[Ace] draft-ietf-ace-key-groupcomm / Appendix with generalized format for sign_info_entry
Marco Tiloca <marco.tiloca@ri.se> Thu, 15 April 2021 07:13 UTC
Return-Path: <marco.tiloca@ri.se>
X-Original-To: ace@ietfa.amsl.com
Delivered-To: ace@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 081F63A12E6 for <ace@ietfa.amsl.com>; Thu, 15 Apr 2021 00:13:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.8
X-Spam-Level:
X-Spam-Status: No, score=-2.8 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, MSGID_FROM_MTA_HEADER=0.001, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ri.se
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zRLSMrTnAKVV for <ace@ietfa.amsl.com>; Thu, 15 Apr 2021 00:13:24 -0700 (PDT)
Received: from EUR01-VE1-obe.outbound.protection.outlook.com (mail-eopbgr140042.outbound.protection.outlook.com [40.107.14.42]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A8B4B3A12E3 for <ace@ietf.org>; Thu, 15 Apr 2021 00:13:23 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=OUOf58RUj5ovX0rIDFaXDl6782yd0W4tIe+6rpdp+v8DdD0T8mLwtQpiZO4DqUw8lti5mp+1c2FLTZfBoxHt0Ue9vGGTDTidP2Fmvkvu9SW100gZp+AbGNOb7iIiK9/zGfCiWLjZ372334BgK0YZLWmCPhSif8NTlOna4hJnUvZCCE6bPbvabYNOU/2RodeffQqVtTTMCWrQ8d6FrPdf8XHIBPoiLlBnxExwic8xAFI6INm1U2hOgPLAGRnbMBwtYOTmgjz0kC0ISVBTah4sA3zy1aSks+AI6sn41pQUFrsOGfddi38h2cyMk8J2FItM7ieXOhLE74vfxwTVOhb6uw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=B7SyU+APrv27jjwVVyXosDRhmOiAvNT7SObtmNXzXf8=; b=UfEpxxPcFScI+K4ROmdRTVlX4S+Uo6+L/SO1EaICzWseTgkozJg6XJ7LEKvKwWAyW54bwn1KIItgb4ZwETZKikONv1ZOa06CtRz7jXmNHAGxzDgD73AtSyH/FNeNuukR5igi6kBjfJVopKDCJ/lYepQDEVsYiQTEjUEBf7zb/K/yfko9iq589+8taOye6Wy0HAtdRWKo2xDSNR16Kur8yov11IWFRDQd3NckmahJ6M9Jm6zaPQ282b9TYjRqRS/b0/tmMJF8AEapfc9WClii7DAqwLZH1TZebDaBu4I+CVHftuY0+AApGOrJ6hR6ugB33IhNYTj1WgMzg6A/HIuLYg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ri.se; dmarc=pass action=none header.from=ri.se; dkim=pass header.d=ri.se; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ri.se; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=B7SyU+APrv27jjwVVyXosDRhmOiAvNT7SObtmNXzXf8=; b=TK8chiUACB8Zh2V0HOKk81g2RDowSk6B6qchWYRnRX5OBnIDP/SSDH4uXAwMFK6MJx7oDdeNRi2dFtEKhtPv//X+Ql2ezW8PMvXaIRcRe2bWCKoiFrSmG0TY5OdrtC0j+imvbv8BUbqY4OydGZm4f+J3bYDd/8uLBYikNAmfSYg=
Authentication-Results: ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=none action=none header.from=ri.se;
Received: from DB8P189MB1032.EURP189.PROD.OUTLOOK.COM (2603:10a6:10:16e::14) by DB8P189MB0839.EURP189.PROD.OUTLOOK.COM (2603:10a6:10:148::8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4042.16; Thu, 15 Apr 2021 07:13:21 +0000
Received: from DB8P189MB1032.EURP189.PROD.OUTLOOK.COM ([fe80::6918:90f9:e9c4:d3b3]) by DB8P189MB1032.EURP189.PROD.OUTLOOK.COM ([fe80::6918:90f9:e9c4:d3b3%3]) with mapi id 15.20.4042.018; Thu, 15 Apr 2021 07:13:21 +0000
To: ace@ietf.org
From: Marco Tiloca <marco.tiloca@ri.se>
Message-ID: <c3825f19-8732-a62c-b229-0862b580eae5@ri.se>
Date: Thu, 15 Apr 2021 09:13:18 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.7.1
Content-Type: multipart/signed; micalg="pgp-sha256"; protocol="application/pgp-signature"; boundary="aAS4TcfSTpKCdC0x48OABWhtI9d469Jyf"
X-Originating-IP: [86.106.103.103]
X-ClientProxiedBy: HE1PR08CA0063.eurprd08.prod.outlook.com (2603:10a6:7:2a::34) To DB8P189MB1032.EURP189.PROD.OUTLOOK.COM (2603:10a6:10:16e::14)
MIME-Version: 1.0
X-MS-Exchange-MessageSentRepresentingType: 1
Received: from [10.8.1.4] (86.106.103.103) by HE1PR08CA0063.eurprd08.prod.outlook.com (2603:10a6:7:2a::34) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4042.16 via Frontend Transport; Thu, 15 Apr 2021 07:13:20 +0000
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: eb9ba0b6-98b7-46f9-f0bd-08d8ffddf357
X-MS-TrafficTypeDiagnostic: DB8P189MB0839:
X-Microsoft-Antispam-PRVS: <DB8P189MB0839948484C038B1D3F46E6C994D9@DB8P189MB0839.EURP189.PROD.OUTLOOK.COM>
X-MS-Oob-TLC-OOBClassifiers: OLM:5516;
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: KRHxWfAqpksS6BuAsNmAbs2Mqcb79iUPgFw7w4eHAecfiGLlhRGW0dd+Si3R+FDWGp9SvsXfUdhdo1JcmNZPqzStPiEA6qJmOs96Jik7tvb/HZwfxB2EtJMgW1nw7ACzbXzG1VYA+UdPH3smpQgze4dlfADjSkm/b1vID3E0N3Y2MQf1xC25jmgMllQHl3Rl4G3ejp/wQJoJMMycADYJLw++HQCZE22oxUaT+LAfNFVLeeZyxU3cski7joxJIdHpHtpi9zybaSZMlqYYkakSrkIryO9y0s2fx6dwtjDIR3VNIk6x/USiQDtnXJQETFua528XiNjuZdJFulFQeBhaQjp4x0t81C4igIaAKiDu/+dNFo8LnmR3vNNIF0cBRK2tMV6lAHXrfnpJXsnDvImMDHtn190TjJpfFm6VbdCFGmLHDoI/KwDox9LJBC+EWsxCCmk/dlnYwphYaHAMkmdeXiag9pU7blluUO7DoWe9Ae8LqPNpsLBmyYxTSs5fQ/3LwdU0MTWqyMjkXU9aYkfX8okcLh5SnTMM6OaiC2gZ+KJFOSSrLVHEWQ6LS6LQ03PhROlzK8z9zWf00VFOg6+pMVDx4X4bqpt4YDHJFqYpN+TtmqmeCj7fzFtgNb9LgGOhpyt89OFQZaziNTjq9UeVsawHU24NZz/sku8oI+DYNzIpFdoKHGB2N5fMLrK8PNGz/vOUdDyQ8Dum6mSYvxGP0huvq226GIsCVWYSWvwV5cs746ZRSlPORztqT8+KaqlBLf6yiqAMbp6K209fQhgq4O1B2l1a8q+yge8U1Vbuwfc=
X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DB8P189MB1032.EURP189.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(4636009)(366004)(396003)(39850400004)(346002)(376002)(136003)(956004)(52116002)(2616005)(2906002)(8936002)(66476007)(316002)(6486002)(6916009)(235185007)(33964004)(21480400003)(66556008)(38350700002)(16576012)(38100700002)(66946007)(26005)(478600001)(966005)(8676002)(44832011)(86362001)(83380400001)(31696002)(5660300002)(16526019)(36756003)(31686004)(186003)(45980500001)(43740500002); DIR:OUT; SFP:1101;
X-MS-Exchange-AntiSpam-MessageData: VLEzn2+zH96Dntl1YOkiB3L/hgKJilrl+llNYoEu5ARkMhG5MMyCu2ndD+U74grlSlEKPq73B0rCpkCktLFcqIS4J634PWS+kdahL8sjZOz8pC3uc35O7zHPAdikJexm2lb3SZoI6A0le79pA4LQxfeF2YObQv2rnB7T8kVY8wV1SasNNcBMAWsvgKoE+j73XuqwanW1X54fJWVYjDXlXOBhuwaq1RutTC0qSa3lvKRoR/WHVgs6KVeXYJ3WUDfe1zJljpNWilM+zchWSlupoWWn0Yw9TejE9RSdCW+wuQ0iL1OCkBd/cBozC2bKsOYOs19WOuARg9/s3XelJFv9tBnkbIO+tf/1rY3Q3mkI52MSp4+naTU3o22fY/bUpeIlaLSkVPUABaICw5wG1e2a+1YJN043HClgCskLtWzf1JnIjMLSFWLS6/rpUoV1v++3YQt8fzzngd89vQSI51+8AtqfwrCqfu0Nm2LxyaMJnVniVY3kRfCRU0e5xekzMarv9gGAaI//x5IylaYK3869GO6wlYrnAsTT0vdM6iJAJdzSbmwpQv3vPTfLmhTq8yYmQKNaX4GawxcTPxHuEX1RBnxu/L0I9H+c2co9hJlBAtNvi5y7+trmwmnbcdxAY+2tTvLs/TvFh/B2j29H/i+GpqIm41di3x3/T8gDuy8qNW/40N5R10vuJsLfCUqGhGyWyBZBOA4J63Bf7C0o+W8m/6iVWDMNeSX7/WCc/T03ljC9D+86foagVEngmoWYNwhuRYDAcWq6osBMUcKbOxm7kK+vl/75C3b4WiUkodyHuCxkyzNBSx0QdnCCu9X3oSt8vR+hkKn8rHJufgCbPyHdrU6cnPZCZo6BA8twbfcSlBTNX8MDFQ/Yjht6WJzise3we36zIaEHgvtYuTsV6KEHVnF4E/Q6/pWuHNdoU+piUTJqdSYD5ibuOUBFpLbSaDlhSFtdQkoE4Gp0mxE6skcK6AXnTBpJRIYTKSG0NtOebjJRSjUofvWXzSeVLrbXF5PW9GCDZOPIPpyVa6r1hvbBAvGACcT/emEKdkvxtzb4sWEwypBlrg04IGBsl7iMbkCaGH5K0v6H290kxOYfvq3jp3oSoW1WhZQFmTjVjdBVbLz8XpRTy/WPnOoosZURgu7i8b6T9BZZz1kb5fjby68ayBU8kj1NgRXD1BDuNbZhEGF9RkMWDHCB+sveo0KMaMP0RNs4XUHi0MVmkaq/p+VxELaEJ1iWu5POttJg9oPKgdJ4CcwbeJGSov5jJXNBBgE5p1R2Sbs3QPMPb4yrGFiOOu0nW8QJEF3s/7nxq/RU+W7vM0L/K9fTl2EwYV6LGAek
X-OriginatorOrg: ri.se
X-MS-Exchange-CrossTenant-Network-Message-Id: eb9ba0b6-98b7-46f9-f0bd-08d8ffddf357
X-MS-Exchange-CrossTenant-AuthSource: DB8P189MB1032.EURP189.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 15 Apr 2021 07:13:21.0587 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 5a9809cf-0bcb-413a-838a-09ecc40cc9e8
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: yslKw9WUoMt1D663yySqgHwEFNM1NkDrU8JKG7bvurdH2/iEEmWADr/YLJbzeRxXh40aNJ0Py6xAx9q6pUhHPg==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB8P189MB0839
Archived-At: <https://mailarchive.ietf.org/arch/msg/ace/aRwe1NIKjbHsGqNSaIn4ubtwGcQ>
Subject: [Ace] draft-ietf-ace-key-groupcomm / Appendix with generalized format for sign_info_entry
X-BeenThere: ace@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" <ace.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ace>, <mailto:ace-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ace/>
List-Post: <mailto:ace@ietf.org>
List-Help: <mailto:ace-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ace>, <mailto:ace-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 15 Apr 2021 07:13:29 -0000
Hello ACE, Following the discussion at the virtual interim meeting this week (see [1] and slides 4-5 at [2]), I have focused on "Option 2" presented in slide 5 of [2]. You can find the changes in the commit at [3], and in the Editor's copy at [4] --- see last paragraph of Section 3.3.1 as well as the new Appendix B. Having this actually written down should make it easier to give any feedback :-) To summarize, this doesn't change the format of 'sign_info_entry' as defined in the document body, and doesn't break any profile/implementation of this document. On the other hand, the generalized format in Appendix B: - Is both retrocompatible and future-proof for future registered COSE algorithms, with possibly more than only Key Type as their algorithm capabilities. - If used with any of today's algorithms, it yields again the same 'sign_info_entry' format defined in the document body. The points above apply also in case "Option 1" in slide 5 of [2] was used, but "Option 2" appears to be cleaner, less invasive and not conducive to bad usages of the generalized format by profiles of this document. Feedback are welcome! Thanks, /Marco [1] https://datatracker.ietf.org/doc/minutes-interim-2021-ace-07-202104131000/ [2] https://datatracker.ietf.org/meeting/interim-2021-ace-07/materials/slides-interim-2021-ace-07-sessa-ace-key-groupcomm-oscore-00.pdf [3] https://github.com/ace-wg/ace-key-groupcomm/commit/025e37429b1bf628abc2e6d94892c8cb04846ad1 [4] https://ace-wg.github.io/ace-key-groupcomm/v-12/draft-ietf-ace-key-groupcomm.html -- Marco Tiloca Ph.D., Senior Researcher Division: Digital System Department: Computer Science Unit: Cybersecurity RISE Research Institutes of Sweden https://www.ri.se Phone: +46 (0)70 60 46 501 Isafjordsgatan 22 / Kistagången 16 SE-164 40 Kista (Sweden)
- [Ace] draft-ietf-ace-key-groupcomm / Appendix wit… Marco Tiloca