{"id":2503,"date":"2024-03-20T19:05:52","date_gmt":"2024-03-21T02:05:52","guid":{"rendered":"https:\/\/self-issued.info\/?p=2503"},"modified":"2024-03-20T19:05:52","modified_gmt":"2024-03-21T02:05:52","slug":"eight-specifications-published-in-preparation-for-ietf-119","status":"publish","type":"post","link":"https:\/\/self-issued.info\/?p=2503","title":{"rendered":"Eight Specifications Published in Preparation for IETF 119"},"content":{"rendered":"<p><span class=\"plain\"><img decoding=\"async\" align=\"right\" src=\"https:\/\/self-issued.info\/images\/ietf-logo.png\" alt=\"IETF logo\"><\/span>My co-authors and I published updated versions of eight specifications in preparation for <a href=\"https:\/\/www.ietf.org\/how\/meetings\/119\/\">IETF 119 in Brisbane<\/a>.  The specifications span three working groups:  <a href=\"https:\/\/datatracker.ietf.org\/wg\/jose\/about\/\">JOSE<\/a>, <a href=\"https:\/\/datatracker.ietf.org\/wg\/cose\/about\/\">COSE<\/a>, and <a href=\"https:\/\/datatracker.ietf.org\/wg\/oauth\/about\/\">OAuth<\/a>.  The updated specifications and outcomes when discussed at IETF 119 are as follows.<\/p>\n<p>1, 2, &amp; 3: <a href=\"https:\/\/www.ietf.org\/archive\/id\/draft-ietf-jose-json-web-proof-03.html\">JSON Web Proof<\/a>, <a href=\"https:\/\/www.ietf.org\/archive\/id\/draft-ietf-jose-json-proof-algorithms-03.html\">JSON Proof Algorithms<\/a>, and <a href=\"https:\/\/www.ietf.org\/archive\/id\/draft-ietf-jose-json-proof-token-03.html\">JSON Proof Token<\/a>.  Updates were:<\/p>\n<ul>\n<li>Normatively defined header parameters used<\/li>\n<li>Populated IANA Considerations sections<\/li>\n<li>Allowed proof representations to contain multiple base64url-encoded parts<\/li>\n<li>Specified representation of zero-length disclosed payloads<\/li>\n<li>Added Terminology sections<\/li>\n<li>Updated to use <a href=\"https:\/\/www.ietf.org\/archive\/id\/draft-irtf-cfrg-bbs-signatures-05.html\">draft-irtf-cfrg-bbs-signatures-05<\/a><\/li>\n<li>Updated to use <a href=\"https:\/\/www.ietf.org\/archive\/id\/draft-ietf-cose-bls-key-representations-04.html\">draft-ietf-cose-bls-key-representations-04<\/a><\/li>\n<li>More and better examples<\/li>\n<li>Improvements resulting from a full proofreading<\/li>\n<\/ul>\n<p>Continued reviews and feedback from implementations are requested.<\/p>\n<p>4: <a href=\"https:\/\/www.ietf.org\/archive\/id\/draft-ietf-jose-fully-specified-algorithms-02.html\">Fully-Specified Algorithms for JOSE and COSE<\/a>.  Updates were:<\/p>\n<ul>\n<li>Published initial working group document following adoption<\/li>\n<li>Added text on fully-specified computations using multiple algorithms<\/li>\n<li>Added text on KEMs and encapsulated keys<\/li>\n<li>Updated instructions to the designated experts<\/li>\n<\/ul>\n<p>It was agreed during the JOSE meeting to describe what fully-specified algorithms for ECDH would look like, for consideration by the working group.<\/p>\n<p>5: <a href=\"https:\/\/www.ietf.org\/archive\/id\/draft-ietf-oauth-resource-metadata-03.html\">OAuth 2.0 Protected Resource Metadata<\/a>.  Updates were:<\/p>\n<ul>\n<li>Switched from concatenating <code>.well-known<\/code> to the end of the resource identifier to inserting it between the host and path components of it<\/li>\n<li>Have <code>WWW-Authenticate<\/code> return <code>resource_metadata<\/code> URL rather than <code>resource<\/code> identifier<\/li>\n<\/ul>\n<p>It was decided to start working group last call during the OAuth meeting.<\/p>\n<p>6: <a href=\"https:\/\/www.ietf.org\/archive\/id\/draft-ietf-cose-typ-header-parameter-04.html\">COSE &#8220;typ&#8221; (type) Header Parameter<\/a>.  Updates were:<\/p>\n<ul>\n<li>Added language about media type parameters<\/li>\n<li>Addressed working group last call comments<\/li>\n<li>Changed requested assignment from 14 to 16 due to conflict with a new assignment<\/li>\n<li>Addressed GENART, OPSDIR, and SECDIR review comments<\/li>\n<\/ul>\n<p>This document is scheduled for the April 4, 2024 IESG telechat.<\/p>\n<p>7: <a href=\"https:\/\/www.ietf.org\/archive\/id\/draft-ietf-cose-bls-key-representations-05.html\">Barreto-Lynn-Scott Elliptic Curve Key Representations for JOSE and COSE<\/a>.  Updates were:<\/p>\n<ul>\n<li>Changed to use key type <code>EC<\/code> for JOSE and equivalent <code>EC2<\/code> for COSE for uncompressed key representations<\/li>\n<li>Changed identifier spellings from &#8220;Bls&#8221; to &#8220;BLS&#8221;, since these letters are people&#8217;s initials<\/li>\n<\/ul>\n<p>We received feedback to not add compressed key representations to the draft.<\/p>\n<p>8: <a href=\"https:\/\/www.ietf.org\/archive\/id\/draft-rha-jose-hpke-encrypt-06.html\">Use of Hybrid Public-Key Encryption (HPKE) with JavaScript Object Signing and Encryption (JOSE)<\/a>.  Updates were:<\/p>\n<ul>\n<li>Use existing <code>\"alg\": \"dir\"<\/code> value for HPKE Direct Encryption mode<\/li>\n<li>Aligned choices more closely with those of <a href=\"https:\/\/www.ietf.org\/archive\/id\/draft-ietf-cose-hpke-07.html\">Use of Hybrid Public-Key Encryption (HPKE) with CBOR Object Signing and Encryption (COSE)<\/a><\/li>\n<li>Defined both Integrated Encryption mode and Key Encryption mode<\/li>\n<li>Added IANA Considerations section<\/li>\n<li>Removed Post-Quantum Considerations<\/li>\n<\/ul>\n<p>It was decided to start a working group call for adoption during the JOSE meeting.<\/p>\n<p>Thanks to all who contributed to the progress made on these specifications, both before and during IETF 119!<\/p>\n","protected":false},"excerpt":{"rendered":"<p>My co-authors and I published updated versions of eight specifications in preparation for IETF 119 in Brisbane. The specifications span three working groups: JOSE, COSE, and OAuth. The updated specifications and outcomes when discussed at IETF 119 are as follows. 1, 2, &amp; 3: JSON Web Proof, JSON Proof Algorithms, and JSON Proof Token. Updates [&hellip;]<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[29,8,28,22,32,27,25],"tags":[],"class_list":["post-2503","post","type-post","status-publish","format-standard","hentry","category-cbor","category-claims","category-cryptography","category-events","category-ietf","category-json","category-specifications"],"_links":{"self":[{"href":"https:\/\/self-issued.info\/index.php?rest_route=\/wp\/v2\/posts\/2503","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/self-issued.info\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/self-issued.info\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/self-issued.info\/index.php?rest_route=\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/self-issued.info\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=2503"}],"version-history":[{"count":6,"href":"https:\/\/self-issued.info\/index.php?rest_route=\/wp\/v2\/posts\/2503\/revisions"}],"predecessor-version":[{"id":2509,"href":"https:\/\/self-issued.info\/index.php?rest_route=\/wp\/v2\/posts\/2503\/revisions\/2509"}],"wp:attachment":[{"href":"https:\/\/self-issued.info\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=2503"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/self-issued.info\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=2503"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/self-issued.info\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=2503"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}