Re: [Cbor] Deterministic CBOR as a possible DISPATCH item
Christopher Allen <christophera@lifewithalacrity.com> Mon, 06 March 2023 20:44 UTC
Return-Path: <christophera@lifewithalacrity.com>
X-Original-To: cbor@ietfa.amsl.com
Delivered-To: cbor@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DBE67C1526E9 for <cbor@ietfa.amsl.com>; Mon, 6 Mar 2023 12:44:34 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.898
X-Spam-Level:
X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=lifewithalacrity-com.20210112.gappssmtp.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SSiSMiG56ouX for <cbor@ietfa.amsl.com>; Mon, 6 Mar 2023 12:44:34 -0800 (PST)
Received: from mail-ed1-x529.google.com (mail-ed1-x529.google.com [IPv6:2a00:1450:4864:20::529]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5240CC15257C for <cbor@ietf.org>; Mon, 6 Mar 2023 12:44:33 -0800 (PST)
Received: by mail-ed1-x529.google.com with SMTP id a25so44281758edb.0 for <cbor@ietf.org>; Mon, 06 Mar 2023 12:44:33 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lifewithalacrity-com.20210112.gappssmtp.com; s=20210112; t=1678135472; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=4ueFKFi7INrTcOEJhTnzf8ePxnPENVt4W9nN4j7yw5Q=; b=dPWxKjaYAy+CmSC/so4LcAIXA5vmVusXOinLHQuYTQdi1ieJaazuX3sgmfF81DRDBN WJsh1XX1xqKA1Y2iqOxc6aeTL1CxVNsAnVMYilgLARFnQAyau4pqzA95RFrYkwvkcTLv K9RvhzpZC3qX4pSqZq7Xk0sc3CiLO4ng0XnVzCCf/W2b+/kjKjXZ8kIhXOGeE5JIJBpS ciKb5iA/lNj0/qs1w4ZRruJjPDGiH29n11VguPr8nxj0RM+N/W32aSimbt4Fi1p2ee3u Hne7C+qqjy5XqQm1IRkPVPkS9SNWnSMNs1ebpfE/EReGbh6ukOpUptVEPjvbl3fSsRg9 8LbA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; t=1678135472; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=4ueFKFi7INrTcOEJhTnzf8ePxnPENVt4W9nN4j7yw5Q=; b=Ibf6aeTxRinxIl17TE3PoTLqEkPj+LoOn6i9P3OD6ZDMEqBjaq6ZLT0G8xEfNTIVAc wh8g9GtuH3yb6Sa61DLR5Qi2Izllgn1Mft99jkQ8vHKwHmiqtdAY98XxsQd/txLhcOod FbDMkr3dj3NhuUN1QDFI6GEeHBv5e9+7zy6jZxoJMBGAS+8Ewizy+X7dDBnBY/YEt1Z7 tnstEW6w/ZmGw8yekpGEEJ2rnmVNCyfmUB4RPZKQZRMAXDvoqj7L7UvogirP0+bUM3S+ gIVONtFPbstyVtgrYO8y/ZK+XpOuviAxFvIGcoRKGW1HqIYrIBaSlwWC61/9AZo6qjGk 9ahA==
X-Gm-Message-State: AO0yUKWhdzGhMLq7xVuVcdNN8BJhankRfD7jgcdmq42/+sjI93gQmKks fYm4BS1keuhE/o8ToLHDgnArSIEe5JexL7rxjthZXQ==
X-Google-Smtp-Source: AK7set+lRVyelK38EoA2HMLFAv+iB6b+mCaXZY2vCGzEoYi35Dzlq2F2oZLsHoYkv4BLXHB9vhxVp5fkiDvurJATnik=
X-Received: by 2002:a50:c345:0:b0:4be:f5a0:a806 with SMTP id q5-20020a50c345000000b004bef5a0a806mr6820189edb.0.1678135471749; Mon, 06 Mar 2023 12:44:31 -0800 (PST)
MIME-Version: 1.0
References: <A9CF043D-4FA9-48D4-B953-3BE7AA40D1E0@tzi.org> <D25A0C94-ADAD-4C3D-8669-AA7FE9A6B3C4@wolfmcnally.com> <FA0E2D22-37F4-4C27-B5F5-E841D13EF0CF@tzi.org> <1DA00A88-64DF-48FD-B03E-10B520934DD2@island-resort.com> <3D57170C-61E4-4192-8B5F-120134ADA964@tzi.org> <F16409C6-81FF-4C99-A465-0BE1C07AD603@island-resort.com>
In-Reply-To: <F16409C6-81FF-4C99-A465-0BE1C07AD603@island-resort.com>
From: Christopher Allen <christophera@lifewithalacrity.com>
Date: Mon, 06 Mar 2023 12:44:00 -0800
Message-ID: <CAAse2dFgsHP-kpu-vgfc0JbSvzL9PEG5+0FTE-xVAWfvqBQycg@mail.gmail.com>
To: Laurence Lundblade <lgl@island-resort.com>
Cc: Carsten Bormann <cabo@tzi.org>, Wolf McNally <wolf@wolfmcnally.com>, Anders Rundgren <anders.rundgren.net@gmail.com>, cbor@ietf.org, Shannon.Appelcline@gmail.com
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/cbor/FH7Rg_6rrAA7qXgsj9FZeLLNNyM>
Subject: Re: [Cbor] Deterministic CBOR as a possible DISPATCH item
X-BeenThere: cbor@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Concise Binary Object Representation \(CBOR\)" <cbor.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/cbor>, <mailto:cbor-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cbor/>
List-Post: <mailto:cbor@ietf.org>
List-Help: <mailto:cbor-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/cbor>, <mailto:cbor-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 06 Mar 2023 20:44:34 -0000
On Mon, Mar 6, 2023 at 10:23 AM Laurence Lundblade <lgl@island-resort.com> wrote: >the blanket statement that “deterministic CBOR encoding is required for (all) signing (in the known world)”. That is not the statement we desire to make. That being said, it has some truth under it — I've been struggling over the past 6 years with challenges in various W3C communities and WGs about using JWT vs. using a graph format, (the original being signed RDF, and the latest version being JSON-LD). It has surfaced not only in the Verifiable Credentials 1.0 standard (ratified in 2019 and modified in 2022), and the Decentralized Identifier standard (ratified last year). It continues to be a challenge in the discussions toward a VC 2.0 spec just this month. Though the problems in the W3C attempts to compromise between these approaches are many, one clue to one of the sources of the larger problem is your statement: On Mon, Mar 6, 2023 at 10:23 AM Laurence Lundblade <lgl@island-resort.com> wrote: > The signature scheme here could be anything that can carry a payload Including the payload causes can cause a host of problems. Keeping copies of the payload around in its original structure is difficult, in particular in constrained environments, and also when the verifier has a different model for the data than the issuer, for instance, one of the multiple graph data forms vs JWTs lists of pairs. Another issue is that some business processes require multiple signers, and this means that the payload is often duplicated many times as each signer adds to the chain. There are ways around this but they cause additional challenges. There are also privacy and correlation issues with keeping payloads around. Often a signed statement has personal data beyond what is relevant to the business process. GDPR demands we discard that information. Beyond the GDPR requirements, the correlation risks that various parties are advocating to avoid in VC & DIDs require complex zk-* proposals, such as BBS+ proofs, that also have an impact on choices when canonicalizing the payload (and the schema). Another issue with payload is the requirement by some parties to conform to some form of schema. When should the schema be signed too? Is it also a correlation risk? As a co-author and invited expert to these W3C standards, I signed off on the final specs despite reservations about the canonicalization compromise proposed by both of the two broadest-deployed solutions, partly because I could not offer an alternative. Stewing on it for a couple of years led to Gordian Envelope architecture on top of dCBOR efforts to minimize those problems. There have been a number of important parties in the W3C over the last year that are uncomfortable with the JWT/JSON-LD compromise for various credentials and certificate formats, and have suggest that the answer might be in CBOR. Combined with the constraints of dCBOR, I think them looking to adopt IETF CBOR as a base makes sense (even for those who don't want to use Gordian Envelope). Related, when I asked around very early on for a review of the Gordian Envelope spec among my former IETF colleagues (I was editor of the TLS 1.0 spec in the 90s), the almost universal response was "why not just use JSON?". It is too hard to explain to them how hard it is to canonicalize JSON based what happened when W3C tried to integrate JWT. Almost all of my colleagues also say have never really have looked at the CBOR spec, and written it off. I think this is unfortunate, as I believe it will be the underlying data format for privacy-focused security in the future. -- Christopher Allen
- [Cbor] Deterministic CBOR as a possible DISPATCH … Anders Rundgren
- Re: [Cbor] Deterministic CBOR as a possible DISPA… Carsten Bormann
- Re: [Cbor] Deterministic CBOR as a possible DISPA… Anders Rundgren
- Re: [Cbor] Deterministic CBOR as a possible DISPA… Wolf McNally
- Re: [Cbor] Deterministic CBOR as a possible DISPA… Anders Rundgren
- Re: [Cbor] Deterministic CBOR as a possible DISPA… Carsten Bormann
- Re: [Cbor] Deterministic CBOR as a possible DISPA… Carsten Bormann
- Re: [Cbor] Deterministic CBOR as a possible DISPA… Wolf McNally
- Re: [Cbor] Deterministic CBOR as a possible DISPA… Carsten Bormann
- Re: [Cbor] Deterministic CBOR as a possible DISPA… Laurence Lundblade
- Re: [Cbor] Deterministic CBOR as a possible DISPA… Carsten Bormann
- Re: [Cbor] Deterministic CBOR as a possible DISPA… Christopher Allen
- Re: [Cbor] Deterministic CBOR as a possible DISPA… Laurence Lundblade
- Re: [Cbor] Deterministic CBOR as a possible DISPA… Christopher Allen
- Re: [Cbor] Deterministic CBOR as a possible DISPA… Carsten Bormann
- Re: [Cbor] Deterministic CBOR as a possible DISPA… Carsten Bormann
- Re: [Cbor] Deterministic CBOR as a possible DISPA… Laurence Lundblade
- Re: [Cbor] Deterministic CBOR as a possible DISPA… Laurence Lundblade
- Re: [Cbor] Deterministic CBOR as a possible DISPA… Christopher Allen
- Re: [Cbor] Deterministic CBOR as a possible DISPA… Christopher Allen
- Re: [Cbor] Deterministic CBOR as a possible DISPA… Laurence Lundblade