Re: [Cbor] [Rats] Combining CBOR protocol libraries

Laurence Lundblade <> Fri, 21 May 2021 19:12 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 79AE53A1D43 for <>; Fri, 21 May 2021 12:12:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.893
X-Spam-Status: No, score=-1.893 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id hocvBbS6hcEP for <>; Fri, 21 May 2021 12:12:29 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 2BB453A1D41 for <>; Fri, 21 May 2021 12:12:29 -0700 (PDT)
Received: from [] ([]) by :SMTPAUTH: with ESMTPA id kAZQlWewzglockAZQlAO1T; Fri, 21 May 2021 12:12:28 -0700
X-CMAE-Analysis: v=2.4 cv=LMqj/La9 c=1 sm=1 tr=0 ts=60a8061c a=t2DvPg6iSvRzsOFYbaV4uQ==:117 a=t2DvPg6iSvRzsOFYbaV4uQ==:17 a=0XtbOteLAAAA:20 a=7CQSdrXTAAAA:8 a=K6EGIJCdAAAA:8 a=48vgC7mUAAAA:8 a=HEonoVtKCSpAnO0fw30A:9 a=QEXdDO2ut3YA:10 a=k7KLY2EzodI-C8f_:21 a=_W_S_7VecoQA:10 a=a-qgeE7W1pNrGK8U0ZQC:22 a=L6pVIi0Kn1GYQfi8-iRI:22 a=w1C3t2QeGrPiZgrLijVG:22
From: Laurence Lundblade <>
Message-Id: <>
Content-Type: multipart/alternative; boundary="Apple-Mail=_D56675B0-7497-43A2-9F96-B073E398FF8B"
Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.17\))
Date: Fri, 21 May 2021 12:12:27 -0700
In-Reply-To: <>
Cc: "" <>, "" <>
To: Thomas Fossati <>
References: <> <> <> <>
X-Mailer: Apple Mail (2.3445.104.17)
X-CMAE-Envelope: MS4xfP1rJjDXTiVcMBDvalsAGT43U0VUXUMcG6Cwzwdr5RWE1F6yEzIrbMPq7K5AaVo0SBLjxS+VhYibbNkBQMJXP50Z9z2cyMmaoZlrjqag4bvTu/StfQYZ gqvILrm3LXovYpO14RRSUfw0j7S7yv7+uJIg4S8HACT1SCqW2tgfYP5kz+BObcssZrl+zNN1G7kV5mD+/bj0f6/W6yPkBtellYmO34Pjq4ly4EnihL8DFHSn haCBKueu6K2ixaMGVHbUXg==
Archived-At: <>
Subject: Re: [Cbor] [Rats] Combining CBOR protocol libraries
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Concise Binary Object Representation \(CBOR\)" <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Fri, 21 May 2021 19:12:35 -0000

I’ve made an update to the manifests and swevidece EAT claims here <> that requires byte string wrapping. It also puts tags to use for kind of a full solution for identifying and handing off sub-protocol in the CBOR context. It goes like this:

If the sub-protocol is CBOR based (e.g. a CoSWID), then wrap it in a byte string and rely on the sub-protocol tag for dispatch to the correct handler.

If the sub-protocol is NOT CBOR based (e.g. and XML SWID), then contain it in a tagged byte string and again use the tag for dispatch.

In the first the tag is the contents of the byte string wrapping and in the second the byte string is the contents of a tag.

Note that I’m using the word “tag” here to mean the tag number AND tag content. I believe the at is the correct use of the tag in the CBOR context, even though it is counter intuitive.

(I also plan to eventually allow QCBOR to return raw encoded CBOR for arrays and maps to be able to implement protocols that don’t add the byte string wrapping layer)


> On May 21, 2021, at 12:16 AM, Thomas Fossati <> wrote:
> On 20/05/2021, 22:10, "Laurence Lundblade" <> wrote:
>> So which is the better practice, byte-string wrapping for protocols or
>> a requirement on your better CBOR decoders?
> From an IETF perspective, what we can do to make protocol composition
> easier is to do as you suggested.
> IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.
> _______________________________________________
> CBOR mailing list