> From: jose [mailto:[email protected]] On Behalf Of Richard Barnes
> Sent: Friday, October 10, 2014 2:40 PM
> To: Barry Leiba
> Cc: Jim Schaad; [email protected];
> [email protected]; The IESG; [email protected]
> Subject: Re: [jose] Richard Barnes' Discuss on
> draft-ietf-jose-json-web-key-33: (with DISCUSS and COMMENT)
>
> On Thu, Oct 2, 2014 at 2:23 PM, Barry Leiba <[email protected]> wrote:
> > [JLS] I don't have any objections to using [email protected]. However the
> > original discussions for this was it would be some type of "expert review"
> > list similar to the mime-types list. I don't know that the jose list would
> > provide the same semantics.
>
> Right, that's why I said that it depends.
>
> The media-types list is rather a special case, as it's *extremely*
> active. There are others like that, such as uri-review.
>
> If you're not expecting many registrations very soon, and the working
> group will close after the documents are done, then it makes sense to
> use the jose list because by the time you start getting registrations
> that list won't be active for the working group.
>
> I expect that this is the more likely case. Mike, Jim, do you agree? To
> Mike's point, just because the WG closes down doesn't mean the mailing list
> does.
I know that JOSE registrations will come in from the WebCrypto and JWT specs
and I expect header parameter registrations to come in reasonably often, as
well as occasional algorithm registrations.
Some will happen while the working group is active. Some will continue to
happen after it's not.
> One other possibility: Just re-use the oauth-ext-review@ list. It's probably
> going to be pretty much the same people anyway.
I disagree that the people will be the same, as the designated experts should
likely be different. OAuth registrations require expertise in REST-based
authorization semantics. JOSE registrations require expertise in cryptography.
I frankly expect that the designated experts for JOSE will be Jim Schaad and
one or more of the editors. None of those are among the set of OAuth
designated experts. That argues for having a separate list.
> --Richard
>
>
> If you're expecting the jose list to have active discussion of
> documents while registration requests are coming in, then it makes
> sense to create a new list.
>
> Use your judgment.
Yes, I think this is the case, therefore the current suggestion in the draft of
using a distinct list still looks like the right one to me.
-- Mike
_______________________________________________
jose mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/jose
