IETF Logo Mail Archive

[Cbor] Review: draft-bormann-cbor-packed-00 & SUIT

Brendan Moran <Brendan.Moran@arm.com> Tue, 28 July 2020 15:25 UTC

Return-Path: <Brendan.Moran@arm.com>
X-Original-To: cbor@ietfa.amsl.com
Delivered-To: cbor@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 865F03A0D84 for <cbor@ietfa.amsl.com>; Tue, 28 Jul 2020 08:25:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=armh.onmicrosoft.com header.b=Z8ikhWCq; dkim=pass (1024-bit key) header.d=armh.onmicrosoft.com header.b=Z8ikhWCq
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9llcQ8I5M9FC for <cbor@ietfa.amsl.com>; Tue, 28 Jul 2020 08:24:59 -0700 (PDT)
Received: from EUR04-HE1-obe.outbound.protection.outlook.com (mail-eopbgr70054.outbound.protection.outlook.com [40.107.7.54]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1BCCC3A0D4E for <cbor@ietf.org>; Tue, 28 Jul 2020 08:24:58 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=gniwxON+Fjz5oB7A03HYYlgzOJtOh/X2FRGCk2uU8O8=; b=Z8ikhWCqLMD8l8nqzlfEcYTarCLa7YLwmMsnqlmBVUPJdnO1frH26P9Gr54yRxi4PCBODdKVhiGQvvIGyMrs7PJuiarsYdGwV/5EHDFxbEoF5eQojctt3kWKJQyw7GOl7uq8e6AYRzwp/PfzhLVKkP/tb/lCSzc6bwrFkMKWLps=
Received: from DB6PR07CA0016.eurprd07.prod.outlook.com (2603:10a6:6:2d::26) by AM6PR08MB4535.eurprd08.prod.outlook.com (2603:10a6:20b:74::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3216.24; Tue, 28 Jul 2020 15:24:55 +0000
Received: from DB5EUR03FT044.eop-EUR03.prod.protection.outlook.com (2603:10a6:6:2d:cafe::8e) by DB6PR07CA0016.outlook.office365.com (2603:10a6:6:2d::26) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3239.9 via Frontend Transport; Tue, 28 Jul 2020 15:24:55 +0000
X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 63.35.35.123) smtp.mailfrom=arm.com; ietf.org; dkim=pass (signature was verified) header.d=armh.onmicrosoft.com;ietf.org; dmarc=bestguesspass action=none header.from=arm.com;
Received-SPF: Pass (protection.outlook.com: domain of arm.com designates 63.35.35.123 as permitted sender) receiver=protection.outlook.com; client-ip=63.35.35.123; helo=64aa7808-outbound-1.mta.getcheckrecipient.com;
Received: from 64aa7808-outbound-1.mta.getcheckrecipient.com (63.35.35.123) by DB5EUR03FT044.mail.protection.outlook.com (10.152.21.167) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3216.10 via Frontend Transport; Tue, 28 Jul 2020 15:24:55 +0000
Received: ("Tessian outbound c4059ed8d7bf:v62"); Tue, 28 Jul 2020 15:24:55 +0000
X-CheckRecipientChecked: true
X-CR-MTA-CID: 98c74295591d1c4e
X-CR-MTA-TID: 64aa7808
Received: from 21df720a3adc.1 by 64aa7808-outbound-1.mta.getcheckrecipient.com id 3D98A1AE-942C-4587-BAFD-05737087FC89.1; Tue, 28 Jul 2020 15:24:49 +0000
Received: from EUR03-VE1-obe.outbound.protection.outlook.com by 64aa7808-outbound-1.mta.getcheckrecipient.com with ESMTPS id 21df720a3adc.1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384); Tue, 28 Jul 2020 15:24:49 +0000
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=ZN4bdfnR/OIPETnhGwQqhJrvQmMunPISrBXTqzA4Wf7ZoaFcDI51O13ewtobGuqFizNKoyuvsOmo+AzO5LWiYr9WOd7nsLVQ9EcqGNqoCd9R1naH74g6sK2+3b/xCjtm+62gSnOIT41jzicRr9qlqUq4IzvHHPFDW2u3+DWhkBTYBmuNvtv5NMQDelnCzWLUbYbkgL2t50H+MNMUA307WPuS5md1HglwkviJG89CylTaoxFOeskXmNpUj6rClfp95sur06nDHgGWsyFE3C+VfUNhC6WY58KmBK6AAbtXihhhiI/WwH1hWVnOKeUJar8gjJ9LJJgm096fdbzo0XbKVA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=gniwxON+Fjz5oB7A03HYYlgzOJtOh/X2FRGCk2uU8O8=; b=TBIOZ+4JXOm0QDU+t0mUCgYDFBdF5BfDd61637BVqzSGTZp9UL+K327fWJ8hROg1CclB8mjC0QIwZmxjfDH4OPxxoPigbrh6voUcF5dSRO6qsc8xtOyrnrgju2QAPtm5XjD0QMAPLwHQbw0UhcGOAmod3BnJSVehVW6ZxawKCPzEUrvD2Z33AlhQz7HIfWKZ5BoISZyGEZn2QBEzC2YlBf8j7s5KHjfy0iCJoZMt4tdSACPQRBYZ7rO9w3im2V0e0wONIfiJhfZmtTuAGdeKKkdrMqh1jkE/Bf/tTcAk5+W8qD/d5u4HPNrEWNmVqlCMp0UPppY+z+bZzeJBJshLTA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=arm.com; dmarc=pass action=none header.from=arm.com; dkim=pass header.d=arm.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=gniwxON+Fjz5oB7A03HYYlgzOJtOh/X2FRGCk2uU8O8=; b=Z8ikhWCqLMD8l8nqzlfEcYTarCLa7YLwmMsnqlmBVUPJdnO1frH26P9Gr54yRxi4PCBODdKVhiGQvvIGyMrs7PJuiarsYdGwV/5EHDFxbEoF5eQojctt3kWKJQyw7GOl7uq8e6AYRzwp/PfzhLVKkP/tb/lCSzc6bwrFkMKWLps=
Received: from AM6PR08MB4738.eurprd08.prod.outlook.com (2603:10a6:20b:cf::10) by AM6PR08MB3400.eurprd08.prod.outlook.com (2603:10a6:20b:42::27) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3216.21; Tue, 28 Jul 2020 15:24:48 +0000
Received: from AM6PR08MB4738.eurprd08.prod.outlook.com ([fe80::a98d:5ebe:dc1d:ea56]) by AM6PR08MB4738.eurprd08.prod.outlook.com ([fe80::a98d:5ebe:dc1d:ea56%3]) with mapi id 15.20.3216.034; Tue, 28 Jul 2020 15:24:48 +0000
From: Brendan Moran <Brendan.Moran@arm.com>
To: "cbor@ietf.org" <cbor@ietf.org>
Thread-Topic: Review: draft-bormann-cbor-packed-00 & SUIT
Thread-Index: AQHWZPM60qihXvrkZ0asN5pzHoB6sw==
Date: Tue, 28 Jul 2020 15:24:48 +0000
Message-ID: <5E28C6E2-DFEC-4AF5-96CE-75E8F0927818@arm.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-mailer: Apple Mail (2.3608.80.23.2.2)
Authentication-Results-Original: ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=none action=none header.from=arm.com;
x-originating-ip: [82.20.19.206]
x-ms-publictraffictype: Email
X-MS-Office365-Filtering-HT: Tenant
X-MS-Office365-Filtering-Correlation-Id: 15bc81b7-2803-48ae-d48f-08d8330a61e7
x-ms-traffictypediagnostic: AM6PR08MB3400:|AM6PR08MB4535:
X-Microsoft-Antispam-PRVS: <AM6PR08MB4535B87EA06DBC00BACBACE0EA730@AM6PR08MB4535.eurprd08.prod.outlook.com>
x-checkrecipientrouted: true
nodisclaimer: true
x-ms-oob-tlc-oobclassifiers: OLM:10000;OLM:10000;
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam-Untrusted: BCL:0;
X-Microsoft-Antispam-Message-Info-Original: QDBP3FUQQsZEcUm9MhrzhqOOLT5Gxn6oHU+EhN+AyHu3Wx60HoZBO6AShysWQJ0E+qha6FXdKLZK/YsyX2q5e0P35YSB/TOebLknbVeIXc87an3pAkdzZYxBmyfE+RE+Ybv/WPBTNF82eS/NWF/EcYVZjXZMJU0xDt4l3hMk3+71vc5gf1A/V3aknwUzr8SmGu0QpGC195QIAms9ChDQWHbHW1rBrXyepxiM+uHO7KgptrB8lNl3ooqCM04qLs6BBITHeuDwTFsWuB1wF89nmtOBlDyfDu1rjRzLWLfzJuKYQM/8r/e9HyqNXV49BUPa6C9cpgqJ+0qe1ibnTEpPUw==
X-Forefront-Antispam-Report-Untrusted: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:AM6PR08MB4738.eurprd08.prod.outlook.com; PTR:; CAT:NONE; SFTY:; SFS:(4636009)(39860400002)(396003)(136003)(366004)(346002)(376002)(86362001)(6506007)(71200400001)(6916009)(478600001)(33656002)(2616005)(8676002)(8936002)(6486002)(6512007)(316002)(2906002)(5660300002)(36756003)(83380400001)(26005)(66946007)(91956017)(76116006)(66556008)(66446008)(186003)(66476007)(64756008); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata: XepFDIZb7LFA8xCDVQg6pPBWzzs7pcHPYxIGVSwzweky0yVzIP+C3Od8LwRFrVt9/Fp9QjnfLvlAs//TOp0jVKPagXLmTfyCva6FFRV+F/cIxwg9zCEEZ4/UR7nh3vlqP4wYXVV0dyD9TLJwqY9npIblccnErFhgKiw7SZyD08zDKwzKvKQh0BApGCKSZ6PLKd4tmw58cAIefY2ImvMacOlD1Ysw/YWTXk4S//yPwyQN6kiUdhT3QhMWCn+LuzZVP4EdCsLIvwgxgHr/+leNNYrC7tN71R/9ObwVmzmm3VVj2Sqj7n6/MNBZhbqb4cvdxFuDyswSdd/AlBe9sFz3JWluWk2D4k3T2d6nLWvAQZXOfOywb4eDQrOKTvy+mLZRZb0OFfB2dwDLcAGqvasvVQGkCUUL8/+bQ8uqWXHDIGnlHoSefccaNCWyb58gEM4kCsdTUhgw9mwhdMtP2U/S9BHVCUCOFhEOF30+/ruV/fc=
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_5E28C6E2DFEC4AF596CE75E8F0927818armcom_"
MIME-Version: 1.0
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM6PR08MB3400
Original-Authentication-Results: ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=none action=none header.from=arm.com;
X-EOPAttributedMessage: 0
X-MS-Exchange-Transport-CrossTenantHeadersStripped: DB5EUR03FT044.eop-EUR03.prod.protection.outlook.com
X-MS-Office365-Filtering-Correlation-Id-Prvs: 58bca215-f553-499b-cadb-08d8330a5d79
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: Z5BmgQ4PSX65rdsLt1jyQDtgR9rREUWR4MSUh1vOanZ8YN14zFq2xUQdpNs79B2tTfyL+s79XSASaeqBc6BAzhZVjJon85ODUBUqOlC7z4w1nmEcBK9KnY625WB9+YMdWC7VLOkHHWTQYEJZnhXruZeF7URwjjHqzda+Ig4/svMLtjNAHxDeTcK+KdQu8H8Wpjtd7o0qnF1c+aUvvb6SK+ef2fE2Fpq88HNd+nqG5HKCJGrSiW05us+7vuXkkL7yz6eBwHWJKAO8OPiGDt4tpAbg2wJPAgZSXvXul62uSnb4liYI85tgVs6cVUU8Rf7FUvLh1TiUIrQ3xe1cnMIysaOdSvjo7d3FtvKjvHY0OdudY4SLdgZfOpELhxPaoVN/noOqIs+o5a5exHiOc4iEwQ==
X-Forefront-Antispam-Report: CIP:63.35.35.123; CTRY:IE; LANG:en; SCL:1; SRV:; IPV:CAL; SFV:NSPM; H:64aa7808-outbound-1.mta.getcheckrecipient.com; PTR:ec2-63-35-35-123.eu-west-1.compute.amazonaws.com; CAT:NONE; SFTY:; SFS:(4636009)(376002)(346002)(39860400002)(136003)(396003)(46966005)(81166007)(356005)(45080400002)(186003)(26005)(82310400002)(83380400001)(86362001)(47076004)(36756003)(478600001)(6506007)(82740400003)(6916009)(33964004)(8676002)(70206006)(2616005)(8936002)(33656002)(336012)(5660300002)(70586007)(6486002)(6512007)(2906002)(316002); DIR:OUT; SFP:1101;
X-OriginatorOrg: arm.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 28 Jul 2020 15:24:55.8128 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 15bc81b7-2803-48ae-d48f-08d8330a61e7
X-MS-Exchange-CrossTenant-Id: f34e5979-57d9-4aaa-ad4d-b122a662184d
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=f34e5979-57d9-4aaa-ad4d-b122a662184d; Ip=[63.35.35.123]; Helo=[64aa7808-outbound-1.mta.getcheckrecipient.com]
X-MS-Exchange-CrossTenant-AuthSource: DB5EUR03FT044.eop-EUR03.prod.protection.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Anonymous
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM6PR08MB4535
Archived-At: <https://mailarchive.ietf.org/arch/msg/cbor/_fdCJ5dcYceL6gPcoTuDJZqEul8>
Subject: [Cbor] Review: draft-bormann-cbor-packed-00 & SUIT
X-BeenThere: cbor@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Concise Binary Object Representation \(CBOR\)" <cbor.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/cbor>, <mailto:cbor-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cbor/>
List-Post: <mailto:cbor@ietf.org>
List-Help: <mailto:cbor-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/cbor>, <mailto:cbor-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 28 Jul 2020 15:25:03 -0000

I think that packed CBOR is a feature that’s very much needed. In fact, there’s a similar feature in SUIT. I’d rather get rid of SUIT’s deduplication system and use packed CBOR instead, but the timing may not work out.

I’d like to reiterate some of things that were said in the discussion during the cbor meeting, and add some additional points.

The current encoding of #6.6([]) is not friendly to stream processing, nor to pull parsers. It is easier for this style of parser to have a dictionary first, followed by the rump. We could arrange to resolve this by replacing the rump in its entirety with a shared object reference, and encoding the actual rump as a shared object. This allows a pull parser to directly jump to the dictionary. If the “rump” is placed as the last shared object, a stream processor can use this abstraction to ensure that the rump is encountered only once the dictionary is received. So, this “concern” may be a no-op and may just require an implementation hint for addressing pull parsers.


SUIT has some peculiar requirements that might be relevant to the design of packed CBOR:

1. SUIT manifests would absolutely benefit from a mechanism to compress CBOR sequences. SUIT’s basic building block is arrays that are effectively multi-maps. Some of these multi-maps contain similar sequences of objects. It would be beneficial to be able to deduplicate the identical parts.

2. SUIT would benefit from nested packed CBOR items. SUIT features elements that can be detached from each other in much the same way as COSE supports detached payloads. A SUIT envelope contains a manifest and zero or more severable (detached) elements. It would be preferable for packing to work like this: any element or sequence that appears at least once in the manifest and two or more times in the union of manifest and severable elements, should be placed in the dictionary for the manifest. Any element or sequence that appears two or more times in a severable element, but not in the manifest, should be placed in the severable element’s dictionary.

I believe that a suit-specific cbor packer could achieve this mechanism if nested packed CBOR data items were supported. SUIT does not appear to require more than a

3. I suspect that SUIT would also benefit from domain-specific pre-shared dictionaries. I’d like to see some way of defining canonical dictionary merging: Are dictionaries concatenated? In which order are they concatenated? How should a domain-specific pre-shared dictionary be included in a signed context? By digest?


Best Regards,
Brendan
IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.

v2.23.0 | Report a Bug | By Email