From nobody Sun Sep 2 12:35:29 2018 Return-Path: X-Original-To: dispatch@ietfa.amsl.com Delivered-To: dispatch@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 07A471294D7 for ; Sun, 2 Sep 2018 12:35:28 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2 X-Spam-Level: X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hbU8IPu1_aMb for ; Sun, 2 Sep 2018 12:35:25 -0700 (PDT) Received: from mail-wr1-x435.google.com (mail-wr1-x435.google.com [IPv6:2a00:1450:4864:20::435]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9524C1277CC for ; Sun, 2 Sep 2018 12:35:25 -0700 (PDT) Received: by mail-wr1-x435.google.com with SMTP id v90-v6so15767331wrc.0 for ; Sun, 02 Sep 2018 12:35:25 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=subject:from:to:cc:references:message-id:date:user-agent :mime-version:in-reply-to:content-language:content-transfer-encoding; bh=XNgGmzMev8PegEp3JWc7BGnpPZ9+BgBW1m+Hdld2jP4=; b=SRG1B/kVGd3QWGeqvhDdghIG5M1h10ruUSfu8wp7ObUUY57gM4k8pyEa44VlT7xbn4 FEzTRnA1Uzp9O7+Q9qbyFwHfDt15aCr8L/kd6zHE+c/S2Q8zHaq+CsEUCQXjddw9Y16D KOliQxqWXXWKCevHokWMOMnouTL24AjsRVCDnL3eLxUNp4QDb2oWmacKL1vgoXUMhX8l jcVaPTOr4vxh0IuqqkdIGSSoVPJm5qU9XqXPClwNhlY96cqrGGBj2CyqhsKl0v3sYYA2 cN2A7pcdVGcgEdU8qn4cHMCu0hKJstga2DGY51U30I3SJYfd4rD9rIbBJ2dw60Ky7Xro +qZA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:from:to:cc:references:message-id:date :user-agent:mime-version:in-reply-to:content-language :content-transfer-encoding; bh=XNgGmzMev8PegEp3JWc7BGnpPZ9+BgBW1m+Hdld2jP4=; b=jn93xTGD/8uaI2jjGK6VpIaD0u5fUmxRgvx+a3bTvXP9Vr7/T8XJ+CWr5lT5JQLGN2 ezM8t3rqYOI42GIv1uk5eHNBKMQINpqxw11VOBk2NaGZ6yzQOxVxvbkNcP3G3+XRTHzy dyBHtIS3FEmuUf0avuprMpRBZ0sUH5uYM3TPckjkfCpEz8Rahf3D0PiM9h7NUE1FOS4r Y2nFT4Dk7/M5qBBSKTARNXpPXu81Xz10jDTZw/zenVvCh5opMrdha/ap2nV/WADkutSt xioS9OWjsZG9q2pqXfqN5TjENyXA0L7Sac/qKbm/hbBxDBR1fiir2a0DjIcuFlgHf1fd KL/g== X-Gm-Message-State: APzg51D9hjMURF/I8YMijER0Jm6f2WArHUEfWEz0D0FZTkSIQZgZRwqj 6MUebvJFPEngKDE/LTj/bk0= X-Google-Smtp-Source: ANB0Vdar3k8praqXmkJzOjMkQ2P2HUBc+NRMpKVwnbYJ+9O7Vq9fQ48icU8vCl55t9Umgl+DSvok2Q== X-Received: by 2002:a5d:4a44:: with SMTP id v4-v6mr16902425wrs.278.1535916923959; Sun, 02 Sep 2018 12:35:23 -0700 (PDT) Received: from [192.168.1.79] (25.131.146.77.rev.sfr.net. [77.146.131.25]) by smtp.googlemail.com with ESMTPSA id z4-v6sm13125716wrt.89.2018.09.02.12.35.21 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Sun, 02 Sep 2018 12:35:22 -0700 (PDT) From: Anders Rundgren To: dispatch@ietf.org Cc: Eric Rescorla , Ben Campbell References: <4fea5830-dd5a-1709-f0d6-c8af28a78f94@gmail.com> Message-ID: <0dfb36e1-5c0f-cd3b-a867-989e8f6537ef@gmail.com> Date: Sun, 2 Sep 2018 21:35:19 +0200 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.9.1 MIME-Version: 1.0 In-Reply-To: <4fea5830-dd5a-1709-f0d6-c8af28a78f94@gmail.com> Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 8bit Archived-At: Subject: [dispatch] PING. Re: JSON Canonicalization Standard X-BeenThere: dispatch@ietf.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: DISPATCH Working Group Mail List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 02 Sep 2018 19:35:28 -0000 On 2018-08-11 07:47, Anders Rundgren wrote: > Hi Dispatchers, > > I'm currently trying to develop a JSON Canonicalization Standard as an individual effort: https://tools.ietf.org/html/draft-rundgren-json-canonicalization-scheme-01 > I have been asked by the individual submission editor to get feedback from the SEC and ART directors but they in turn have directed me to the DISPATCH forum, and here I am :-) > > There are efforts creating an alternative to JOSE JWS since there are JSON-based protocols not benefiting from being cast into a form converting signed JSON messages into something completely alien to their unsigned counterpart.  However, after a number of iterations and vendor feedback, I have come to the conclusion that the "Missing Link" is not necessary a new signature format but a way to canonicalize [*] JSON data. > > The scheme is currently implemented in Java, C#/.NET, Python3 and EcmaScript V6 (https://www.npmjs.com/package/canonicalize). > > Related: https://github.com/cyberphone/jws-jcs#combining-detached-jws-with-jcs-json-canonicalization-scheme > If you want to test the jws-jcs signature scheme, an on-line demo is currently available at: https://mobilepki.org/jws-jcs/home > > What do you think? > > Sincerely, > Anders Rundgren > > *] The goal is rather creating a "hashable" JSON representation but since the described scheme does not change data, these terms are effectively interchangeable. > From nobody Tue Sep 4 22:31:40 2018 Return-Path: X-Original-To: dispatch@ietfa.amsl.com Delivered-To: dispatch@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 18671130DF7 for ; Tue, 4 Sep 2018 22:31:39 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2 X-Spam-Level: X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MK7TZids1PSc for ; Tue, 4 Sep 2018 22:31:36 -0700 (PDT) Received: from mail-wm0-x22a.google.com (mail-wm0-x22a.google.com [IPv6:2a00:1450:400c:c09::22a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9A0AB1277D2 for ; Tue, 4 Sep 2018 22:31:36 -0700 (PDT) Received: by mail-wm0-x22a.google.com with SMTP id o18-v6so6343616wmc.0 for ; Tue, 04 Sep 2018 22:31:36 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:subject:to:cc:references:message-id:date:user-agent :mime-version:in-reply-to:content-language:content-transfer-encoding; bh=DuZ4uXvTxH8/KuHlA+ZKBXOCoZNkURrWfhAGMx4Uly8=; b=Z8KWEMy5ycCfEuzkFgBMh6KAV31nA5cKquxuqkEJ4s2eGDo+tvwQE8qoWY3pbeYZWC poY9YD8URFeObtpxDUoK+6wyoJ1MmcKhsrHcngwV0t16rrw3o0gNosEnN8RB6Y90DpDS Z1z3bLoaApf4RIIFGzxBzt+8Kur5fTm4hrOjRCDa+kgsipGjnaS2+l2FEChc8/9XkLQY 0/K21UMiZ4aG7a50rsB+QXFA7LpWRsyQz96XBJYPRXREAF+9hDju48RDGSDi45WJmGhd hRI6ubHASNGcmVBefpsJXEhMoQw7NWiuzwxGvBo0v0zDv51NvVu96QcKPE5VW+tlamOg SbdQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:subject:to:cc:references:message-id:date :user-agent:mime-version:in-reply-to:content-language :content-transfer-encoding; bh=DuZ4uXvTxH8/KuHlA+ZKBXOCoZNkURrWfhAGMx4Uly8=; b=k8ce3YwTyrjwgW4XekGAhS3enHOwxvjU6NVs6a9pV/vdxU4j/humQYewTtQdNlu9HK g3GIsVoeJEPg4skWZH5mrYCQu0nCoTkO87SsZ/yne4vwUsefNgnNwg4e59PKmnI9Duhb H4GcTRiqDuqtV4S959SVqrXk5M2eYPVNFRNPhAmcIBTYq6Sr9tuKE0nSBN3Sso9hftGV eXFy/DG69Xj3w63GJCf8GaZkGqax0NooA+DxH3vSYQX7qwgDKHfzot4MwZvKPJYEz66Z 9jeK94PRufDhz8MufNwefdNEHcJdVyWkGwmrZ8E7JcYw8gQ04XsE6JUWUTI2NSPOjHPA 6zkA== X-Gm-Message-State: APzg51BDikimbp/U8BEz05xuH2g3hXgEVrwPZsruAK/VXEE/IPSNVDLc winiBt559yXzMXX5QiHvl4w= X-Google-Smtp-Source: ANB0VdYSMae/VuMQZj5mTOCEGFpQbR1cJ3l5mbqffH2bDiH4GWihkHjPvlS8HIeVdcmWW2soT97bpA== X-Received: by 2002:a1c:a401:: with SMTP id n1-v6mr4727452wme.125.1536125495081; Tue, 04 Sep 2018 22:31:35 -0700 (PDT) Received: from [192.168.1.79] (25.131.146.77.rev.sfr.net. [77.146.131.25]) by smtp.googlemail.com with ESMTPSA id q3-v6sm1379611wma.45.2018.09.04.22.31.33 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 04 Sep 2018 22:31:34 -0700 (PDT) From: Anders Rundgren To: dispatch@ietf.org Cc: Eric Rescorla , Ben Campbell References: <4fea5830-dd5a-1709-f0d6-c8af28a78f94@gmail.com> Message-ID: Date: Wed, 5 Sep 2018 07:31:30 +0200 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.9.1 MIME-Version: 1.0 In-Reply-To: <4fea5830-dd5a-1709-f0d6-c8af28a78f94@gmail.com> Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit Archived-At: Subject: [dispatch] PING2. Re: JSON Canonicalization Standard X-BeenThere: dispatch@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DISPATCH Working Group Mail List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 05 Sep 2018 05:31:39 -0000 Apparently my message was too complex and required the reader to follow links so here is short version: Assume that you have a JSON object like: { "statement": "Hello signed world!", "otherProperties": [2e+3, true] } Signing using JOSE/JWS you would get: eyJhbGciOiJIUzI1NiIsImtpZCI6Im15a2V5In0.eyJvdGhlclByb3BlcnRpZXMiOlsyMDAwLHRydWVdLCJzdG F0ZW1lbnQiOiJIZWxsbyBzaWduZWQgd29ybGQhIn0.FcE8h0GXJaOZ4Th3fNDBgcBE5HfEplOnS8GGtoSLU1K That is, something entirely different. Using unmodified JOSE/JWS + JCS (the specification I'm talking about) you would rather get: { "statement": "Hello signed world!", "otherProperties": [2e+3, true], "signature": "eyJhbGciOiJIUzI1NiIsImtpZCI6Im15a2V5In0..5HfEplOnS8GGtoSLU1KFcE8h0GXJaOZ4Th3fNDBgcBE" } JCS is quite similar to its XML counterpart, albeit much simpler. Signed XML data never needed to be Base64 encoded. Anders I-D: https://tools.ietf.org/html/draft-rundgren-json-canonicalization-scheme-01 More on the JWS+JCS combo: https://github.com/cyberphone/jws-jcs#combining-detached-jws-with-jcs-json-canonicalization-scheme On-line testing: https://mobilepki.org/jws-jcs/home From nobody Wed Sep 5 16:07:24 2018 Return-Path: X-Original-To: dispatch@ietfa.amsl.com Delivered-To: dispatch@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 902C51294D7 for ; Wed, 5 Sep 2018 16:07:22 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.504 X-Spam-Level: X-Spam-Status: No, score=-1.504 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FREEMAIL_FORGED_FROMDOMAIN=0.146, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.25, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=no autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SQ23UEGbdc8U for ; Wed, 5 Sep 2018 16:07:21 -0700 (PDT) Received: from mail-pg1-x52a.google.com (mail-pg1-x52a.google.com [IPv6:2607:f8b0:4864:20::52a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 89B1D12426A for ; Wed, 5 Sep 2018 16:07:21 -0700 (PDT) Received: by mail-pg1-x52a.google.com with SMTP id x26-v6so4151153pge.12 for ; Wed, 05 Sep 2018 16:07:21 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=sender:from:to:references:in-reply-to:subject:date:message-id :mime-version:content-transfer-encoding:content-language :thread-index; bh=rAuHkbXjdPB1K32jHUgzCMdFk/gHltgp0QRlUWV+p8Q=; b=FB5bDJjmXOoKIkMm1WiOHNLcJvx4mbZMlqK9t/NuSYqLKprxX8LvdSmUVXp82VdPgK vQxphjokBj8OFs761FpJ70KAs8rgJ3vcms1j/A5KmMtpOTAsayLNXhbVb6VAtQa/39Ao 1yWWsDv3qgFQd/AcoaHdOQPBl80tH3B1+K0316lBfFR56We0x4kw77Bx6JpDypl8Wng/ dDxVMKoDkvH0PtGOKY9GyYv5MnU0OODHYN9xh++ANatwdqas5L9SJ7Pq2Oepv00jCd23 G9RAXe0ihvaunslwpAAXTV7uQyZRURJpleXimF6UnMradcWA/JnsmaKEhbY6EQ6P72ob FA8g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:from:to:references:in-reply-to:subject :date:message-id:mime-version:content-transfer-encoding :content-language:thread-index; bh=rAuHkbXjdPB1K32jHUgzCMdFk/gHltgp0QRlUWV+p8Q=; b=ZltGfegDcHeYm8LG95c1NhJQ9H7yFDcVYjNfVuzI4rpz6YoqIAA+HBuaEr/M4h1I8S V6pBVxCmHP6unO3QiyaTgRgUXl/UNtsbP83tm6TAIX/DC7+eL7gGy3X8lJKGwiO5lVkx UE0VNrbPfHyx5IVfwKDVQNMG1vPs3BJSy8XdQrXqi7Hu4P6RKtujKWyYI/maer0mJeLg YjwJtjK8qtjavffTO+3FRaQvTg8sGhIhkkZ7Sz/WfHX4qPHo9KK/jOUcgGEmBVG99Dlq HlVs1lETfd+Qk7WkAQVYs/VdRe52Ncwfx9bYdLlzzaUaDlSg5bPdoRHFjHWUTkD9Q32/ JleA== X-Gm-Message-State: APzg51A09BP8vSFI4qlwZbxM2LvlANrFsFyYPEYVtAju6Z8uehkdM0S/ LysADDJDvB3o7wVOVL0j+juul7rl X-Google-Smtp-Source: ANB0VdYJtkMA5g1eYwCjFw5Dy0+ArGdVnsvpHmixJBrPHmvVpfRBsqfTme6suvbCpGSNzVj4ZyZZFg== X-Received: by 2002:a63:6c05:: with SMTP id h5-v6mr38097718pgc.367.1536188840638; Wed, 05 Sep 2018 16:07:20 -0700 (PDT) Received: from TVPC (c-24-6-174-39.hsd1.ca.comcast.net. [24.6.174.39]) by smtp.gmail.com with ESMTPSA id s9-v6sm4754778pgc.16.2018.09.05.16.07.19 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 05 Sep 2018 16:07:19 -0700 (PDT) Sender: Larry Masinter From: Larry Masinter X-Google-Original-From: "Larry Masinter" To: References: <4fea5830-dd5a-1709-f0d6-c8af28a78f94@gmail.com> In-Reply-To: Date: Wed, 5 Sep 2018 16:07:18 -0700 Message-ID: <00d601d4456d$32356960$96a03c20$@acm.org> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Mailer: Microsoft Outlook 16.0 Content-Language: en-us thread-index: AQGbpC32bfF4qmMvSIxVPF2RyBXJUwFTulH0pUjuyNA= Archived-At: Subject: Re: [dispatch] PING2. Re: JSON Canonicalization Standard X-BeenThere: dispatch@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DISPATCH Working Group Mail List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 05 Sep 2018 23:07:23 -0000 A canonicalization of a space should apply to all valid values, and shouldn't map two semantically different values to the same canonical form. JSON intentionally allows large integers and floating point numbers outside of IEEE range of capabilities (1e400, 99999999999999999999). While some implementations will coerce values and round off, I think a good canonicalization should leave these values intact, if you're want a JSON canonicalization rather than an "ES6 value serialization" canonicalization (a strict subset). From nobody Wed Sep 5 22:57:10 2018 Return-Path: X-Original-To: dispatch@ietfa.amsl.com Delivered-To: dispatch@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A6968130E82 for ; Wed, 5 Sep 2018 22:56:57 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.999 X-Spam-Level: X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XndpYb0H2zEa for ; Wed, 5 Sep 2018 22:56:52 -0700 (PDT) Received: from mail-wr1-x433.google.com (mail-wr1-x433.google.com [IPv6:2a00:1450:4864:20::433]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 20AEA130E9A for ; Wed, 5 Sep 2018 22:56:52 -0700 (PDT) Received: by mail-wr1-x433.google.com with SMTP id e1-v6so886838wrt.3 for ; Wed, 05 Sep 2018 22:56:52 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=subject:to:references:from:message-id:date:user-agent:mime-version :in-reply-to:content-language:content-transfer-encoding; bh=k67BW4HtoUp0EjECgqMuhualdzdL2K8myi4FQ1BBx4E=; b=OeaAGUHgQjpc1Ug1rpSWSPWhfvFn4Nb8BWcyKcUig8awoB6VlqJsjYCPnr1Zg8M/2V e1Ek+zC+BD/ientZF/L1zFrufQU9gYTeLBkM3gifSny66oxcVWyfQU00zFKfQ3w7FeCG mrnPLWoXS1xzC3FR8mXWHf5ZsVBAlifbRbncSOQfFQc1STEX5EgHCMpA2NrLnZ/uX3VW 7lI9TJ7chAKV5fNrH+xhK8Zf9Ys9ha9x70zVTiRh0uUNEV3CMQLjRZOMGuJUAmdZEmGU 0aSFwP878tzihVg4t2jArurqmroUJCzSgJjo+ACc08M0VpJgDFmyODyAjf0XnHG3uTD6 7tQw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-language :content-transfer-encoding; bh=k67BW4HtoUp0EjECgqMuhualdzdL2K8myi4FQ1BBx4E=; b=S0WcPwRcnsjBrLSQHWtU00leux6cvP5ozezBNRCNmGgh/0H4ZV7fDNgCIHpkOjyHf6 Ziwo5Sx0Vxbnp2VH8H65y8wfAEzgIV8HBbxwF+Tq/Y8eXYRBgPLf++lzGlxM00N0srQA JBJCEcT8c5lr/P/dhkfvj9QYBFEwfmNEXni4WthPUwFAp84q33Dfcw9tlR4ivkegy3Cy e76EgUN5QQODBoNbIxs8BxfK/xOLS46hxW/pjuM544n5/Tvz8eiHYP97mSmOJQugkowQ jG2VUaUDjzothZNheYRu1T5Ahs8bwcm3gldk8ewZ6n2mici3+1FqGx3srWxI18yOzbrG RCjw== X-Gm-Message-State: APzg51A9HZbVgdrvl+Bff0PB6n3ADxrrAJESye66xh9JkH2F9sDAx5FB cKX9axtmaWoMYK+dlPKSMHd1XyHi X-Google-Smtp-Source: ANB0VdZji60SOQvHhOsMV8mksPfuVPsOTHpDs7e2j15LN+FcS5lqnPrCLHnGsamzO6DI3xXYLx44WQ== X-Received: by 2002:adf:f8ca:: with SMTP id f10-v6mr915356wrq.237.1536213409739; Wed, 05 Sep 2018 22:56:49 -0700 (PDT) Received: from [192.168.1.79] (25.131.146.77.rev.sfr.net. [77.146.131.25]) by smtp.googlemail.com with ESMTPSA id b10-v6sm5008162wmc.28.2018.09.05.22.56.46 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 05 Sep 2018 22:56:48 -0700 (PDT) To: Larry Masinter , dispatch@ietf.org References: <4fea5830-dd5a-1709-f0d6-c8af28a78f94@gmail.com> <00d601d4456d$32356960$96a03c20$@acm.org> From: Anders Rundgren Message-ID: Date: Thu, 6 Sep 2018 07:56:43 +0200 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.9.1 MIME-Version: 1.0 In-Reply-To: <00d601d4456d$32356960$96a03c20$@acm.org> Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit Archived-At: Subject: Re: [dispatch] PING2. Re: JSON Canonicalization Standard X-BeenThere: dispatch@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DISPATCH Working Group Mail List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 06 Sep 2018 05:57:05 -0000 On 2018-09-06 01:07, Larry Masinter wrote: > A canonicalization of a space should apply to all valid values, and > shouldn't map two semantically different values to the same canonical form. I don't understand what you are referring to here since white space is insignificant in JSON. > JSON intentionally allows large integers and floating point numbers outside > of IEEE range of capabilities (1e400, 99999999999999999999). > > While some implementations will coerce values and round off, I think a good > canonicalization should leave these values intact, if you're want a JSON > canonicalization rather than an "ES6 value serialization" canonicalization > (a strict subset). The rationale for the IEEE-754 double precision/ES6 restriction used in the I-D is that this is (AFAIK) the de-facto scheme for current IETF standards defining JSON objects including such that use big numbers like RSA parameters. Another reason for taking this route is that using the full JSON Number notation would require the canonicalizer to work on the text level only since it is incompatible with most current JSON Parsers (all that do not use an unlimited BigNumber as underlying JSON Number type). The JCS scheme is designed to ultimately be integrated in JSON serializers (only) as an output option. Although it is considerably easier defining a free-standing canonicalizer scheme like https://gibson042.github.io/canonicaljson-spec/ it might end-up getting limited industry support. The JOSE folks slashed an earlier effort of mine requiring requiring JSON text preservation. In particular, dealing with active intermediaries was considered a showstopper. Anders I-D: https://tools.ietf.org/html/draft-rundgren-json-canonicalization-scheme-01 JWS+JCS combo: https://github.com/cyberphone/jws-jcs#combining-detached-jws-with-jcs-json-canonicalization-scheme On-line testing: https://mobilepki.org/jws-jcs/home > > _______________________________________________ > dispatch mailing list > dispatch@ietf.org > https://www.ietf.org/mailman/listinfo/dispatch > From nobody Fri Sep 7 13:40:45 2018 Return-Path: X-Original-To: dispatch@ietfa.amsl.com Delivered-To: dispatch@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8768B12F18C for ; Fri, 7 Sep 2018 13:40:44 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2 X-Spam-Level: X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=pingidentity.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xHwrPmOe1bZm for ; Fri, 7 Sep 2018 13:40:42 -0700 (PDT) Received: from mail-io1-xd30.google.com (mail-io1-xd30.google.com [IPv6:2607:f8b0:4864:20::d30]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CCF09128C65 for ; Fri, 7 Sep 2018 13:40:42 -0700 (PDT) Received: by mail-io1-xd30.google.com with SMTP id e12-v6so2540718iok.12 for ; Fri, 07 Sep 2018 13:40:42 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=pingidentity.com; s=gmail; h=mime-version:from:date:message-id:subject:to:cc; bh=EZeFxRnzJMeKASPhXX6YgHwqDprqx0iVVXZe8umjavU=; b=LfMERwFTmZWoeOGoyM3VYKImliVqQazWGBe/aJrecR/+Z1wl0ovCJAzldOjLg/owl6 7cLNiLeZthroaGMRY8Zhay3qADoQbUzPZp3XUESuzWvZEvDefgu7dxloD4/8/F3/I5PK a42EW3N7Q1BZxhfg2aCvVT4fAR5PcOEpIgj+k= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to:cc; bh=EZeFxRnzJMeKASPhXX6YgHwqDprqx0iVVXZe8umjavU=; b=CnMm7sX47jTlfInRhaxc0f28+635MhjmcYR7HQufQNskdXHmPVy3PvMfym7yytFCwV 9Zr1FNQZNtAm2vqhPrM44D26Dnah4eMTtfSPOjEnRDXtTbOz3fWrsnUjxjX5JmKQCr2i CRSiIfdLzf3XlQDF/lhc330+8tFCdhfdt+lmSquWm84JDxa/gMwLdaWkkwiwxu7p5Tpb GEMF/awbr4CPOOIwcal3qj5jIJAS2amAQllKZlNnpC8XgDqNq2+Jxo7WQCIDQZCr04D2 jeMGPq5D9/kBZ8Pz4Ex/8rf45oo0HVcIfFHObOju9s0p/XE4JTn4ADstXk4jUprXCSd3 LvOA== X-Gm-Message-State: APzg51DJIK5aT+6RApwAwQ4HdhUxFICcoFigg4nWz/A0rfPhQxWNgvdX 5UzT4NY5cVrfeUVopN7JEa0LoPD8znvGlksm53kH0/oicC2fBhuEZP7CSPDh/2IxWksExTNz4WX jt0CgQA7dvRY4cMwPtw== X-Google-Smtp-Source: ANB0Vda7fPUqCo+/uwKXYYLXHYLsJ5Bz/qr0ifebbP7uWXvaDOFTvj+TqTGs6jhb3TU12EpcFE0C4U0rGcoL6kBR5m8= X-Received: by 2002:a6b:294b:: with SMTP id p72-v6mr7379486iop.17.1536352842002; Fri, 07 Sep 2018 13:40:42 -0700 (PDT) MIME-Version: 1.0 From: Brian Campbell Date: Fri, 7 Sep 2018 14:40:16 -0600 Message-ID: To: Anders Rundgren , dispatch@ietf.org Cc: Eric Rescorla , Ben Campbell Content-Type: multipart/alternative; boundary="00000000000065ced905754e051e" Archived-At: Subject: Re: [dispatch] PING2. Re: JSON Canonicalization Standard X-BeenThere: dispatch@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DISPATCH Working Group Mail List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 07 Sep 2018 20:40:45 -0000 --00000000000065ced905754e051e Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable XML Canonicalization and Signatures are notoriously brittle and difficult to get right while also being the source of numerous serious security vulnerabilities. The JSON case is maybe simpler and thus somewhat less prone to the same issues but, if history is any guide, it's really hard to get right and is fertile ground for all kinds of attacks. > JCS is quite similar to its XML counterpart, albeit much simpler. Signed > XML data never needed to be Base64 encoded. --=20 _CONFIDENTIALITY NOTICE: This email may contain confidential and privileged= =20 material for the sole use of the intended recipient(s). Any review, use,=20 distribution or disclosure by others is strictly prohibited.=C2=A0 If you h= ave=20 received this communication in error, please notify the sender immediately= =20 by e-mail and delete the message and any file attachments from your=20 computer. Thank you._ --00000000000065ced905754e051e Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
XML Canonicalization and Signatures are not= oriously brittle and difficult to get right while also being the source of = numerous serious security vulnerabilities.=C2=A0 The JSON case is maybe sim= pler and thus somewhat less prone to the same issues but, if history is any= guide, it's really hard to get right and is fertile ground for all kin= ds of attacks.=C2=A0

=C2=A0
JCS is quite similar to its XML count= erpart, albeit much simpler. Signed XML data never needed to be Base64 enco= ded.

<= span style=3D"margin:0px;padding:0px;border:0px;outline:0px;vertical-align:= baseline;background:transparent;font-family:proxima-nova-zendesk,system-ui,= -apple-system,BlinkMacSystemFont,"Segoe UI",Roboto,Oxygen-Sans,Ub= untu,Cantarell,"Helvetica Neue",Arial,sans-serif;font-weight:600"= >CONFIDENTIALITY NOTICE: This email may contain confidenti= al and privileged material for the sole use of the intended recipient(s). A= ny review, use, distribution or disclosure by others is strictly prohibited= .=C2=A0 If you have received this communication in error, please notify the= sender immediately by e-mail and delete the message and any file attachmen= ts from your computer. Thank you. --00000000000065ced905754e051e-- From nobody Sat Sep 8 01:13:33 2018 Return-Path: X-Original-To: dispatch@ietfa.amsl.com Delivered-To: dispatch@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3412C129C6A for ; Sat, 8 Sep 2018 01:13:32 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.999 X-Spam-Level: X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qYaYNGcQEG7e for ; Sat, 8 Sep 2018 01:13:30 -0700 (PDT) Received: from mail-wm0-x233.google.com (mail-wm0-x233.google.com [IPv6:2a00:1450:400c:c09::233]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2961C126BED for ; Sat, 8 Sep 2018 01:13:30 -0700 (PDT) Received: by mail-wm0-x233.google.com with SMTP id s12-v6so16745717wmc.0 for ; Sat, 08 Sep 2018 01:13:30 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=subject:to:cc:references:from:message-id:date:user-agent :mime-version:in-reply-to:content-language:content-transfer-encoding; bh=F97il8h9OFUFYkyTOfRgW3Qbb803LenRM34DkuwiuCg=; b=KJpwfdHtN7hmQg4ZBDKCywv5gDHUg8uAXTi0Gvns9wzd4y4O004dhbNyUXcyfpbSOm TxzzzerAqqqCX2WCTaQzcV5PlHHOry+OR6O8e1NzGU9LqQurmCxKW7OLOOahj8hp0av/ DFBG8uDEYSrQfKTe+UEcF7Huzm22iFwehehHe2/Chg0Hume9Vwlkb2uIxMCSHT7qSnDc 2Sw0QE6+aeEv8w5VJ5BnFLIMOP1DCM+2eTBmy+vmbhefn2ydIJP8zli/Ggs0y40FC5ur TdK/0OLLVPkfZTMQADV+s+wlwmdKtoC5rimfp/t+0zdRgkiJTUK/s+LnP4Ad4Co8F8Kk uQFA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:cc:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-language :content-transfer-encoding; bh=F97il8h9OFUFYkyTOfRgW3Qbb803LenRM34DkuwiuCg=; b=WGfHGngqNNfGlueDsdsdJqrxJrVKwcUGzpVulhSquoiptyWJpX6NhIKdYm1IG7qXtA WkJTLZDgVAoBQ9tKQGRZYL4wGuY4w1t22QWSat6Vp+NYReTIWNWbxs/01vorKVgQqGcI Jdx+5r1v6pY40XhklWbe1UpO/wrvBD7HUIUyCGuFtGaj/x/ERC5FpyKKLXuPS+cVZp1F YgH48cCezOSKn8MzTmzla2zoF7Li7co8Ch8NWdUjLlqzh9/h9NtoyAX0LfBedNelLmr7 +o48oS4N12CbxNPtwCiolgydzqD1G9MuBqeKrYUjojaZ70s27U6IsF2ePJ/dN0wSxcGw bHfA== X-Gm-Message-State: APzg51BxyHTjhrxyby73CxS7Pvelp0x2BWvjARExqk784NvFE2+uAB09 klCOyIB04sfO/WktrkLrqt4= X-Google-Smtp-Source: ANB0VdZ7DaA5tc/7lJbpjJnuavSDN8p4AUYr4COZAWaDelSLNHyN/2jkw7rRczOqdjT8JUC1+3o87w== X-Received: by 2002:a1c:be14:: with SMTP id o20-v6mr7554073wmf.73.1536394408616; Sat, 08 Sep 2018 01:13:28 -0700 (PDT) Received: from [192.168.1.79] (25.131.146.77.rev.sfr.net. [77.146.131.25]) by smtp.googlemail.com with ESMTPSA id l10-v6sm8151371wre.0.2018.09.08.01.13.27 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Sat, 08 Sep 2018 01:13:27 -0700 (PDT) To: Brian Campbell , dispatch@ietf.org Cc: Eric Rescorla , Ben Campbell References: From: Anders Rundgren Message-ID: <08f97b7e-12d1-cd18-64e6-3b02a733bce0@gmail.com> Date: Sat, 8 Sep 2018 10:13:24 +0200 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.9.1 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit Archived-At: Subject: Re: [dispatch] PING2. Re: JSON Canonicalization Standard X-BeenThere: dispatch@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DISPATCH Working Group Mail List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 08 Sep 2018 08:13:32 -0000 On 2018-09-07 22:40, Brian Campbell wrote: > XML Canonicalization and Signatures are notoriously brittle and difficult to > get right while also being the source of numerous serious security vulnerabilities. > The JSON case is maybe simpler and thus somewhat less prone to the same issues but, > if history is any guide, it's really hard to get right and is fertile ground for all kinds of attacks. This I've been told numerous of times. I'm still waiting for a concrete example [*] of what could possibly be a problem. Having worked pretty extensively with both variants I can attest that there is at least a factor 10 difference in code size due to the absence of schema, name-spaces and defaults. I believe the quite complex WS security frameworks also were a source of interoperability issues with XML. The only thing that (undeniable) is non-trivial is serialization of the JSON Number type. Fortunately, the scheme defined by EMCAScript and supported by several open source implementations made even this part simple. I performed a fully verified port to C# in just a couple of days. FWIW, a "companion I-D" was recently published: https://tools.ietf.org/html/draft-erdtman-jose-cleartext-jws-01 Anders *] https://cyberphone.github.io/doc/security/jwsvariants.pdf From nobody Mon Sep 10 10:32:38 2018 Return-Path: X-Original-To: dispatch@ietfa.amsl.com Delivered-To: dispatch@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 55669130EEC; Mon, 10 Sep 2018 10:32:36 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.999 X-Spam-Level: X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SVt89q9IJlmq; Mon, 10 Sep 2018 10:32:34 -0700 (PDT) Received: from mail-lf1-x12e.google.com (mail-lf1-x12e.google.com [IPv6:2a00:1450:4864:20::12e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4FA91130F08; Mon, 10 Sep 2018 10:32:34 -0700 (PDT) Received: by mail-lf1-x12e.google.com with SMTP id v77-v6so18114026lfa.6; Mon, 10 Sep 2018 10:32:34 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to:cc; bh=m+WrtnDgqxoNEm7Rf8H1Oq5dqxgQySpBm0aqSVW/iI8=; b=n6aNhd9IQmvxZ4QST1fpC88FuL39hnaKjTAcxuoMkqE7Odbqzoc2AXuh9oJ4Lcg5jA ZvlqsuzaagXPY257uvMVmppPCMddEi0AK/49xvv1vxrv1aLbMHa4C4pIs4FfdUKtpc9I Hl4dzHqkp/RdldVQIr4fgF/A0OzaqlbF9BY0uJlsySjSluRvERiVm5hzaU2qfFoFq6+r cTSDUfF16A/Y6A6e7EYv0UoGOtKwFiOtrGWJfdbf1VGhuwhzsVKJ8jK0oeAQv1j8/EZ6 2sq56Up4FCEttJzJJMug77sZ8DQDSgMF08Z3rf+kRV5kkmwG1rLaFK781BdiEfdZVSdq JS9w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to:cc; bh=m+WrtnDgqxoNEm7Rf8H1Oq5dqxgQySpBm0aqSVW/iI8=; b=YkOpQvuyeISxBuNHafWwr/K4wb+XqxzUvSIhFiVIngC1cIUUaCeHvYu8UEtz7pQyBn uQxLVG1rs4jb+ZVOmyN8VDxyEyTFb8E9bCDvuqYMsYI85qIdJmObfNviveI05viuBcx9 T+GPqGeP1McFUP2QatE2Ei1ivopO5MqabWWdM6DQUMASx8uCdYRmTYmUiwdGBev6Sh0l XlrhM33Ve310UP+yCxYoGaJxP67+sxNk/CpUY2505b+ZiE0pe/pKx+ZSVWxLMajLanB3 JfVnG9DEtuKB5YpIrrhx4d9g8czuKjVbL9yLWH7Rk+YsROLuAn3sjmeOaD7k/OHffrdQ mSCA== X-Gm-Message-State: APzg51AWMfVfJWsaHev8WC7mg9XNJZZ+ssrDglMRJsTOqKbneXzD50nb Zap5OKKSkmuNwe6N39HBeLJ+k2mGm/SCNO/Sq/khWD0E X-Google-Smtp-Source: ANB0Vdb0RAxlNwM6qWGg+lDVvYXcadERI6XRqOlB4J6Ya8gSUqsYHS0xxwMSVWqSqNiW2r534Z94UfUW4RvcbypFV3c= X-Received: by 2002:a19:5517:: with SMTP id n23-v6mr13718315lfe.101.1536600751728; Mon, 10 Sep 2018 10:32:31 -0700 (PDT) MIME-Version: 1.0 Received: by 2002:a2e:884f:0:0:0:0:0 with HTTP; Mon, 10 Sep 2018 10:32:31 -0700 (PDT) From: Mary Barnes Date: Mon, 10 Sep 2018 12:32:31 -0500 Message-ID: To: DISPATCH Cc: ART ADs , dispatch chairs Content-Type: multipart/alternative; boundary="000000000000f7ed39057587bda3" Archived-At: Subject: [dispatch] Reminder: DISPATCH WG deadlines for IETF-103 X-BeenThere: dispatch@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DISPATCH Working Group Mail List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 10 Sep 2018 17:32:36 -0000 --000000000000f7ed39057587bda3 Content-Type: text/plain; charset="UTF-8" As a reminder the deadlines for the DISPATCH WG for IETF-103 are as follows: - September 21, 2018. Cutoff date for IETF BoF submissions. - September 28, 2018. Cutoff date to notify the chairs/DISPATCH WG of plans to submit a proposal. - October 5, 2018. Cutoff for charter proposals (i.e., problem statement and proposed deliverables) for topics posted to the DISPATCH WG mailing list. - October 12, 2018. Announcement of topics that have been dispatched for IETF-103 - October 22, 2018. Draft submission deadline. If you have a topic that you think might require an official BoF, please contact the ADs ASAP. Additional information on the DISPATCH WG process can be found here (along with the deadlines): https://trac.ietf.org/trac/dispatch/wiki/WikiStart Regards, Mary Barnes DISPATCH WG tri-chair --000000000000f7ed39057587bda3 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
As a reminder the deadlines for the DISPATCH WG for IETF-1= 03 are as follows:
  • September 21, 2018. Cutoff date f= or IETF BoF submissions.
  • September 28, 201= 8. Cutoff date to notify the chairs/DISPATCH WG of plans to submit a propos= al.
  • October 5, 2018. Cutoff for charter pr= oposals (i.e., problem statement and proposed deliverables) for topics post= ed to the DISPATCH WG mailing list.
  • Octobe= r 12, 2018. Announcement of topics that have been dispatched for IETF-103= =C2=A0
  • October 22, 2018. Draft submission = deadline.

If you have a topic that you think m= ight require an official BoF, please contact the ADs ASAP.

Additional information on the DISPATCH WG process can be found her= e (along with the deadlines):=C2=A0

Regards,
Mary Barnes
DISPATCH WG tri-chair

--000000000000f7ed39057587bda3-- From nobody Tue Sep 11 13:35:49 2018 Return-Path: X-Original-To: dispatch@ietf.org Delivered-To: dispatch@ietfa.amsl.com Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id E061E130EC5; Tue, 11 Sep 2018 13:35:46 -0700 (PDT) MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit From: IETF Meeting Session Request Tool To: Cc: ben@nostrum.com, dispatch@ietf.org, mary.ietf.barnes@gmail.com, dispatch-chairs@ietf.org X-Test-IDTracker: no X-IETF-IDTracker: 6.83.1 Auto-Submitted: auto-generated Precedence: bulk Message-ID: <153669814684.16757.13824637579760837377.idtracker@ietfa.amsl.com> Date: Tue, 11 Sep 2018 13:35:46 -0700 Archived-At: Subject: [dispatch] dispatch - New Meeting Session Request for IETF 103 X-BeenThere: dispatch@ietf.org X-Mailman-Version: 2.1.29 List-Id: DISPATCH Working Group Mail List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 11 Sep 2018 20:35:47 -0000 A new meeting session request has just been submitted by Mary Barnes, a Chair of the dispatch working group. --------------------------------------------------------- Working Group Name: Dispatch Area Name: Applications and Real-Time Area Session Requester: Mary Barnes Number of Sessions: 1 Length of Session(s): 2 Hours Number of Attendees: 80 Conflicts to Avoid: First Priority: jmap uta dmarc xrblock stir sipcore rtcweb rmcat payload netvc mmusic insipid ecrit avtcore bfcpbis clue core dcrup doh extra cfrg Second Priority: tram tsvwg tsvarea opsarea People who must be present: Alexey Melnikov Mary Barnes Adam Roach Ben Campbell Cullen Jennings Murray Kucherawy Resources Requested: Special Requests: Please schedule in the 1st slot on Monday morning, list the meeting as coupled with ARTAREA, and avoid the same kind of conflicts with other area meetings and any Bofs and potential new ART WGs. ---------------------------------------------------------