IETF Logo Mail Archive

Re: [COSE] Conditional call for adoption: draft-mattsson-cose-cbor-cert-compress

John Mattsson <john.mattsson@ericsson.com> Thu, 11 March 2021 23:06 UTC

Return-Path: <john.mattsson@ericsson.com>
X-Original-To: cose@ietfa.amsl.com
Delivered-To: cose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5BA8A3A12C1; Thu, 11 Mar 2021 15:06:59 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.348
X-Spam-Level:
X-Spam-Status: No, score=-2.348 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.248, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YorcleX0fPIa; Thu, 11 Mar 2021 15:06:57 -0800 (PST)
Received: from EUR04-DB3-obe.outbound.protection.outlook.com (mail-eopbgr60052.outbound.protection.outlook.com [40.107.6.52]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 318F33A1313; Thu, 11 Mar 2021 15:06:50 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=k/1QDfQEaOE7gd7Pr4vE1pYVOrtyzriwfflduMkk42rgI9USpDrqEP7i8rnQpUhfRaBeJEmgOI1d+tfoEGRRRcWiOhNRKgmhoXzj/lzBo+60Icv/1NkS3jQ5k2aWY9Qy9x0/JBNjavXdRzH9NveabIHfOKtwBXRWIcITUb24RhuKf+ubcSTYD8wyp/msWJDUOk5SQfbHpjNGypGwEK2RwAFBB0QIuLNHbtVwUXHPkgrBZyeF0QEK3JwVvoCQ3SvqOgdiSNUXpadb7y3FT6RUWpWb9LA1nW/LRotceWlCock1zJWjq7uoF9eW25VP++bNPGsY/Xw6ikw46p3aeblR/Q==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=hmOdzRf1ka37at/n4pppug+y49GsnfbVZqTgQgUo0QM=; b=TO/bG5X/wA3EonY1sNlAy4IX1k2W0uKu4mpfGHPshMRxBVQt9y8DfznmAsTnSLZKXC9aURzRJzaIbC4BebIe3adir6wL8/t3BVpjQzYHqMpzJHwRcmur/zXKEfm3VQ5LbX2efX7mTX01jB8fCpKQpvnhUK+lhId9RihgOgmX0nMhbwVjovawFEVFTkJh90UwoqXiv0H4NR/CBEUsTIBEuB1bOaX8UnEE/hJrjP0Yh2vJMkqOLea/jla6azDTkwmJoDrMOC7wXm8lqOiHSPic9DbQNR5Htg7JoZMS5+vppeE4IFSfNsTabKWOncTnhi0V8TSG7MAKSwIC1uoIvOcizA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ericsson.com; dmarc=pass action=none header.from=ericsson.com; dkim=pass header.d=ericsson.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=hmOdzRf1ka37at/n4pppug+y49GsnfbVZqTgQgUo0QM=; b=tmCf0LpaF5h89v8H0987KgCBwN/HBSE/uB6O1R0pn+7OCT9uCl0l1dkIpl7xxtj3TSNFHnPUIqChsnycodVOZkdxe5wgkGNUGueRlRORR8t4oU+sJdSi5trfB1Lq6lLBiH501bQnZ4X8Yd0Wq4HUrefwtf7OUtNvMJDG8CvrRjc=
Received: from HE1PR0701MB3050.eurprd07.prod.outlook.com (2603:10a6:3:4b::8) by HE1PR07MB3081.eurprd07.prod.outlook.com (2603:10a6:7:32::27) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3933.14; Thu, 11 Mar 2021 23:06:34 +0000
Received: from HE1PR0701MB3050.eurprd07.prod.outlook.com ([fe80::69ab:83ff:dd6e:3536]) by HE1PR0701MB3050.eurprd07.prod.outlook.com ([fe80::69ab:83ff:dd6e:3536%4]) with mapi id 15.20.3933.031; Thu, 11 Mar 2021 23:06:34 +0000
From: John Mattsson <john.mattsson@ericsson.com>
To: Rene Struik <rstruik.ext@gmail.com>, Ivaylo Petrov <ivaylo@ackl.io>, cose <cose@ietf.org>
CC: Cose Chairs Wg <cose-chairs@ietf.org>
Thread-Topic: [COSE] Conditional call for adoption: draft-mattsson-cose-cbor-cert-compress
Thread-Index: AQHXD62mCLiCtYR46keQlAeZfgt2Y6p/c56AgAAUJgA=
Date: Thu, 11 Mar 2021 23:06:34 +0000
Message-ID: <FAB5CA00-A806-42CC-BC30-3D2BA38C7B06@ericsson.com>
References: <CAJFkdRwmFZy7PGgJNUpr6New9Op=9cpUg56mmmNFGzhn8pWmXQ@mail.gmail.com> <9f6240e1-d468-118e-a8d7-a52a4ce73fcf@gmail.com>
In-Reply-To: <9f6240e1-d468-118e-a8d7-a52a4ce73fcf@gmail.com>
Accept-Language: en-US
Content-Language: en-GB
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.46.21021202
authentication-results: gmail.com; dkim=none (message not signed) header.d=none;gmail.com; dmarc=none action=none header.from=ericsson.com;
x-originating-ip: [81.225.97.222]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: a78a885a-edc3-4d16-b573-08d8e4e2513d
x-ms-traffictypediagnostic: HE1PR07MB3081:
x-microsoft-antispam-prvs: <HE1PR07MB308152B7B4543E778FA1113789909@HE1PR07MB3081.eurprd07.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: LYY8SrQGOudRrZCZ1wdqwHXQtnvvchJa0PNlYVamAKfpu5VgoSQVYYMoZoQUktqyppqHTZRJTztT6b589mSor/TpDORk1oA2ZwatD5um90RIKpmWUhCLCq3U2D1FVm+QenuZN2QPt0i48fHwT+Oo1xmtj7/rq0qIEKH0TjOUxZXEeoJ79lBBZdwMC7Y9W+++Un14FjaBdvc8ZpuKEPHS/bP/PY9+r3sAMkq2rHqng5umadddoAKqmcWAkPBoEE9ghx93uNYZIjLWVbd293lwpQsCSsAUy6AHLR2Ggh7cp9J2SA2x0xNaUvwmouHIZrOYnm7Y1EsZNKdX9SAsynlN/95xvE7N0Zv1lBEEYc8u/6rg4NhSankTme/JU7BHH3sjPOkhA0lWY0CwLrecEc6CWnjexERYArUgTXLP9reuuN9vb4I2PSV332Ey3jpklg0QR1v2U77LgBGTDsroI9r5RojZi4mrsW5nuDjFgxh5l9pIAsx24YT/F30Ql/SheRDR4rHzWv6mPFbjUjQq81ZwCs6315haCVYtu1jEfDF8N+tBUFC6RjGPMYJlIEYTho3J803zaQzsAT+7wKuylCOaRTVS2sUFAMpX+YaEfQztXfoqTxAVLCr65pHVEIc4/MaQhbWCsIySOvXFNjP1EdMR7OBx9D1G5GB7iPl+t5eG79PZnyL2pRAr9YoFpoQ3KeGX
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:HE1PR0701MB3050.eurprd07.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(376002)(366004)(39860400002)(136003)(346002)(396003)(2906002)(26005)(8676002)(5660300002)(166002)(71200400001)(8936002)(86362001)(186003)(83380400001)(33656002)(66946007)(66556008)(66446008)(64756008)(4326008)(6506007)(36756003)(6512007)(76116006)(2616005)(66476007)(316002)(478600001)(6486002)(44832011)(966005)(53546011)(110136005)(45980500001); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata: qG81HEm1balzf9KgjKwpgMK/EAN5rLeDbvgef+L5/ov3ysla8s+uYSDnJdWNAKplvI+OLNIMa1xK8/6rZSk6Vj+Wf/sx/QIc7Fwenfuz6R/28Xu6KuQTRqOdvRvcRAZjITaKqcP/1MFJ3nni3pzNE459wzGMmvrafC0C0VRJiCK5HhP+jKVAMNBFTZo2MvtRLcM+ZPAaiQKs93nyTWE1M3UTkmEJ2PZ9PjsM8U8wrVuQ9bFCYecMvJaa940iLrzj3OJbcc356HgKljZQCQIxV3wg+gXGtXRNI/hTbJXKD8qFvWjyfM6AMmYu5lZl579X1c26W1vudHuxhGto030jgolCMGoL4KrDUWBBjspE4qFijmGVG7b1gdb4xrZDG32AwE8Fzca7jhaQeQTkglHgR5ZA0UPm7jr0Y/53/eZ0CTJhwi+HBiM9LNItm3LIT3wldKlL2L/riQsAPHCuJ4zQzpgQyD8ESTaViqC7aB1nBhRAzR3Umruj29Y0JL5+I/jN1u9FYjxqSVmwNYrJYEFLANH6fSXJmGS+/YCmtei/HA7qcLKrfMyyQ8phI3kgAyIfhFoXIu3RU0vsYhvS57592uWJsQl8N3RjKqFYbxprvr2FDfy5IfH4vJA/Yw7buO6xC+g80mdkhBem77c6hqWYfhaVpqkwPfMaV0DJPco7bzI0UjZ9AcBQ0GcFJPCuh4pdR7uroPE+Si87beYTXSt+JZNIBwxoGrP3pZl7InpKblBZQz7xNfsDmOM3g8VBqzxpdojRkTgHCEkLwNhCO/c/ufOgaaVHvIbpdx1kRYz/Rw5OODt6wIs3L+fBJBeccAfHfquOHuar0MvYe8xICJ+hHU2HjDP59pnPvIjJxfziYCRfS4eHTLnA7vbc2R5/PegKtQtJfz7Jo8DsFT1p7c7y5nUmiqi/6fFYBwUEH+SsVkkCAivQF3ClLdHx07H3CeeG0e8AXFeUJ8jGAQ4jLkelF28lgCG07dVU8itAvj94xzL3kHMLqP+CsQNsvl94R/Y89cStYqOccgTVcT1Apo6pFAl/UcDpoWow1SbSz28SIl1hVZUe6LfJ0NZ2yfHCXXOimkkLrZAmueMUZbGgIDYFpZKmXuAmj1hHdbniKW+BZ9M3tGjhD4cqVDrjTy7fiyT3LRDVcNYasn5rhyfNEI/N9rYJtNbMVTR8NTxn9m97C+cISBHjCQqHb/KC9seOBw1KLKWCY7OJ95xGqf2iS9hmoT594uhOHyljccY4IrTzx8HX47+AGWH8CAACaWQe/UHEL0DZxwZZYIGwdUu+oiFrgFYZnCShjjPjCM9Ffbk0yGybjTmhxpQUGb9GmJP8NfiAV3rasCVahVKpWIlClkU3wg==
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_FAB5CA00A80642CCBC303D2BA38C7B06ericssoncom_"
MIME-Version: 1.0
X-OriginatorOrg: ericsson.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: HE1PR0701MB3050.eurprd07.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: a78a885a-edc3-4d16-b573-08d8e4e2513d
X-MS-Exchange-CrossTenant-originalarrivaltime: 11 Mar 2021 23:06:34.8576 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: 0EczkzkFxLRgZhih8S+n52g3T/dig5U2DeoXsAbaWtuEye1byI6lgCeoOTTx1MzS37dYp7ufhCnLMWvH9VIlQ0T0X5r5rkDJ/3Y2SprsU2U=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: HE1PR07MB3081
Archived-At: <https://mailarchive.ietf.org/arch/msg/cose/21RI0hZj04asKs-MYH9bUsSMXBk>
Subject: Re: [COSE] Conditional call for adoption: draft-mattsson-cose-cbor-cert-compress
X-BeenThere: cose@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: CBOR Object Signing and Encryption <cose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/cose>, <mailto:cose-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cose/>
List-Post: <mailto:cose@ietf.org>
List-Help: <mailto:cose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/cose>, <mailto:cose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 11 Mar 2021 23:06:59 -0000

- secp256r1 is supported and included in Figure 9. Fig 4? Are you maybe reading some old version?



- C509 is CBOR encoding of X509. It follows X.509 and does should not really go into security aspects of the algs. Also note that the signature would be made by a CA, not an IoT device.

John

From: COSE <cose-bounces@ietf.org> on behalf of Rene Struik <rstruik.ext@gmail.com>
Date: Thursday, 11 March 2021 at 23:54
To: Ivaylo Petrov <ivaylo@ackl.io>, cose <cose@ietf.org>
Cc: Cose Chairs Wg <cose-chairs@ietf.org>
Subject: Re: [COSE] Conditional call for adoption: draft-mattsson-cose-cbor-cert-compress

Dear colleagues:

I think considering ways to represent certificates more efficiently may be useful, where this draft could be a possible starting point to work from.

I have not yet read the entire draft, but am wondering about some of the underlying philosophies, where, e.g.,
(a) in Fig. 4 (CBOR Cert Public Key Algorithms), NIST curve P-256 is not supported, whereas curves isomorphic to Curve25519 are, which seems to be inconsistent;
(b) in Fig. 3 (CBOR Cert Signature Algorithms), EdDSA is supported, whereas this deterministic scheme is known to be susceptible to single-fault attacks, which seems to be contrary to best current practice.

The above comments should not prevent using this draft as a starting point, though.

Best regards, Rene

On 2021-03-02 4:46 p.m., Ivaylo Petrov wrote:
Dear all,

This message starts the conditional call for adoption of the following draft :

* draft-mattsson-cose-cbor-cert-compress-08
  - https://datatracker.ietf.org/doc/html/draft-mattsson-cose-cbor-cert-compress-08

In previous meetings and email discussions, we have already discussed this draft on multiple occasions. It appears to us that there is significant support for the adoption of this document. If you have read the draft, please indicate whether you support its adoption as a working group item or not. As it appears that there is sufficient support for adopting it, we are especially interested in knowing if there are any objections.

Please note that the adoption of this work is dependent on the result of the COSE WG rechartering. If the new charter is accepted in a form that allows this work to be taken in COSE, the result of this adoption call will be taken into account.

We would like to remind you that adoption does not mean they are finished, only that they are an acceptable starting point.

This call will run slightly less than two weeks, ending on March 12. Please try to respond before that date.

Best regards,

- Matthew and Ivaylo
COSE Working Group Chairs



_______________________________________________

COSE mailing list

COSE@ietf.org<mailto:COSE@ietf.org>

https://www.ietf.org/mailman/listinfo/cose



--

email: rstruik.ext@gmail.com<mailto:rstruik.ext@gmail.com> | Skype: rstruik

cell: +1 (647) 867-5658 | US: +1 (415) 287-3867

v2.23.0 | Report a Bug | By Email