Re: [core] OSCORE: Questions about Section 5.2

Christian Amsüss <> Thu, 11 October 2018 11:09 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id DF066130E4F for <>; Thu, 11 Oct 2018 04:09:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham autolearn_force=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 58omoEi-TUFo for <>; Thu, 11 Oct 2018 04:09:53 -0700 (PDT)
Received: from ( [IPv6:2a01:4f8:190:3064::3]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 6D3D6130DD5 for <>; Thu, 11 Oct 2018 04:09:52 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTPS id 1969A41AD8; Thu, 11 Oct 2018 13:09:50 +0200 (CEST)
Received: from (unknown [IPv6:2a02:b18:c13b:8010:a800:ff:fede:b1bf]) by (Postfix) with ESMTP id C14982A; Thu, 11 Oct 2018 13:09:47 +0200 (CEST)
Received: from ( [IPv6:2a02:b18:c13b:8010::71b]) by (Postfix) with ESMTPSA id A3B7A10E; Thu, 11 Oct 2018 13:09:46 +0200 (CEST)
Received: (nullmailer pid 3328 invoked by uid 1000); Thu, 11 Oct 2018 11:09:44 -0000
Date: Thu, 11 Oct 2018 13:09:44 +0200
From: Christian =?iso-8859-1?Q?Ams=FCss?= <>
To: Jaro Fietz <>
Message-ID: <>
References: <>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="SWTRyWv/ijrBap1m"
Content-Disposition: inline
In-Reply-To: <>
User-Agent: Mutt/1.10.1 (2018-07-13)
Archived-At: <>
Subject: Re: [core] OSCORE: Questions about Section 5.2
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Constrained RESTful Environments \(CoRE\) Working Group list" <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 11 Oct 2018 11:09:56 -0000

Hello Jaro,

I can answer just a small part of this:

On Thu, Oct 11, 2018 at 11:14:16AM +0200, Jaro Fietz wrote:
> Given [2] and my interpretation, the Sender ID of all relevant nodes
> in a network would have the same length, only different contents.

The expectation is that the shortest (zero-length) ID would be used in
cases wherever that's beneficial, eg. when a constrained device
primarily utilizes one context in which it is addressed as a server. For
the communication partner (which might be an unconstrained device in
such scenarios, and/or rarely addressed as a server), one would pick an
ID that's long enough to tell all that device's incoming messages apart.

> While the (size, id)-pairs (1, [1]) and (2, [0,1]) would
> technically be different sender IDs, I don't know if implementations would
> actually honour that behaviour

They certainly should. Left-trimming zeros off an ID will lead to
surprising results in every 256th situation.

> while aiocoap uses the zero-stripped length of its number
> representation [6].

You briefly had me worried I got it wrong myself -- but the
left-trimming that's happenign is on the sequence numbers, not on the
sender IDs. Sequence numbers need to be represented by the shortest big
endian (but non-zero-length) representation; representing them any
different would break the AAD agreement.

> I'm currently implementing parts of OSCORE in C for a minimal OSCORE server.

Slightly off topic: Would that happen to be a freely licensed
implementation? If so, I know of an embedded operating system project
that would love to hear about this.

Best regards

A beginning is the time for taking the most delicate care that the
balances are correct.
  -- Princess Irulan, Manual of Muad'Dib