**Session Date/Time:** 04 Nov 2024 13:00

# jose

## Summary
The JOSE working group meeting covered several key topics, including the status of the fully specified algorithms draft, JSON Web Proofs, deprecation of certain algorithms, post-quantum cryptographic algorithms for JOSE and COSE, and designated verifier signatures. A key point of discussion was the use of HPKE vs. dedicated KEM mechanisms for JOSE and COSE. Several individual submissions were also presented.

## Key Discussion Points
*   **Fully Specified Algorithms Draft:** All comments addressed, ready to go to the IESG. Final call for review.
*   **JSON Web Proofs (JWPs):**
    *   Significant updates, including seabor serialization.
    *   Discussion on whether to keep JSON serialization; strong sentiment to remove it due to lack of use cases and potential confusion.
    *   Considerations for optionally disclosing header parameters.
    *   Opportunities for participation in seabor implementation and algorithm exploration.
    *   Opportunity presented for a government-sponsored competition/interop event for verifiable credentials using zero knowledge proofs.
    *   Alignment of tilde and period delimiters with SD-JWT was discussed.
*   **Deprecation of J.WE RSA1-5 and JWS "none" Algorithm:**
    *   Draft updated based on adoption call feedback; clarifies that algorithms are deprecated, not prohibited.
    *   Discussion of defining "deprecated" in the IANA registry.
    *   Proposal to update instructions for designated experts regarding security goals for new JWS algorithms.
*   **PQ CHEMs for Jose and Coze:**
    *   Discussion of HPKE vs. dedicated KEM mechanisms.
    *   Concerns about duplicative work and proliferation of options.
    *   HPKE advocated as a generic solution for hybrid encryption.
    *   Diverging opinions on HPKE use case with several participants wanting a single, well-defined way to encrypt.
*   **Cozy HBKE:**
    *   Discussion regarding integration encryption (single recipient) and key encryption (multiple recipient) modes.
    *   Recommendation to use the key encryption mode only, due to simplicity and reduced complexity.
    *   Context information structure discussion and its purpose.
*   **ECDH MAC Based Signatures:**
    *   Presented for reputatable presentations/signatures that can be tracked to signor/signer.
    *   Uses Diffie-Hellman key agreement, KDF and MAC algorithm.
*   **Post-Quantum Traditional Hybrid Composite Signatures:**
    *   Concerns raised about the complexity of deploying such algorithms and ensuring authentication properties.

## Decisions and Action Items
*   **Fully Specified Algorithms Draft:** Ship to IESG by the end of the week or early next week.
*   **JSON Web Proofs:** Revisit the question of removing JSON serialization on the mailing list.
*   **PQ CHEMs for Jose and Coze:** Authors to continue exploring a single KEM for JOSE and COSE, preferrably HPKE
*   **Cozy HBKE:** Focus on key encryption mode (multiple recipient support).
*   **All Individual Submissions:** Review and comment on the mailing list.
*   **Shepard Writeups:** Solicit volunteers.

## Next Steps
*   Authors to update drafts based on meeting feedback.
*   Further discussion and resolution of open issues on the mailing list.
*   Working group to determine direction for individual submissions.