Re: [jose] way forward for two remaining drafts

[Nat Sakimura]

Axel wrote: 

Is it an argument for not base64url encoding payloads that they remain 
human/developer readable? 

This argument would make draft-jones-jose-jws-signing-input-options useful for 
small payloads too.

 

 

Indeed. It is one of my use case – small and I want to keep it readable. 

 

For the case the headers are not needed to be protected, the readability 
extends to the headers as well. 

 

Re: header parameters, for the sake of size, I am inclined to combine “sph” and 
“b64” to “pb” or something and represent the value as a number. 

So: (Sorry for an HTML table)

 


"sph"

"b64"

“pb”


true

true

3


false

true

1


true

false

2


false

false

0

 

 

-- 

Nat Sakimura < <mailto:n-sakim...@nri.co.jp> n-sakim...@nri.co.jp>

Nomura Research Institute, Ltd. 

 

PLEASE READ:

The information contained in this e-mail is confidential and intended for the 
named recipient(s) only.

If you are not an intended recipient of this e-mail, you are hereby notified 
that any review, dissemination, distribution or duplication of this message is 
strictly prohibited. If you have received this message in error, please notify 
the sender immediately and delete your copy from your system.

 

From: jose [mailto:jose-boun...@ietf.org] On Behalf Of axel.nenn...@telekom.de
Sent: Thursday, July 16, 2015 2:55 PM
To: kathleen.moriarty.i...@gmail.com; e...@mgi1.com
Cc: michael.jo...@microsoft.com; sakim...@gmail.com; odonog...@isoc.org; 
jose@ietf.org
Subject: Re: [jose] way forward for two remaining drafts

 

Will review and probably implement this.

 

Nits: s/some of have/some have/

   While this

   cryptographically binds the protected Header Parameters to the

   integrity protected payload, some of have described use cases in

   which this binding is unnecessary and/or an impediment to adoption,

   especially when the payload is large and/or detached.

Should read:

   While this
   cryptographically binds the protected Header Parameters to the
   integrity protected payload, some have described use cases in
   which this binding is unnecessary and/or an impediment to adoption,
   especially when the payload is large and/or detached.

 

Is it an argument for not base64url encoding payloads that they remain 
human/developer readable? 

This argument would make draft-jones-jose-jws-signing-input-options useful for 
small payloads too.

 

-Axel

 

From: jose [mailto:jose-boun...@ietf.org] On Behalf Of Kathleen Moriarty
Sent: Montag, 13. Juli 2015 20:25
To: Edmund Jay
Cc: Mike Jones; Nat Sakimura; jose@ietf.org <mailto:jose@ietf.org> ; Karen 
O'Donoghue
Subject: Re: [jose] way forward for two remaining drafts

 

Hello,

 

It's good too see that a few people do support these drafts.  Will each of you 
be sending reviews and comments to the list shortly on these drafts?  If the 
chairs think it's reasonable to accept the drafts, they will also need to know 
there will be active support.

 

Thanks,

Kathleen 

Sent from my iPhone


On Jul 13, 2015, at 1:10 PM, Edmund Jay <e...@mgi1.com <mailto:e...@mgi1.com> > 
wrote:

+1

 

 


  _____  


From: Nat Sakimura <sakim...@gmail.com <mailto:sakim...@gmail.com> >
To: Kathleen Moriarty <kathleen.moriarty.i...@gmail.com 
<mailto:kathleen.moriarty.i...@gmail.com> > 
Cc: Mike Jones <michael.jo...@microsoft.com 
<mailto:michael.jo...@microsoft.com> >; Karen O'Donoghue <odonog...@isoc.org 
<mailto:odonog...@isoc.org> >; "jose@ietf.org <mailto:jose@ietf.org> " 
<jose@ietf.org <mailto:jose@ietf.org> > 
Sent: Sunday, July 12, 2015 10:32 AM
Subject: Re: [jose] way forward for two remaining drafts

 

Sorry to chime in so late. I have been completely under water for sometime now. 

 

Like Phil, I do see that draft-jones-jose-jws-signing-input-options sort of 
thing can be very useful, though I may want to have slightly different way of 
encoding the things. Being able to do detached signature is quite attractive. 

 

Best, 

 

Nat

 

2015-07-10 2:37 GMT+09:00 Kathleen Moriarty <kathleen.moriarty.i...@gmail.com 
<mailto:kathleen.moriarty.i...@gmail.com> >:

 

Hi,

Sent from my iPhone


On Jul 9, 2015, at 1:16 PM, Mike Jones <michael.jo...@microsoft.com 
<mailto:michael.jo...@microsoft.com> > wrote:

About 
https://tools.ietf.org/html/draft-jones-jose-jws-signing-input-options-00, I’ll 
add that this addresses the requests make by Jim Schaad and Richard Barnes in 
JOSE Issues #26 “Allow for signature payload to not be base64 encoded” and #23 
http://trac.tools.ietf.org/wg/jose/trac/ticket/23 “Make crypto independent of 
binary encoding (base64)”.

 

About 
https://tools.ietf.org/html/draft-jones-jose-key-managed-json-web-signature-01, 
I’ll add that this addresses the request made by Jim Schaad in JOSE Issue #2 
http://trac.tools.ietf.org/wg/jose/trac/ticket/2 “No key management for MAC”.

 

Also, there’s a highly relevant discussion about key management for MACs going 
on in the COSE working group.  See the thread “[Cose] Key management for MACs 
(was Re: Review of draft-schaad-cose-msg-01)” – especially 
https://mailarchive.ietf.org/arch/msg/cose/aUehU6O7Ui8CXcGxy3TquZOxWH4 and 
https://mailarchive.ietf.org/arch/msg/cose/ouOIdAOe2P-W8BjGLJ7BNvvRr10.

 

One could take the view that our decision on the JOSE key management draft 
should be informed by the related decision in COSE.  Specifically, that if COSE 
decides to support key management for MACs, the same reasoning likely should 
apply to our decision on whether to define a standard mechanism for supporting 
key management for MACs in JOSE.

 

Key management is explicitly out-of-scope for COSE as stated in the charter.  
The discussion referenced had this point at the close of that discussion.

 

I'm not seeing much support for these drafts moving forward in JOSE.  I'm also 
not seeing enough to justify standards track and AD sponsored.  If you think 
these are important to have move forward in the WG or as standards track, 
please say so soon.  They can still go forward through the Independent 
submission process through the ISE.

 

Thank you,

Kathleen 

 

                                                            -- Mike

 

From: jose [mailto:jose-boun...@ietf.org] On Behalf Of Karen O'Donoghue
Sent: Wednesday, July 01, 2015 8:38 AM
To: jose@ietf.org <mailto:jose@ietf.org> 
Subject: [jose] way forward for two remaining drafts

 

Folks, 

 

With the thumbprint draft progressing through the process, we have two 
remaining individual drafts to decide what to do with. The options include: 1) 
adopt as working group drafts; 2) ask for AD sponsorship of individual drafts; 
or 3) recommend that they not be published. Please express your thoughts on 
what we should do with these drafts. Jim, Kathleen, and I would like to make a 
decision in the Prague timeframe, so please respond by 15 July. 

 

https://tools.ietf.org/id/draft-jones-jose-jws-signing-input-options-00.txt

 

https://tools.ietf.org/id/draft-jones-jose-key-managed-json-web-signature-01.txt

 

Thanks,

Karen

_______________________________________________
jose mailing list
jose@ietf.org <mailto:jose@ietf.org> 
https://www.ietf.org/mailman/listinfo/jose


_______________________________________________
jose mailing list
jose@ietf.org <mailto:jose@ietf.org> 
https://www.ietf.org/mailman/listinfo/jose





 

-- 

Nat Sakimura (=nat)

Chairman, OpenID Foundation
http://nat.sakimura.org/
@_nat_en

 

_______________________________________________
jose mailing list
jose@ietf.org <mailto:jose@ietf.org> 
https://www.ietf.org/mailman/listinfo/jose

 


_______________________________________________
jose mailing list
jose@ietf.org
https://www.ietf.org/mailman/listinfo/jose