IETF Logo Mail Archive

Re: [Cbor] Unusual map labels, dCBOR and interop

Wolf McNally <wolf@wolfmcnally.com> Thu, 28 March 2024 02:42 UTC

Return-Path: <wolf@wolfmcnally.com>
X-Original-To: cbor@ietfa.amsl.com
Delivered-To: cbor@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9FA72C400EEB for <cbor@ietfa.amsl.com>; Wed, 27 Mar 2024 19:42:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.894
X-Spam-Level:
X-Spam-Status: No, score=-1.894 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=wolfmcnally-com.20230601.gappssmtp.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Y0A-Jh70bwQw for <cbor@ietfa.amsl.com>; Wed, 27 Mar 2024 19:42:56 -0700 (PDT)
Received: from mail-pj1-x1030.google.com (mail-pj1-x1030.google.com [IPv6:2607:f8b0:4864:20::1030]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 08D3BC28EAE2 for <cbor@ietf.org>; Wed, 27 Mar 2024 19:42:55 -0700 (PDT)
Received: by mail-pj1-x1030.google.com with SMTP id 98e67ed59e1d1-29c14800a7fso380662a91.2 for <cbor@ietf.org>; Wed, 27 Mar 2024 19:42:55 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=wolfmcnally-com.20230601.gappssmtp.com; s=20230601; t=1711593775; x=1712198575; darn=ietf.org; h=to:references:message-id:content-transfer-encoding:cc:date :in-reply-to:from:subject:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=TCAQkPrxzBS8YW/I5cwbhzcSXjI8QYrr5LsmbYiwdP4=; b=NuoB7YA8rHyqFgIy11xQvJncs0AXWhd3CHIoi7/u4CrcqDH0JY/l8EGDl7n5qJTnU8 cqp9u/Nz72cDv4PJT5i0gCf//qN9P32aRZiI2t/EzMbtwz/4KBUI8yoQYe3Lt5qVx63+ V3H+xIaSMRxYUV8UzQdpjXs/+UGD7ZQb7Cj/XUf4hfkOdrOdHiTz3w1r+GF5LzEvfNyV zd+tsiZyDV9cKNlvfApex65e0b76BLVos1XHTzcom6Vx9a4XYriEAoeo+7IaNFQ9TNgJ evgidEFWfYRc5G5/okj3oOPb0DCL7b9GfOALdxXBRgG3HH2dfdSkIXGRF1Uj6Fu1wKGJ hJ/w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1711593775; x=1712198575; h=to:references:message-id:content-transfer-encoding:cc:date :in-reply-to:from:subject:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=TCAQkPrxzBS8YW/I5cwbhzcSXjI8QYrr5LsmbYiwdP4=; b=FuT/vPn/GzT5BzVgpRh5jawy8Ael2WTqsqk9eat4P8flyviQ1XgkCnl0x9hekAtc0V l4at18qcuzOfaka8JzJO8m3igJXk649eX2WUBicPgFS+SfnE+h7CxhXO02Vkun2gVwb5 fyC9jjsE53tPSg6MbjwiFAUwoMcIqRNPZqOWcq5QfbctVsOgKil6ncrS1qPX6KjV6Eax nZhLiG69sfG2EnOeFTIyGzaUdaJ/QyBqxjuXgEIEkKqN8hFSBcn29js/pwX8oKlia1f6 jDwcxcNzSvaduC6pylLUD5uzZrMcRVk7W4VzRa2MO8PDjmVXNhjsBOAUwYdkY98OW95g zzow==
X-Forwarded-Encrypted: i=1; AJvYcCX/O1bha0eOb7BrvuIS6oOTFgtPXab1Xx82cQ+AfUJjbDcvMcqtidUA5+Me5iuMO98QToB6CBU4EVTolwoQ
X-Gm-Message-State: AOJu0Yy5P4bzMEilWYzY1rJUyVE8W+jQ65c7CruvTMvEnbGbPovShO07 yAMYfCdNAA+qGwAc5pnz3zC9FawYJRRXHFcWGxgfw6SiQDox3tlXRON+wlbI72A=
X-Google-Smtp-Source: AGHT+IG+CQzAuZQYfdK3htUdV1mTXmK6XWAsdut6B+skUhCKN3M4c5Zqax2bBnwI4YhA4TbaGbDuSA==
X-Received: by 2002:a17:90a:71c8:b0:29d:fb03:48b0 with SMTP id m8-20020a17090a71c800b0029dfb0348b0mr1277726pjs.44.1711593775102; Wed, 27 Mar 2024 19:42:55 -0700 (PDT)
Received: from smtpclient.apple (ip70-180-193-108.lv.lv.cox.net. [70.180.193.108]) by smtp.gmail.com with ESMTPSA id h11-20020a17090aa88b00b0029bacd0f271sm2466310pjq.31.2024.03.27.19.42.53 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Wed, 27 Mar 2024 19:42:54 -0700 (PDT)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3774.500.171.1.1\))
From: Wolf McNally <wolf@wolfmcnally.com>
In-Reply-To: <CAN8C-_+72_H=mk6xGuSk72rZWVg9Ff0d_b_o8Rz+kRWn1FruCQ@mail.gmail.com>
Date: Wed, 27 Mar 2024 19:42:42 -0700
Cc: "lgl island-resort.com" <lgl@island-resort.com>, Carsten Bormann <cabo@tzi.org>, cbor@ietf.org, Christopher Allen <christophera@lifewithalacrity.com>, Shannon Appelcline <shannon.appelcline@gmail.com>
Content-Transfer-Encoding: quoted-printable
Message-Id: <E585B8F9-BA13-4018-8D50-3C7560183BC4@wolfmcnally.com>
References: <8C245824-1990-4616-AB70-FFD4FACB1AE9@island-resort.com> <11E8A8A5-D891-49FF-AF16-697C06F463B3@tzi.org> <9A0CE364-C141-4EBE-9703-292C416D12F5@island-resort.com> <3D62C4F0-D570-4EE4-AF6A-163C708AA6BE@tzi.org> <58BA8F8C-0C63-4534-9BF7-255C32D02C16@island-resort.com> <5F1E1133-4565-4D0A-98EE-A13C6F5F67AA@wolfmcnally.com> <CAN8C-_+72_H=mk6xGuSk72rZWVg9Ff0d_b_o8Rz+kRWn1FruCQ@mail.gmail.com>
To: Orie Steele <orie@transmute.industries>
X-Mailer: Apple Mail (2.3774.500.171.1.1)
Archived-At: <https://mailarchive.ietf.org/arch/msg/cbor/PA6XgQnB8ILrv35YqbThG81ifnU>
Subject: Re: [Cbor] Unusual map labels, dCBOR and interop
X-BeenThere: cbor@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Concise Binary Object Representation \(CBOR\)" <cbor.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/cbor>, <mailto:cbor-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cbor/>
List-Post: <mailto:cbor@ietf.org>
List-Help: <mailto:cbor-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/cbor>, <mailto:cbor-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 28 Mar 2024 02:42:56 -0000

Orie,

> On Mar 27, 2024, at 6:57 PM, Orie Steele <orie@transmute.industries> wrote:
> 
> Using deterministic encoding to serialize map keys is interesting.
> 
> I wonder about security issues with distinguishability.
> 
> Consider the case where a map has keys that are serialized with and without deterministic encoding.

Map keys in dCBOR are themselves part of the dCBOR serialization and must therefore also conform to dCBOR.

> 
> Restricting map keys, reminds me of another flavor of CBOR, I think it was called dag-cbor, it required all map keys to be tstr... Whereas dCBOR requires them all to be bstr?

No, the handling of map keys as serialized dCBOR strings internally is a detail of our reference implementation. dCBOR map keys are simply serialized as dCBOR items like every other dCBOR item— they are not segregated into typed byte strings. So the map:

{[1, 2, 3]: "Hello”}

Is serialized as:

A1               # map(1)
   83            # array(3)
      01         # unsigned(1)
      02         # unsigned(2)
      03         # unsigned(3)
   65            # text(5)
      48656C6C6F # "Hello"

Not as:

{h'83010203': "Hello”}

A1               # map(1)
   44            # bytes(4)
      83010203   # "\x83\u0001\u0002\u0003"
   65            # text(5)
      48656C6C6F # "Hello"

> Is it critical to assign unique media types in order for deserialization to succeed?

No, for the reasons stated above.

> I also wonder about interactions with COSE and related protocols especially regarding unprotected headers.

COSE is not necessarily dCBOR, although you can certainly encode COSE in compliance with dCBOR. And for particular applications you can certainly state that any of the signed byte strings in the protected header or payload must conform to dCBOR, which would help ensure determinism. For example, the payload could be a serialized Gordian Envelope, which is a format that supports verifiable claims based on dCBOR. We at Blockchain Commons are considering proposing the inclusion of Gordian Envelope as a Verifiable Data Structure for inclusion in the COSE Receipts registries.

https://datatracker.ietf.org/doc/draft-mcnally-envelope/

~ Wolf

v2.23.0 | Report a Bug | By Email