Progress on Linked Data Signatures from IETF 98

Hi all,

I'm at IETF 98 this week along with some of the other participants in
this group. Some of the focus has been on searching for a clear path
forward for the Linked Data Signatures work that we're using for much of
the Verifiable Claims work.

We've had multiple meetings with people associated in the Security Area
as well as people involved in digital signatures and crypto at IETF.
We've met with the core editors of the JOSE stack (John Bradley - PING
Identity and Mike Jones - Microsoft) and COSE work (Jim Schaad - creator
of S/MIME and Matt Miller - Mozilla) and have found a way forward that
will accelerate our ability to standardize the signature portions of
this work.

We have not used the JOSE suite to date because of a number of
requirements around base64 encoding data, but there is an extension to
JOSE that would enable us to reuse a subset of the JWT by creating a
profile for JWT. John Bradley, Mike Jones, and I hammered out an
approach that we think might work that will give us all of the benefits
of the current Linked Signatures specification while re-using part of
the cryptography stack that already has buy-in from IETF. This is good
news as it will accelerate our ability to move some of the other
specifications related to this work along in parallel. This approach
accomplishes this because we won't be inventing anything new, but rather
reusing technologies that already exist at IETF.

I'll provide more details to the group after I'm done traveling (mid-April).

-- manu

Manu Sporny (skype: msporny, twitter: manusporny, G+: +Manu Sporny)
Founder/CEO - Digital Bazaar, Inc.
blog: Rebalancing How the Web is Built

Received on Tuesday, 28 March 2017 20:16:11 UTC