Markdown Version | Session Recording
Session Date/Time: 24 Jul 2025 15:00
jose
Summary
The JOSE working group met to discuss several drafts, including updates to the Jason Web Proof (JWP) series, KEM algorithms, hybrid post-quantum cryptography for JOSE, designated verifier signatures, and HPKE integration with JOSE. The group discussed technical details, potential ambiguities, and implementation considerations. Several key decisions were deferred to the mailing list for further discussion.
Key Discussion Points
- JWP Updates: Discussions covered data integrity improvements, algorithm selection, claim cleanups, parameter unification, and explorations of BBS extensions and anonymous credentials.
- KEM Algorithms: The group debated whether to continue using OKP, switch to AKP, or define a new key type for KEM algorithms. Concerns were raised about potential ambiguities and usability of JWKs for different algorithms.
- Hybrid Post-Quantum Cryptography for JOSE: Updates on aligning with the HPKE draft and leveraging work in the HPEC working group were presented. The group discussed the feasibility of a working group adoption call.
- Designated Verifier Signatures: Two approaches for deriving a shared secret from a public key for HMAC signatures were discussed: specifying a new algorithm for each method or defining a new header parameter.
- HPKE Integration with JOSE: Extensive discussion on how best to integrate HPKE into the JWE framework. Concerns were raised about violating existing JWE architecture, signaling integrated encryption, and potential security vulnerabilities. A new JWE key management mode was proposed.
- Composite Signatures: An overview of the composite signature draft was provided.
Decisions and Action Items
- KEM Algorithms: The group will continue the discussion on OKP vs. AKP vs. a new key type on the mailing list to gather more opinions. (Action Item: Theru to post a mail to the mailing list)
- Designated Verifier Signatures: Further discussion on the mailing list is needed to determine the best approach for designated verifier signatures.
- HPKE Integration with JOSE:
- It was agreed that the Jose HPKE draft should include
updatesection in header to properly update RFC 7516 in the header. - The group will explore defining a new JWE key management mode (Direct Public Key Encryption). (Action Item: Mike and co-authors to work on a draft).
- Further discussion on the integrated encryption syntax (Ent vs. other options) will continue on the mailing list. (Action Item: Mike to take it to the list).
- It was agreed that the Jose HPKE draft should include
- Composite Signatures: An email will be sent to the mailing list to solicit reviews, followed by a potential call for adoption. (Action Item: Karen to send the call to mailing list).
Next Steps
- Follow-up discussions on the mailing list for KEM algorithms, designated verifier signatures, and HPKE integration with JOSE.
- Development of a draft with the proposed new JWE key management mode for HPKE.
- Review of the composite signatures document.