Below is the updated charter that has been submitted to the IESG for
review. Thank you to all who helped with the process.
Regards,
Karen
Description of JOSE Working Group
JavaScript Object Notation (JSON) is a text format for the serialization
of structured
data described in RFC 4627. The JSON format is often used for
serializing and
transmitting structured data over a network connection. With the
increased usage
of JSON in protocols in the IETF and elsewhere, there is now a desire to
offer
security services such as encryption, digital signatures, message
authentication
codes (MACs), and key representations for data that is being carried in
JSON format.
Different proposals for providing such security services have already
been defined
and implemented. This Working Group's task is to standardize four kinds of
security services, integrity protection (signature and MAC), encryption,
key
representations, and algorithm identifiers, in order to increase
interoperability of
security features between protocols that use JSON. The Working Group
will base its
work on well-known message security primitives (e.g., CMS), and will
solicit input
from the rest of the IETF Security Area to be sure that the security
functionality in
the JSON format is correct.
This group is chartered to work on eight documents:
(1) A Standards Track document specifying how to apply JSON-structured
integrity
protection to data, including (but not limited to) JSON data structures,
including a
compact URL-safe representation. "Integrity protection" includes
public-key digital
signatures as well as symmetric-key MACs.
(2) A Standards Track document specifying how to apply a JSON-structured
encryption to data, including (but not limited to) JSON data structures,
including a
compact URL-safe representation.
(3) A Standards Track document specifying how to encode public keys as JSON-
structured objects.
(4) A Standards Track document specifying algorithms and algorithm
identifiers for
the previous three documents.
(5) A Standards Track document specifying how to apply JSON-structured
integrity
protection to data, including (but not limited to) JSON data structures,
using a JSON
representation supporting multiple recipients. This document will build
upon the
concepts and structures in (1).
(6) A Standards Track document specifying how to apply a JSON-structured
encryption to data, including (but not limited to) JSON data structures,
using a JSON
representation supporting multiple recipients. This document will build
upon the
concepts and structures in (2).
(7) A Standards Track document specifying how to encode private and
symmetric
keys as JSON-structured objects. This document will build upon the
concepts and
structures in (3).
(8) A Standards Track application document specifying a means of protecting
private and symmetric keys via encryption. This document will build
upon the
concepts and structures in (2) and (7). This document may register
additional
algorithms in registries defined by (4).
The working group may decide to address combinations of these goals in
consolidated document(s), in which case the concrete milestones for
these goals will
be satisfied by the consolidated document(s).
Goals and Milestones
Jan 2012 Submit JSON object integrity document (1) as a WG
item.
Jan 2012 Submit JSON object encryption document (2) as a WG
item.
Jan 2012 Submit JSON key format document (3) as a WG item.
Jan 2012 Submit JSON algorithm document (4) as a WG item.
Feb 2013 Start Working Group Last Call on JSON object
integrity document
(1).
Feb 2013 Start Working Group Last Call on JSON object
encryption document
(2).
Feb 2013 Start Working Group Last Call on JSON key format
document (3).
Feb 2013 Start Working Group Last Call on JSON algorithm
document (4).
Mar 2013 Submit JSON object integrity document (1) to IESG for
consideration as Standards Track document.
Mar 2013 Submit JSON object encryption document (2) to IESG for
consideration as Standards Track document.
Mar 2013 Submit JSON key format document (3) to IESG for
consideration as
Standards Track document.
Mar 2013 Submit JSON algorithm document (4) to IESG for
consideration as
Standards Track document.
Mar 2013 Submit multi-recipient JSON object integrity
document (5) as a WG
item.
Mar 2013 Submit multi-recipient JSON object encryption
document (6) as a
WG item.
Mar 2013 Submit JSON private and symmetric key document (7)
as a WG
item.
Mar 2013 Submit JSON key protection application document (8)
as a WG item.
Jun 2013 Start Working Group Last Call on multi-recipient
JSON object
integrity document (5).
Jun 2013 Start Working Group Last Call on multi-recipient
JSON object
encryption document (6).
Jun 2013 Start Working Group Last Call on JSON private and
symmetric key
document (7).
Jun 2013 Start Working Group Last Call on JSON key
protection application
document (8).
Jul 2013 Submit multi-recipient JSON object integrity
document (5) to IESG
for consideration as Standards Track document.
Jul 2013 Submit multi-recipient JSON object encryption
document (6) to
IESG for consideration as Standards Track document.
Jul 2013 Submit JSON private and symmetric key document
(7) to IESG for
consideration as Standards Track document.
Jul 2013 Submit JSON key protection application document
(8) to IESG for
consideration as Standards Track document.
_______________________________________________
jose mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/jose
