Markdown Version | Session Recording
Session Date/Time: 17 Mar 2025 02:30
secdispatch
Summary
This secdispatch session covered three topics: Recommendations for key directories over HTTP, the organization trust relationship protocol, and LDAP additional syntaxes. The primary focus was on determining the appropriate working group or forum for further discussion and potential standardization of these proposals. Several options were discussed, including existing working groups, new focused working groups, AD-sponsored efforts, and external coordination with organizations like the W3C.
Key Discussion Points
- Key Directories over HTTP:
- The draft aims to provide recommendations for existing and future protocols on distributing keys over HTTP, covering aspects like HTTP caching, key rotation, and client discovery.
- Concerns were raised about whether existing practices, particularly with JWK sets, already address the problem adequately.
- There was discussion on the scope of the draft, differentiating between general recommendations and protocol-specific consistency/transparency mechanisms.
- Suggestions included dispatching to the JOSE working group or considering an IAB architectural document surveying existing patterns.
- Organization Trust Relationship Protocol (Trust.text):
- The proposal involves a simple text file (
trust.text) to signal the credibility of organizations through their online presence by declaring relationships with other entities. - Concerns were raised about the use of well-known URIs, potential duplication of work in the W3C's semantic web efforts (schema.org), the sprawling nature of the draft, and the lack of a clearly defined consumer and security model.
- Suggestions included liaising with the W3C and establishing a mailing list to gauge community interest.
- The proposal involves a simple text file (
- LDAP Additional Syntaxes:
- The proposal aims to add new syntaxes/data types to LDAP, addressing limitations in the original RFC 4517, to align with modern ASN.1 and other data typing systems.
- Concerns were raised about versioning of syntaxes. The AD's will discuss further among themselves to determine the best WG placement.
- Discussion will continue on the Art mailing list.
Decisions and Action Items
- Key Directories over HTTP: Discuss further on the SEC dispatch mailing list.
- Organization Trust Relationship Protocol (Trust.text): Discuss the potential creation of a new mailing list and overall direction of the work item on the ART mailing list.
- LDAP Additional Syntaxes: ADs in ART area will continue the discussion amongst themselves to determine whether this is a work item they are interested in taking on. Continued discussion can take place on the ART mailing list.
Next Steps
- Authors to follow up on the discussion lists and pursue further refinement of the proposals based on feedback.
- Area Directors (ADs) to coordinate and provide guidance on appropriate venues for further work.