On 7/25/2011 1:16 PM, Leif Johansson wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 07/25/2011 06:59 PM, Paul C. Bryan wrote:
I now find myself hoping this is not the beginning someone making a case
for ASN.1 encoding in WOES.
For my edification, can someone comment on how CMS would likely be
referenced in WOES? Would it likely be a normative reference (i.e. key
transport/wrapping, as it is in xmlenc-core), or otherwise would it
probably be just informational?
We seem to be bike-shedding on the words "based on" in the charter.
Perhaps it helps if we say something to the effect that WOES draws
upon experience from CMS and XML-dsig/enc and leave it at that.
1. There is considerably more than a bikeshedding difference between
a) normative dependence on a protocol, where the new exercise is merely a
syntactic re-coding"
vs, for example
b) "take the ideas from the existing work and use them as a basis for
writing a new protocol."
2. There is a significant constituency in the current topic that are using
language that sounds very much like option a) above.
That is, I believe there is a meaningful split between an established security
community view for this topic, versus the views of the json-oriented folk.
What is perhaps missing is a clear and shared understanding of the exact uses
that are intended for the current work.
For example "must be able to encode it in a URL" is a rather meaningful and
substantial constraint.
d/
--
Dave Crocker
Brandenburg InternetWorking
bbiw.net
_______________________________________________
woes mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/woes
