IETF Logo Mail Archive

Re: [COSE] Last Call: <draft-ietf-cose-hash-algs-03.txt> (CBOR Object Signing and Encryption (COSE): Hash Algorithms) to Informational RFC

tom petch <daedulus@btconnect.com> Thu, 21 May 2020 09:30 UTC

Return-Path: <daedulus@btconnect.com>
X-Original-To: cose@ietfa.amsl.com
Delivered-To: cose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B9A043A0B5B; Thu, 21 May 2020 02:30:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, MSGID_FROM_MTA_HEADER=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=btconnect.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mf9tQcwBuYG4; Thu, 21 May 2020 02:30:39 -0700 (PDT)
Received: from EUR05-VI1-obe.outbound.protection.outlook.com (mail-vi1eur05on2091.outbound.protection.outlook.com [40.107.21.91]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CC78E3A0B5D; Thu, 21 May 2020 02:30:38 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=hATWzvVXn6c+hRvogmmcIp4I9ZAcCyWy01UxOxTwkrDSQYnrF1ZMJT8NIrdfiusxt9ki95437FFafv8iqkM8eAbPtIPsSPNWkGsy6bBtByaxuhb6sG7TKMvvgAOAhS9bpSDb3UqkNrSNi0KIwmbcYW5kOEbCYU4P8yCzmHGVh4KZQNS+SQPuWqLhV/Y73ah2ZWNJvPZ+XQBLPC8snKjKm844lI4+XNds0sEE8uC4cXTFGyP6cScW53KMjPbxnvR4/+Fry5gPe74mw+p4tVGeb007tIfauN+z56kGlghTT92L81hH8MvGBOLdqWXSdEJrmLqGLd5oMfqeOlqZyMnaAA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=BU1+l9kgFo4szWOxlK8Kt52FQp+ZFm8Ab2me2GW6T10=; b=HYgfBwX6Mqhk6q5C8KbBDnxDw3hLk+v7cDXkFCSOOwj3Xkx/TRfr69t6CXq/xwbw5YWlYVVnf+gPj2qQ8jHKgnt2mObh27F16i/na+PTX2Wcb6EtVYw2CJgEEv2gCB7wL7LNNS2QSw+GnVDbP98Lc1eLB20xuM8HAz3kZi90vvPLUw0DmnBkhJ3NmeQPhsYku3VK2ZN2ORKnvOBt1npnvt9f4jUISODSEsq2gVKWm5VChUe4ZYQkabGF/f8PocQW1VoDDUJqnP4sxp0k+6r06pviMQJl/8vtS1kKZBxoTqvrttBDNr+KufAbkFu/yU0Ha4Q2TSRpVMU2NbcZ8j/0nA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=btconnect.com; dmarc=pass action=none header.from=btconnect.com; dkim=pass header.d=btconnect.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=btconnect.onmicrosoft.com; s=selector2-btconnect-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=BU1+l9kgFo4szWOxlK8Kt52FQp+ZFm8Ab2me2GW6T10=; b=gQ6x+cyQUbpcMfCjCwr1Z5P5+2cWwSWWzTHADTBp9QbMMeOTUCmkVSiQi/KySbRjH7Do8jQ47FnpG453B/srxDD8tRyvFPY8FTquy9FYqflCRQMWS5oJBZnISFRNNrEgk0Vnh+gXXUbCK4YYFm52SaFy12pJoWkGqTJ+1oe/fMg=
Authentication-Results: augustcellars.com; dkim=none (message not signed) header.d=none;augustcellars.com; dmarc=none action=none header.from=btconnect.com;
Received: from VI1PR0701MB2480.eurprd07.prod.outlook.com (2603:10a6:800:63::16) by VI1PR0701MB2992.eurprd07.prod.outlook.com (2603:10a6:800:81::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3021.13; Thu, 21 May 2020 09:30:35 +0000
Received: from VI1PR0701MB2480.eurprd07.prod.outlook.com ([fe80::3474:b82e:e75a:b176]) by VI1PR0701MB2480.eurprd07.prod.outlook.com ([fe80::3474:b82e:e75a:b176%11]) with mapi id 15.20.3021.019; Thu, 21 May 2020 09:30:35 +0000
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
References: <5EC3A871.80903@btconnect.com> <018e01d62f0e$3e91d2c0$bbb57840$@augustcellars.com>
Date: Thu, 21 May 2020 10:30:18 +0100
Message-ID: <1UW9V85i5B.1X3e1rfkHhW@pc8xp>
In-Reply-To: <018e01d62f0e$3e91d2c0$bbb57840$@augustcellars.com>
From: tom petch <daedulus@btconnect.com>
To: Jim Schaad <ietf@augustcellars.com>, 'Last Call' <last-call@ietf.org>
Cc: "ivaylo@ackl.io" <ivaylo@ackl.io>, "cose-chairs@ietf.org" <cose-chairs@ietf.org>, "draft-ietf-cose-hash-algs@ietf.org" <draft-ietf-cose-hash-algs@ietf.org>, "cose@ietf.org" <cose@ietf.org>
User-Agent: OEClassic/3.0 (WinXP.2600; F; 2019-11-28)
X-ClientProxiedBy: LO2P265CA0383.GBRP265.PROD.OUTLOOK.COM (2603:10a6:600:a3::35) To VI1PR0701MB2480.eurprd07.prod.outlook.com (2603:10a6:800:63::16)
MIME-Version: 1.0
X-MS-Exchange-MessageSentRepresentingType: 1
Received: from pc8xp (81.131.229.108) by LO2P265CA0383.GBRP265.PROD.OUTLOOK.COM (2603:10a6:600:a3::35) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3021.24 via Frontend Transport; Thu, 21 May 2020 09:30:34 +0000
X-Originating-IP: [81.131.229.108]
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: 4c572c1b-588c-4b10-e06d-08d7fd699d57
X-MS-TrafficTypeDiagnostic: VI1PR0701MB2992:
X-Microsoft-Antispam-PRVS: <VI1PR0701MB2992A72CCD4E1B0DD58113A7C6B70@VI1PR0701MB2992.eurprd07.prod.outlook.com>
X-MS-Oob-TLC-OOBClassifiers: OLM:9508;
X-Forefront-PRVS: 041032FF37
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: Ey4rH6QS3nIVZ5EhL6pq9B2n5DlLUthMt7clkoaKwmlpCgbbjmNaAsoMBRG71869i27l7Fkry0ED4BMoXG3xMKMKpAQYvRq4PjyEORRd4fJFVnp8PyX+0uwKuvn3KX8/5ye1AA5tOYaC7Xf+jAIsmGdNZD1EC4I04sjxLKr49ZNl2l3amr/qhK3i3qWzC7pFmuFtwZW5+nsfK+EBpbNDrm1OIITbPyIZDh4eA4BlUz9RnBvEBFXheaW5tnOQNkQvuyvY/b39G/ChT64Vo7Yn7YmiY3wFT/Qpr2U/oagHk1dkt90Q4hCPHrPt69jCgOqML0Nui1+w1khERpoiXtFFy0QWc8kX40FnJ+9HTHCC51+9X33cRokxzwz116KJVdb9/DmcigghtOQHAIZV3Dn5IUm0vDLrPG57LG4pCzGmy8D4K6wxzdrSThYb6x0Ct2r+T8Yei3MU5zXzvZXnNgUhFA==
X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:VI1PR0701MB2480.eurprd07.prod.outlook.com; PTR:; CAT:NONE; SFTY:; SFS:(376002)(346002)(39860400002)(136003)(366004)(396003)(186003)(54906003)(110136005)(52230400001)(16526019)(55016002)(45080400002)(6666004)(9686003)(4326008)(8936002)(26005)(316002)(956004)(8676002)(86362001)(6496006)(2906002)(966005)(9576002)(66556008)(5660300002)(66946007)(66476007)(52116002)(478600001)(33716001)(49324003); DIR:OUT; SFP:1102;
X-MS-Exchange-AntiSpam-MessageData: xNQZBs06Ypbh7GPmG1BjYIsAdmqyL3nirNxXJIfZXxQ3ohH7j73T+q/oxizDYNdGnGQaaqW9ZLETfcxLa3Bmsta2uwqyxtpESmUyhaVLQWEP9zJAAAWyqgNgIw0Z7wCP4mV0CfbyZOJ8CUyi/Mt6F+kfAvKq6fD02oVYm7jigZ88tU2KILdvRGR8iG7g65NpgChQKeJSwpCDl02IOxtWy3Jau1PXd9BUskjAl1+d9OdwsRX0Hr9hRPSEVR3fESwN8Rd7QOZKO2rSdLJZ4gCxNCL3b+xbwC4TH2TWOKeYDgNtQ1HQ6cPLVkaCGojyjEs3PThiAfRqjsblbNaY5/Ik6Dr2QyxmMssTIcitvBo6ns6QYXbilK5ckkrj4YZOkw065qMr4h0Lc9kiKbNZzwGptauvW7BRV4wGil9uI8wLEhjNMdk1aHdC1lebT+9ByQgQ9yMAG/sdkMhDy2WYzo1Tk9FWMQjqZK1YXQDbRDOzgXE=
X-OriginatorOrg: btconnect.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 4c572c1b-588c-4b10-e06d-08d7fd699d57
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 21 May 2020 09:30:35.4587 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: cf8853ed-96e5-465b-9185-806bfe185e30
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: mNjDr3EIWxaaExc58NcdbrGm5X1FXKMM30/WVvv71AXR6P2CTonIVF/2hHWHB8WtH19nidSzOFBH6EJ9/wVGiA==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI1PR0701MB2992
Archived-At: <https://mailarchive.ietf.org/arch/msg/cose/79ZeS7ZO0Ids2nan3p1hUY2TUxQ>
Subject: Re: [COSE] Last Call: <draft-ietf-cose-hash-algs-03.txt> (CBOR Object Signing and Encryption (COSE): Hash Algorithms) to Informational RFC
X-BeenThere: cose@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: CBOR Object Signing and Encryption <cose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/cose>, <mailto:cose-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cose/>
List-Post: <mailto:cose@ietf.org>
List-Help: <mailto:cose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/cose>, <mailto:cose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 21 May 2020 09:30:42 -0000

Jim 
inline <tp> several times

----- Original Message -----
From: Jim Schaad ietf@augustcellars.com
Sent: 21/05/2020 02:21:39

-----Original Message-----
From: COSE <cose-bounces@ietf.org> On Behalf Of tom petch
Sent: Tuesday, May 19, 2020 2:36 AM

I encounter a number of problems with this I-D.  Much of it is about IANA
Considerations and I note the absence of a reference to RFC8126 which
provides the basis for much of my comments.

[JLS]  There is a reason why you are not seeing much of the IANA
Considerations that you believe should be present, it is because they are in
draft-ietf-cose-rfc8152bis-algs and draft-ietf-cose-rfc8152bis-struct.  Most
of them are in the algorithm document.  The presumption is that those two
documents are going to be processed by IANA before this document is.  I will
make this explicit.

<tp>
Yes, if there had been a Normative Reference to rfc8152bis-algs  then I would have read that first and my comments would have been different!  If the updates to the IANA Registry are all in -algs, then I think it confusing to have them in here as well, rather just say that a new column is defined in -algs

I do not see any mention of 'filter only' in the two rfc8152bis, only in this I-D and that makes me see this I-D as updating RFC8152 with the consequences thereof.



RFC8126 specifies a two-tier structure for IANA, of Group name an Registry
name, which makes it easier to find data, now and in future.
This I-D makes no mention of the Group name; perhaps easy enough to guess in
this instance, but better specified.

The I-D contains references to some of TBD1 to TBD11, with no indication of
what to do with them.  Looking at the current registry it is apparent that
Early Allocation took place in 2018 and 2019.  The I-D makes no reference to
this.  Are all these values to be made permanent?  Some of them? I expect
the I-D to say.
[JLS] use the TBD placeholders is normal usage with the values being
assigned by IANA and replaced in the document.  It would be possible to
refer to the early assignments, but I personally feel that this is a
decision for IANA to make.  There may be reasons when the final assignment
is done that different values need to be used.  (For example, incorrect
usage of existing values in the wild or collisions found during the
assignment process.)  I have always made the assumption that the instruction
for the RFC Editor to replace them is implicit and does not need to be
explicit.  I can make that change although I doubt it makes any difference.

<tp>  I disagree with you here.  Yes, the final allocation is for IANA to make but you should ask for what you want to guide them.  Early Allocation can mean implemented in ASICs and deployed in hundreds of thousands of boxes in which case the cost of change is substantial compared to say a change of one constant in one line in Linux.  You know, IANA do not; tell them!


The I-D adds the value 'filter only' to one of the columns.  The registry
was set up by RFC8152 which lists permitted values of which this is not one.
This then constitutes an update to RFC8152 which the I-D does not mention.
[JLS] I would disagree that this requires an update of RFC 8152 for two
reasons.  First this is not a change in the COSE protocol in any manner and
thus would violate what I consider to be the letter of the law for updates.
Second, when this change is made RFC 8152 will have been obsoleted by a new
RFC and thus it does not really make sense to update it.  This is an IANA
instruction not a protocol change.

<tp> I agree that the protocol does not change but the rules set out by RFC8152 for the IANA Registry do change and that IMHO is an update to RFC8152, one that rfc8152bis-algs does not include, 


The registry has five columns; this I-D adds a new one, Capabilities,
another update to RFC8152.  What then happens to this column for existing
entries in the registry?  The I-D is silent.
[JLS] This is done by a different document.
<tp> yes,  I can see that now

RFC8152 is Standards Track; this I-D which IMHO updates it is Informational.
[JLS] Given that it is updating the IANA sections and not the protocol I
would not consider that to be an issue.
<tp> I do :-)

The IANA registry entry gives a reference of 'RFC8152'; this I-D, which
changes the specification of the registry, needs adding to that reference.
[JLS] This make sense and I will do it.

RFC8126 recommends that IANA Considerations be for IANA, that IANA does not
have to search the rest of the document for the data it needs.
Here, the relevant data appears in three other sections as well (and there
is much in the I-D that is not relevant to IANA, it is not one of those I-D
that is only about IANA).
[JLS]  I do not consider that pointing to a table in the document to fall
under the rubric of making IANA search for data.  It is a direct pointer to
the information that is required.  Having the same table appear multiple
times in a document is a recipe for making mistakes in terms of what the
data is.  There is already the problem of trying to harmonize text and the
table with out adding another version of the table.

Abstract should be plain text -
     [I-D.ietf-cose-rfc8152bis-struct]
does not look like plain text.
[JLS] This is not plain text and will be repaired by the RFC editor.  Using
the reference structure makes it clearer that this is something that the RFC
editor is going to be required to update.  This is not something I do for
documents which are already RFCs.
<tp> An alternative that I see other Authors use is to specify RFC YYYY with an RFC Editor note to replace YYYY when the I-D referenced becomes an RFC - just a thought.

Tom Petch

I have great faith in the a

---
New Outlook Express and Windows Live Mail replacement - get it here:
https://www.oeclassic.com/

bility of IANA to make sense of what they are
asked to do but do think that the more straightforward that is the better.
And then there are those that come after, who want the RFC to say what
happened and why without digging into the e-mail archives (as I see
happening now and again:-)
[JLS] The other problem that you have not highlighted is the question of
when a bis document is created should the IANA instructions be propagated
forward into the new document despite the fact that IANA is not going to do
anything.  That is what is going to happen with some of these registries.
It makes life even harder if duplicate or extraneous items are included.

Jim


Tom Petch

> ----- Original Message -----
> From: "IETF-Announce on behalf of The IESG"
> <ietf-announce-bounces@ietf.orgiesg-secretary@ietf.org>
> To: <IETF-Announce>
> Cc: <draft-ietf-cose-hash-algs@ietf.org>; <cose-chairs@ietf.org>; 
> <cose@ietf.org>; <ivaylo@ackl.io>
> Sent: Tuesday, May 12, 2020 4:26 PM
>
>> The IESG has received a request from the CBOR Object Signing and
> Encryption
>> WG (cose) to consider the following document: - 'CBOR Object Signing
> and
>> Encryption (COSE): Hash Algorithms'
>>    <draft-ietf-cose-hash-algs-03.txt> as Informational RFC
>>
>> The IESG plans to make a decision in the next few weeks, and solicits
> final
>> comments on this action. Please send substantive comments to the 
>> last-call@ietf.org mailing lists by 2020-05-26. Exceptionally,
> comments may
>> be sent to iesg@ietf.org instead. In either case, please retain the
> beginning
>> of the Subject line to allow automated sorting.
>>
>> Abstract
>>
>>
>>     The CBOR Object Signing and Encryption (COSE) syntax
>>     [I-D.ietf-cose-rfc8152bis-struct] does not define any direct
> methods
>>     for using hash algorithms.  There are however circumstances where
>>     hash algorithms are used: Indirect signatures where the hash of one
>>     or more contents are signed.  X.509 certificate or other object
>>     identification by the use of a fingerprint.  This document 
>> defines
> a
>>     set of hash algorithms that are identified by COSE Algorithm
>>     Identifiers.
>>
>>
>> The file can be obtained via
>> https://datatracker.ietf.org/doc/draft-ietf-cose-hash-algs/
>>
>>
>>
>> No IPR declarations have been submitted directly on this I-D.
>>
>>
>>
>>
>>
>> _______________________________________________
>> IETF-Announce mailing list
>> IETF-Announce@ietf.org
>> https://www.ietf.org/mailman/listinfo/ietf-announce
>> =

_______________________________________________
COSE mailing list
COSE@ietf.org
https://www.ietf.org/mailman/listinfo/cose

v2.23.0 | Report a Bug | By Email