Markdown Version | Session Recording

Session Date/Time: 04 Nov 2024 13:00

jose

Summary

The JOSE working group meeting covered several key topics, including the status of the fully specified algorithms draft, JSON Web Proofs, deprecation of certain algorithms, post-quantum cryptographic algorithms for JOSE and COSE, and designated verifier signatures. A key point of discussion was the use of HPKE vs. dedicated KEM mechanisms for JOSE and COSE. Several individual submissions were also presented.

Key Discussion Points

• Fully Specified Algorithms Draft: All comments addressed, ready to go to the IESG. Final call for review.
• JSON Web Proofs (JWPs):
  • Significant updates, including seabor serialization.
  • Discussion on whether to keep JSON serialization; strong sentiment to remove it due to lack of use cases and potential confusion.
  • Considerations for optionally disclosing header parameters.
  • Opportunities for participation in seabor implementation and algorithm exploration.
  • Opportunity presented for a government-sponsored competition/interop event for verifiable credentials using zero knowledge proofs.
  • Alignment of tilde and period delimiters with SD-JWT was discussed.
• Deprecation of J.WE RSA1-5 and JWS "none" Algorithm:
  • Draft updated based on adoption call feedback; clarifies that algorithms are deprecated, not prohibited.
  • Discussion of defining "deprecated" in the IANA registry.
  • Proposal to update instructions for designated experts regarding security goals for new JWS algorithms.
• PQ CHEMs for Jose and Coze:
  • Discussion of HPKE vs. dedicated KEM mechanisms.
  • Concerns about duplicative work and proliferation of options.
  • HPKE advocated as a generic solution for hybrid encryption.
  • Diverging opinions on HPKE use case with several participants wanting a single, well-defined way to encrypt.
• Cozy HBKE:
  • Discussion regarding integration encryption (single recipient) and key encryption (multiple recipient) modes.
  • Recommendation to use the key encryption mode only, due to simplicity and reduced complexity.
  • Context information structure discussion and its purpose.
• ECDH MAC Based Signatures:
  • Presented for reputatable presentations/signatures that can be tracked to signor/signer.
  • Uses Diffie-Hellman key agreement, KDF and MAC algorithm.
• Post-Quantum Traditional Hybrid Composite Signatures:
  • Concerns raised about the complexity of deploying such algorithms and ensuring authentication properties.

Decisions and Action Items

• Fully Specified Algorithms Draft: Ship to IESG by the end of the week or early next week.
• JSON Web Proofs: Revisit the question of removing JSON serialization on the mailing list.
• PQ CHEMs for Jose and Coze: Authors to continue exploring a single KEM for JOSE and COSE, preferrably HPKE
• Cozy HBKE: Focus on key encryption mode (multiple recipient support).
• All Individual Submissions: Review and comment on the mailing list.
• Shepard Writeups: Solicit volunteers.

Next Steps

• Authors to update drafts based on meeting feedback.
• Further discussion and resolution of open issues on the mailing list.
• Working group to determine direction for individual submissions.