FWIW as an implementer of the JOSE suite of algorithms and protocols I am *not* in favor of adding a binary serialization (CBOR) to JOSE, as it is completely antithetical to the rest of the specification and would force implementations to add a completely new and complex parsing and serialization subsystem that is fundamentally different from the rest of the protocol.
On Tue, 2025-11-04 at 17:06 -0800, [email protected] wrote: > Internet-Draft draft-ietf-jose-json-web-proof-12.txt is now available. It is a > work item of the Javascript Object Signing and Encryption (JOSE) WG of the > IETF. > > Title: JSON Web Proof > Authors: David Waite > Michael B. Jones > Jeremie Miller > Name: draft-ietf-jose-json-web-proof-12.txt > Pages: 33 > Dates: 2025-11-04 > > Abstract: > > The JOSE set of standards established JSON-based container formats > for Keys, Signatures, and Encryption. They also established IANA > registries to enable the algorithms and representations used for them > to be extended. Since those were created, newer cryptographic > algorithms that support selective disclosure and unlinkability have > matured and started seeing early market adoption. The COSE set of > standards likewise does this for CBOR-based containers, focusing on > the needs of environments which are better served using CBOR, such as > constrained devices and networks. > > This document defines a new container format similar in purpose and > design to JSON Web Signature (JWS) and COSE Signed Messages called a > _JSON Web Proof (JWP)_. Unlike JWS, which integrity-protects only a > single payload, JWP can integrity-protect multiple payloads in one > message. It also specifies a new presentation form that supports > selective disclosure of individual payloads, enables additional proof > computation, and adds a Presentation Header to prevent replay. > > The IETF datatracker status page for this Internet-Draft is: > https://datatracker.ietf.org/doc/draft-ietf-jose-json-web-proof/ > > There is also an HTML version available at: > https://www.ietf.org/archive/id/draft-ietf-jose-json-web-proof-12.html > > A diff from the previous version is available at: > https://author-tools.ietf.org/iddiff?url2=draft-ietf-jose-json-web-proof-12 > > Internet-Drafts are also available by rsync at: > rsync.ietf.org::internet-drafts > > > _______________________________________________ > jose mailing list -- [email protected] > To unsubscribe send an email to [email protected] -- Simo Sorce Distinguished Engineer RHEL Crypto Team Red Hat, Inc _______________________________________________ jose mailing list -- [email protected] To unsubscribe send an email to [email protected]
