Jinna Han was a beautiful skater. I wish she had the chance to grow up and become US champion. She worked so hard. So sad.

https://www.thedailybeast.com/spencer-lane-and-jinna-han-teen-skaters-dubbed-as-future-of-the-sport-killed-in-dc-plane-crash/

Excited to share a new IETF internet draft that @bifurcation and I just submitted to the OAuth working group.

We introduce PIKA: Proof of Issue Key Authority, to solve a problem relevant to #openpubkey, #oidc and JWTs in general.

What's a PIKA and why do I care?

OpenPubkey uses PK Tokens to allow an OpenID Provider (OP) to bind user identities to user-held public keys. This essentially allows the OP to act like a certificate authority, without any changes to today's OIDC.

PK Tokens are signed by the OP's signing keys. But, OP's rotate their signing keys over time. What happens if we need to use a PK Token *after* the OP rotates signing key?

This is where the PIKA comes in.

In this draft, we introduce the PIKA and show how it can be combined with a timestamping authority to allow PK Tokens to be used even after the OP rotates it signing key. The PIKA is a secure object that allows you to cache the OP's key, and verify using the OP's key even if the OP is offline.

And that's why I got interested in this work.

But our solution is much more generic and widely applicable than to just OpenPubkey. PIKAs allow the verification of JWTs, ID Tokens and other OIDC Tokens without querying the OP directly. You can use them to reduce the load on a OP, or to build applications that require caching or historical information about OP keys. Historical information about signing key is a particularly important in #softwaresupplychain usecases.

We're still digesting all the different ways that PIKAs can be used. Feel free to get in touch if you have any feedback!

https://www.ietf.org/archive/id/draft-barnes-oauth-pika-00.html

On International Holocaust Remembrance day, I'll share my grandmother's story of bravery and survival where she fled from Poland to Siberia to Uzbekistan to Iran to Pakistan to Egypt to Israel.

After the Nazis invaded her town of Kielce in 1939 when she was ~16 years old, she lived at home and did dangerous work in a Nazi munitions factory. One day in 1941, she was coming home from work and she saw some non-Jewish boy (that I suspect she was dating) who told her, "Don't go home". He "pushed her" onto a train to Russia alone and that's how she escaped being sent to the Kielce ghetto which the Nazis had just created. Because of this she avoided dying in Treblinka like the rest of her family in 1942.

Lots of people died on train rides to Russia but my grandmother didn't. Instead, as an "illegal immigrant" to USSR, she was sent to work camp in Siberia. In Siberia, she lived in a cabin with other teenage girls. He job was to pull giant tree roots out of the ground. She didn't enough food or a proper coat. Many died in these work camps in the USSR but my grandmother managed to live long enough to see USSR and Poland become allies (instead of enemies) in 1941.

USSR released all the Poles from the work camps in Siberia, and somehow all these people made their way from Siberia to Uzbekistan. I have been told that they travelled by foot, which sounds crazy, but this might be the part of the journey were my grandmother lived by eating grass. (I don't know where this "eating grass" story actually happened, but I remember distinctly my grandmother telling me how terrible it is to live off of grass.)

In Uzbekistan, my grandmother met a teenage boy and his mother, and lived with them in a mud hut. The father had died on the way to Uzbekistan, I believe due to starvation. It was hot and there was not enough food. There were bread lines and people would fight. At this time, the Polish Army in Exile "Anders Army" was formed in from the all of the Polish refugees that had ended up in Uzbekistan. (My grandmother's future husband, my Saba Eliezer, was actually a cavalry officer in this army.)

At some point it was decided that the Polish Army should move from Uzbekistan to Iran. My grandmother was a stowaway that followed this army as it made its way to Iran. I think she rode with another girl friend on the back on an oil tanker. She reaches Iran by November 1942. Lots of Poles died in Iran, but many did fine and ended up staying (which is why you can find good Polish food in Iran).

Now the Jewish Agency arranges to bring some of the Jewish orphan children in Iran to Israel. My grandmother is not a child, is about 20 years old but somehow (I'll never know how) gets herself into this group, "The Teheran Children". It's the first group of Holocaust survivors to arrive in Israel in 1943. They came from Iran on a British ship that went first to Karachi. After two weeks in Karachi, they boarded another British ship that took them to Egypt via Yemen. They were attacked by Japanese torpedoes on the way, but finally they arrived in Eygpt and boarded a train to Israel in February 1943. She was finally safe.

As a final crazy footnote to this story, my other grandmother was one of the Israeli kids waiting at the train station waving flags and welcoming the refugees from Iran.

#holocaustmemorialday