IETF Logo Mail Archive

Re: [COSE] Carrying certificate chains in COSE signed messages

Göran Selander <goran.selander@ericsson.com> Tue, 08 November 2016 15:08 UTC

Return-Path: <goran.selander@ericsson.com>
X-Original-To: cose@ietfa.amsl.com
Delivered-To: cose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B13421295AB for <cose@ietfa.amsl.com>; Tue, 8 Nov 2016 07:08:03 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.22
X-Spam-Level:
X-Spam-Status: No, score=-4.22 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FviNKv9kgRXB for <cose@ietfa.amsl.com>; Tue, 8 Nov 2016 07:08:01 -0800 (PST)
Received: from sesbmg23.ericsson.net (sesbmg23.ericsson.net [193.180.251.37]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4F3DA129441 for <cose@ietf.org>; Tue, 8 Nov 2016 07:08:00 -0800 (PST)
X-AuditID: c1b4fb25-bf4b398000005623-69-5821ea4e0bb1
Received: from ESESSHC009.ericsson.se (Unknown_Domain [153.88.183.45]) by (Symantec Mail Security) with SMTP id FB.79.22051.E4AE1285; Tue, 8 Nov 2016 16:07:58 +0100 (CET)
Received: from ESESSMB303.ericsson.se ([169.254.3.133]) by ESESSHC009.ericsson.se ([153.88.183.45]) with mapi id 14.03.0319.002; Tue, 8 Nov 2016 16:07:57 +0100
From: Göran Selander <goran.selander@ericsson.com>
To: Jim Schaad <ietf@augustcellars.com>, "'Lundblade, Laurence'" <llundbla@qti.qualcomm.com>, 'Samuel Erdtman' <samuel@erdtman.se>
Thread-Topic: [COSE] Carrying certificate chains in COSE signed messages
Thread-Index: AQHSNgoMAz08VncnwkqYjLhXMFKbJqDHoTWAgABBKoCAAP+89YAABooAgAAecFKAAAOhgIAAEJ4AgAYcY4A=
Date: Tue, 08 Nov 2016 15:07:57 +0000
Message-ID: <D447A2FD.6C411%goran.selander@ericsson.com>
References: <82DC355C-868C-4B6D-91E7-D10CF8046C93@qti.qualcomm.com> <09e901d2360f$08791cd0$196b5670$@augustcellars.com> <1478218124368.37864@qti.qualcomm.com> <sjmzilf8gst.fsf@securerf.ihtfp.org> <E31A3F4F-C647-4007-A78E-E3B80602B897@qti.qualcomm.com> <sjmk2cjw6br.fsf@securerf.ihtfp.org> <CAF2hCba-kmXp5RXQdf2D3Y+oAYk1XsvHETyoWCtB-LeL_PUJaw@mail.gmail.com> <0b3201d236cc$180959e0$481c0da0$@augustcellars.com>
In-Reply-To: <0b3201d236cc$180959e0$481c0da0$@augustcellars.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/14.6.9.160926
x-originating-ip: [153.88.183.18]
Content-Type: multipart/alternative; boundary="_000_D447A2FD6C411goranselanderericssoncom_"
MIME-Version: 1.0
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFjrIIsWRmVeSWpSXmKPExsUyM2K7rq7fK8UIg1U9ehbTtk5ltVg9/Tub xdKDx1gt/i89xeTA4rFxznQ2jxf/9jB6LFnyk8lj0dRnjAEsUVw2Kak5mWWpRfp2CVwZE/9d Zino/8NYsXPtV+YGxj1fGbsYOTkkBEwktsxazN7FyMUhJLCOUaL/7RewhJDAYkaJKZuFQWw2 AReJBw2PmECKRARaGCV+P3jBBJJgFlCWaNxwiQXEFhZwl3je9AqsWUTAQ2LKq11sEHaSxJOp 28BsFgEViT+nLoLZvAIWEucONLFCbF7KLPFydz/YIE4BB4k/J6eA2YwCYhLfT62BWiYucevJ fCaIswUkluw5zwxhi0q8fPwPaBAHh6iAnsSa+2EQYUWJj6/2MUK0xkpcf9gKtVdQ4uTMJywT GEVnIZk6C0nZLCRls4CmMgtoSqzfpQ9RoigxpfshO4StIdE6Zy47RIm1xPIuUWQlCxg5VjGK FqcWJ+WmGxnrpRZlJhcX5+fp5aWWbGIERuzBLb9VdzBefuN4iFGAg1GJh7fghWKEEGtiWXFl 7iFGCQ5mJRFenydAId6UxMqq1KL8+KLSnNTiQ4zSHCxK4rxmK++HCwmkJ5akZqemFqQWwWSZ ODilGhhN3dx3v99VOvHtDqWwvogtl1qZtwtpeP2tko7/oLVLeZ6A4lxTqbd/znPda42q+X9j 483vwaUCZkc1Dp1MU/5VEiPHsvC8CbtcldWUxZo34pYeW2JqOunOLWOtPyWL2cXPWmj0u9Wa Syuc+fDdcvftvfN+PFwhk/nd2NBgl8KPj01B3yftXVKoxFKckWioxVxUnAgAR26bU9QCAAA=
Archived-At: <https://mailarchive.ietf.org/arch/msg/cose/-E4z_Ck97l2YW8t-ppiC75TpWWk>
Cc: "cose@ietf.org" <cose@ietf.org>
Subject: Re: [COSE] Carrying certificate chains in COSE signed messages
X-BeenThere: cose@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: CBOR Object Signing and Encryption <cose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/cose>, <mailto:cose-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cose/>
List-Post: <mailto:cose@ietf.org>
List-Help: <mailto:cose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/cose>, <mailto:cose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 08 Nov 2016 15:08:03 -0000

From: COSE <cose-bounces@ietf.org<mailto:cose-bounces@ietf.org>> on behalf of Jim Schaad <ietf@augustcellars.com<mailto:ietf@augustcellars.com>>
Date: Friday 4 November 2016 at 19:48
To: "'Lundblade, Laurence'" <llundbla@qti.qualcomm.com<mailto:llundbla@qti.qualcomm.com>>
Cc: 'Samuel Erdtman' <samuel@erdtman.se<mailto:samuel@erdtman.se>>, "cose@ietf.org<mailto:cose@ietf.org>" <cose@ietf.org<mailto:cose@ietf.org>>
Subject: Re: [COSE] Carrying certificate chains in COSE signed messages

During the development of the COSE document, the creation of attributes to carry X.509 items was discussed.  Given the set of use cases that we had on our radar at the time it was decided that we did not need this at the time.  These were all cases where we were looking at constrained devices where the addition of the certificate to many messages was going to be a problem.  In this environment, if you were using X.509 then you would pre-distribute the certificates rather than carrying them in a message.

If we can identify a number of cases where we would be using X.509 certificates then I would be willing to create a document which would define the fields and how to use them.  It would appear that we might have one case, do people know of more?

This work could be very useful.

One use case is IoT device bootstrapping/on-boarding in a network using vendor issued public key certificates installed during manufacturing and used during deployment to authenticate certificate enrolment of operational certificates. There is recent work using IEEE 802.1AR which is based on X.509, but maybe other formats are more relevant.

In any case, defining certificate enrolment using COSE would make much more sense for constrained devices compared to the proposal to use CMS. The enrolment protocol can be authenticated using transport layer security or application layer security.



I don’t think we have a strong case for doing a new certificate format at this time, however if people think there is enough of a need then the next step would be for them to organize a BOF to see if they can attract enough attention.


Without excluding this case, it would be good to examine the feasibility of using the existing candidates in constrained devices before going forward with that.

Göran


Jim


From: Samuel Erdtman [mailto:samuel@erdtman.se]
Sent: Friday, November 04, 2016 10:49 AM
To: Derek Atkins <derek@ihtfp.com<mailto:derek@ihtfp.com>>
Cc: Lundblade, Laurence <llundbla@qti.qualcomm.com<mailto:llundbla@qti.qualcomm.com>>; Jim Schaad <ietf@augustcellars.com<mailto:ietf@augustcellars.com>>; cose@ietf.org<mailto:cose@ietf.org>
Subject: Re: [COSE] Carrying certificate chains in COSE signed messages

It might absolutely feel strange to have certificate chains in COSE since that would become the larger part of the message.
However I think Laurence has a point in the fact that It is more convenient to use CBOR then ASN1 even if you formally have the bandwidth and capacity to process ASN1.

Then there is the connection to existing trust infrastructure many organizations have well functioning PKIs setups and wants to use them.
Are you saying that we should only use COSE when building completely new systems with no interaction with existing infrastructure?
I think it would be good for adoption if we could support this use-case.
I could also imagine CAs adopting new certificate formats based on CBOR and COSE in the future and if that happens a transition would be much easier if they had the option to start using COSE today.
If this is a big no-no I guess JOSE would be the option.

//Samuel



On Fri, Nov 4, 2016 at 5:36 PM, Derek Atkins <derek@ihtfp.com<mailto:derek@ihtfp.com>> wrote:
Hi,

"Lundblade, Laurence" <llundbla@qti.qualcomm.com<mailto:llundbla@qti.qualcomm.com>> writes:

> 1) A CBOR/COSE implementation is much cleaner and nicer than a
> ASN.1/CMS implementation. It is less work to implement, easier to
> maintain, test and so on.

Yes...  This is part of my point.

>      Also it’s not just about the data size.
> Would guess that the code size difference between implementations of
> CBOR/COSE and ASN.1/CMS is larger than a cert.  Also you can add the
> X.509 cert to the protocol messages outside the constrained
> environment.

Sure, it's not just about data size, it's also about code size.  But if
you're using COSE then presumably size matters.

> Personally, I was hoping CBOR/COSE would replace ASN.1/CMS in the very
> long term. :-)

Why wait?

> 2) Same question as before. If not cert chains, then what?  Pretty
> sure the 3-party trust introduction with a well-known root cert is a
> fundamental model that COSE should support.

There is nothing wrong with cert chains per-se, but I would argue X.509
is the wrong solution for COSE.

> LL

-derek

>
>
> On Nov 4, 2016, at 7:23 AM, Derek Atkins <derek@ihtfp.com<mailto:derek@ihtfp.com>> wrote:
>
>> If your environment is so constrained that you want to use COSE, why
>> would you decide on X.509 as your certificate format??  Your cert chain
>> would likely be larger than your data payload!!
>>
>> -derek
>>
>> "Lundblade, Laurence" <llundbla@qti.qualcomm.com<mailto:llundbla@qti.qualcomm.com>> writes:
>>
>>> Yes, have a use case where I *think* I need to carry cert chains with
>>> a signed message.  I want to sign something in one place and I want
>>> someone far away to be able to verify it based on a trusted a root
>>> key.  Compatibility with extant and various cert management SW and
>>> services is also desirable.
>>>
>>> If not cert chains, then what?
>>>
>>> LL
>>>
>>>
>>> ________________________________________
>>> From: Jim Schaad <ietf@augustcellars.com<mailto:ietf@augustcellars.com>>
>>> Sent: Thursday, November 3, 2016 1:15 PM
>>> To: Lundblade, Laurence; cose@ietf.org<mailto:cose@ietf.org>
>>> Subject: RE: [COSE] Carrying certificate chains in COSE signed messages
>>>
>>> Do you have a use case where you are planning to use COSE and need to carry
>>> cert chains or is this just speculative?
>>>
>>> Jim
>>>
>>>
>>>> -----Original Message-----
>>>> From: COSE [mailto:cose-bounces@ietf.org<mailto:cose-bounces@ietf.org>] On Behalf Of Lundblade, Laurence
>>>> Sent: Thursday, November 03, 2016 12:40 PM
>>>> To: cose@ietf.org<mailto:cose@ietf.org>
>>>> Subject: [COSE] Carrying certificate chains in COSE signed messages
>>>>
>>>> For many use cases it is a requirement that a signed message carry leaf
>>> and
>>>> intermediate (X.509) certs that would be used to verify against a trusted
>>> root.
>>>>
>>>> It seems like the way to do this is with a COSE_Key, but there aren't any
>>>> examples or details.  Is this right?
>>>>
>>>> Thx
>>>>
>>>> LL
>>>>
--
       Derek Atkins                 617-623-3745<tel:617-623-3745>
       derek@ihtfp.com<mailto:derek@ihtfp.com>             www.ihtfp.com<http://www.ihtfp.com>
       Computer and Internet Security Consultant

_______________________________________________
COSE mailing list
COSE@ietf.org<mailto:COSE@ietf.org>
https://www.ietf.org/mailman/listinfo/cose

v2.23.0 | Report a Bug | By Email