IETF Logo Mail Archive

Re: [COSE] Roman Danyliw's Discuss on draft-ietf-cose-rfc8152bis-struct-10: (with DISCUSS and COMMENT)

Jim Schaad <ietf@augustcellars.com> Tue, 09 June 2020 04:17 UTC

Return-Path: <ietf@augustcellars.com>
X-Original-To: cose@ietfa.amsl.com
Delivered-To: cose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 101ED3A087B; Mon, 8 Jun 2020 21:17:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4BVQPZR5bR-T; Mon, 8 Jun 2020 21:17:19 -0700 (PDT)
Received: from mail2.augustcellars.com (augustcellars.com [50.45.239.150]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 31EE03A07CB; Mon, 8 Jun 2020 21:17:19 -0700 (PDT)
Received: from Jude (73.180.8.170) by mail2.augustcellars.com (192.168.0.56) with Microsoft SMTP Server (TLS) id 15.0.1395.4; Mon, 8 Jun 2020 21:17:13 -0700
From: Jim Schaad <ietf@augustcellars.com>
To: 'Roman Danyliw' <rdd@cert.org>, 'The IESG' <iesg@ietf.org>
CC: draft-ietf-cose-rfc8152bis-struct@ietf.org, cose-chairs@ietf.org, cose@ietf.org, 'Matthew Miller' <linuxwolf+ietf@outer-planes.net>
References: <159166848640.5501.9902316470501703521@ietfa.amsl.com>
In-Reply-To: <159166848640.5501.9902316470501703521@ietfa.amsl.com>
Date: Mon, 08 Jun 2020 21:17:13 -0700
Message-ID: <005d01d63e14$db544790$91fcd6b0$@augustcellars.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
X-Mailer: Microsoft Outlook 16.0
Thread-Index: AQDl0iZ7IQSe6C7mARwWxD+Yl5RxK6qwdYMg
Content-Language: en-us
X-Originating-IP: [73.180.8.170]
Archived-At: <https://mailarchive.ietf.org/arch/msg/cose/-ayHzFleBK5j_8St3PhdWDXintI>
Subject: Re: [COSE] Roman Danyliw's Discuss on draft-ietf-cose-rfc8152bis-struct-10: (with DISCUSS and COMMENT)
X-BeenThere: cose@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: CBOR Object Signing and Encryption <cose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/cose>, <mailto:cose-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cose/>
List-Post: <mailto:cose@ietf.org>
List-Help: <mailto:cose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/cose>, <mailto:cose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 09 Jun 2020 04:17:22 -0000


-----Original Message-----
From: Roman Danyliw via Datatracker <noreply@ietf.org> 
Sent: Monday, June 8, 2020 7:08 PM
To: The IESG <iesg@ietf.org>
Cc: draft-ietf-cose-rfc8152bis-struct@ietf.org; cose-chairs@ietf.org; cose@ietf.org; Matthew Miller <linuxwolf+ietf@outer-planes.net>; linuxwolf+ietf@outer-planes.net
Subject: Roman Danyliw's Discuss on draft-ietf-cose-rfc8152bis-struct-10: (with DISCUSS and COMMENT)

Roman Danyliw has entered the following ballot position for
draft-ietf-cose-rfc8152bis-struct-10: Discuss

When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.)


Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html
for more information about IESG DISCUSS and COMMENT positions.


The document, along with other ballot positions, can be found here:
https://datatracker.ietf.org/doc/draft-ietf-cose-rfc8152bis-struct/



----------------------------------------------------------------------
DISCUSS:
----------------------------------------------------------------------

Are the wrong data structures being referenced or did I misunderstand something?

** Section 5.  Per “Abbreviated counter signatures use the structure COSE_Countersign1”, this doesn’t seem consistent with the more detailed write-up in Section 5.2 which says that “The byte string representing the signature value is placed in the CounterSignature0 attribute”.  The document makes no other reference to COSE_Countersign1.
[JLS] I added a CDDL type of COSE_CounterSignature0 and refer to it now.

The shepherd write-up notes that ‘one item to note is the decision to keep the context string "COSE_Countersign1" for abbreviated countersignatures’. 
However, I found no such reference in Step 1 of Section 4.4 (page 22) which enumerated the possible strings.
[JLS] The write-up has it backwards.  The question was change '0' to '1' and the decision was made not to do so.

** What is the intended name of the structure for the Counter Signature -- is it COSE_Countersignature or COSE_Countersign?

-- Table 1, Section 2, Section 4.4 and Section 5.1 (to include the CDDL) reference COSE_Countersignature

but
-- Section 5. Per “Full counter signatures use the structure COSE_Countersign …”

-- Section 5.1.  Per “A tagged COSE_Countersign structure …”

[JLS] All is now made consistent to COSE_Countersignature and COSE_Countersignature0

----------------------------------------------------------------------
COMMENT:
----------------------------------------------------------------------

Thanks for making an easy to read and compare bis document.

** Section 4.4.  Per the the following item in the list, ‘"CounterSignature"
for signatures used as counter signature attributes.’, can this be more precisely stated as to reference the particular COSE_* data type?  The other items in this list are more precise in naming the corresponding structure/attributes.

[JLS] Both of the countersignature now refer to CDDL types and a new type is defined for COSE_Countersignature0 so that it can be referred to here and in the attribute table.  

Additionally, I update the IANA considerations to reflect the change in the type of the CounterSignature0 attribute.

v2.23.0 | Report a Bug | By Email