I was rewarded for a comment in the meeting today* with an action item to start a discussion on-list. So here I am with that. It's difficult (for me anyway) to articulate some of this in writing, which is why I wanted to voice it in the meeting. But that got redirected back to the list so here's my attempt :)
Basically my suggestion is/was that the JWP/JWA/JPT drafts should focus only on container formats and support for the newer cryptographic techniques, like BBS, that can provide both selective disclosure and unlinkability. And not try to do something with "traditional" cryptography and JWS that can only do selective disclosure. From my perspective it'd be preferable to have the overall JWP container/abstraction provide a more consistent set of security/privacy properties that doesn't vary by the algorithm (that kind of variance has been a problem in JWS, for example, where the same container can be asymmetrically signed, HMAC'd or not protected at all). And I think it'd be good to have the general design be unencumbered by considerations trying to retrofit or account for the "legacy" stuff. The documents could be simplified (or at least made shorter and more focused) too by removing the "Single Use JWP" concept that uses multiple JWS values as well as the MAC JPA stuff. * which did also refer back to similar comments from the BoF @ IETF 114 https://mailarchive.ietf.org/arch/msg/jose/Qde04x9VqmhGavrlg2Gm_H54Zcc/ -- _CONFIDENTIALITY NOTICE: This email may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited. If you have received this communication in error, please notify the sender immediately by e-mail and delete the message and any file attachments from your computer. Thank you._
_______________________________________________ jose mailing list [email protected] https://www.ietf.org/mailman/listinfo/jose
