the room
[15:31:07] <wilton@jabber.isoc.org> Karen: I believe I've passed it to the AD
[15:31:11] andrew biggs leaves the room
[15:31:15] Karen O'Donoghue leaves the room
[15:31:16] m&m leaves the room: Disconnected: connection closed
[15:31:17] <wilton@jabber.isoc.org> Lunch!
[15:31:21] bortzmeyer leaves the room
[15:31:21] stpeter leaves the room: Disconnected: connection closed
[15:31:21] lef.jpn leaves the room
[15:31:21] <Tobia Castaldi> Presentation stopped
[15:31:24] wilton@jabber.isoc.org leaves the room
[15:31:29] bkihara.l leaves the room
[15:31:36] giorgio joins the room
[15:31:46] jimsch1 leaves the room
[15:32:02] hildjj leaves the room
[15:32:16] satoru.kanno@jabber.org leaves the room
[15:32:19] <Tobia Castaldi> the sesson is over
[15:32:22] <Tobia Castaldi> bye bue
[15:32:35] <Tobia Castaldi> see you next time on Meetecho
[15:32:43] <Luis Nunez> thx
[15:33:09] Tobia Castaldi leaves the room
[15:33:18] Alessandro Amirante leaves the room
[15:33:32] lellel leaves the room
[15:33:35] giorgio leaves the room
[15:33:46] Luis Nunez leaves the room
[15:36:36] Sean Turner leaves the room
[15:36:41] Justin Richer leaves the room
[15:40:38] Karen O'Donoghue joins the room
[15:42:40] Karen O'Donoghue leaves the room
[15:42:48] Sean Turner joins the room
[15:45:38] Sean Turner leaves the room
[15:45:47] Sean Turner joins the room
[16:15:50] jimsch1 joins the room
[16:17:01] jimsch1 leaves the room
[16:20:37] Yuichi Ioku leaves the room
[16:21:59] tony.l.hansen joins the room
[16:43:48] hildjj joins the room
[16:50:52] hildjj leaves the room
[16:50:55] hildjj joins the room
[16:52:54] bortzmeyer joins the room
[16:53:26] bortzmeyer leaves the room
[16:54:48] andrew biggs joins the room
[17:00:21] andrew biggs leaves the room
[17:03:30] stpeter joins the room
[17:07:40] hildjj leaves the room
[17:08:14] m&m joins the room
[17:09:58] m&m leaves the room: Disconnected: connection closed
[17:10:02] m&m joins the room
[17:13:24] satoru.kanno@jabber.org joins the room
[17:13:49] lef.jpn joins the room
[17:18:59] m&m leaves the room
[17:30:17] stpeter leaves the room
[17:37:21] lef.jpn leaves the room
[18:03:47] Karen O'Donoghue joins the room
[18:04:17] Sean Turner leaves the room
[18:21:44] Karen O'Donoghue leaves the room
[18:34:23] Karen O'Donoghue joins the room
[18:51:49] Karen O'Donoghue leaves the room
[19:04:02] satoru.kanno@jabber.org leaves the room
[19:16:48] Karen O'Donoghue joins the room
[19:38:37] satoru.kanno@jabber.org joins the room
[19:46:13] satoru.kanno@jabber.org leaves the room
[19:49:26] Karen O'Donoghue leaves the room
[20:08:04] Karen O'Donoghue joins the room
[20:49:20] Karen O'Donoghue leaves the room
[21:11:26] Karen O'Donoghue joins the room
[21:12:38] Karen O'Donoghue leaves the room
[21:43:03] tony.l.hansen leaves the room
[21:43:13] Karen O'Donoghue joins the room
[22:50:03] satoru.kanno@jabber.org joins the room
[23:30:12] satoru.kanno@jabber.org leaves the room
Powered by ejabberd Powered by Erlang Valid XHTML 1.0 Transitional Valid CSS!