IETF Logo Mail Archive

Re: [COSE] [Rats] RAM requirements for COSE/CWT

Anders Rundgren <anders.rundgren.net@gmail.com> Tue, 22 February 2022 05:59 UTC

Return-Path: <anders.rundgren.net@gmail.com>
X-Original-To: cose@ietfa.amsl.com
Delivered-To: cose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E64E73A0E0D; Mon, 21 Feb 2022 21:59:07 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.813
X-Spam-Level:
X-Spam-Status: No, score=-7.813 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, NICE_REPLY_A=-0.714, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EvwFpuV127Im; Mon, 21 Feb 2022 21:59:05 -0800 (PST)
Received: from mail-wr1-x42f.google.com (mail-wr1-x42f.google.com [IPv6:2a00:1450:4864:20::42f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5B3853A0E04; Mon, 21 Feb 2022 21:59:05 -0800 (PST)
Received: by mail-wr1-x42f.google.com with SMTP id d27so30924163wrb.5; Mon, 21 Feb 2022 21:59:05 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=message-id:date:mime-version:user-agent:subject:content-language:to :cc:references:from:in-reply-to:content-transfer-encoding; bh=7fWoARUqfw3WzMHQTP7ByHWoeXgJ1q84qFrDhs/HnFk=; b=gj+YVzuQaFlIB51xYeD+T12AhPZqcgV4VsTbD1rc7RD3OZG+wHwjLucIXCD8J80ITN bEHDpMvnwuBPLJxK7vuoLZefhjPPU8ImPpn15MmenfjfIsocSggTEJIX12U3M57SrxRj /1w9uJ+qnWAluDMm/cUNN35SDOUxstc+Z1PRAlzC0o5QENuvUoBR+Zgn4WrKvx3k+hHc 69SK2setqlWuj20Nb4WxtpptYxQPiORbTCuL5SmG7T9J3QNQVsbzCbyxNn+JREpnERWw Amovd+SQjyyh4gYxsog6QcwDmJLTWKvAJEjkhPbMgYBuK3iQsS4nf3dQUDvhUg14f6AJ 0lMA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:message-id:date:mime-version:user-agent:subject :content-language:to:cc:references:from:in-reply-to :content-transfer-encoding; bh=7fWoARUqfw3WzMHQTP7ByHWoeXgJ1q84qFrDhs/HnFk=; b=z59CfVHQK8pgR+uT0HGvtKEBI/UICw6ibT66D5xKRP0PvyeeqW5ZXBz+jZsxVgVf7T ybPrrUN3lDi17yS34RcU4JZchLlvZiq7B49Z2jfWRZnkEgNhDvmDDB9DcGwG/xs7w+dr FiFgwDKGNzyiZWWU4bP3l+cGZtzbMXv36AF7M/Cnv4o4GIDcnt+5bOygMEMtPjmRcUFd X/Ql35yPGpL9slsA8fV7Lbs6Y2bgxAQEcFgz+Dy0DFhPLFkqIdBWhTmbdvNA42KMKymx 8SeRWLm62503uuIuP2MaBtCtGfos23E06tezTKxzDHMg77TAaWrnY78c7vlGgN16hT7p MKGw==
X-Gm-Message-State: AOAM5310sH5AaH76oTfb2WjyfTw9CUPYUS2WNBlG3ZPfq6RaExXkLLyo ng+hnqqPop3peQs3ZkXx610=
X-Google-Smtp-Source: ABdhPJyRGVLj6Aremkz7rtMhPvvxbjOt1hcXteZs7F8oKNfvJHtcbR2qs/Yt8eVN+JpMTanYLag6ag==
X-Received: by 2002:a05:6000:3c6:b0:1e4:a380:bb53 with SMTP id b6-20020a05600003c600b001e4a380bb53mr18164731wrg.559.1645509543065; Mon, 21 Feb 2022 21:59:03 -0800 (PST)
Received: from [192.168.1.67] (25.131.146.77.rev.sfr.net. [77.146.131.25]) by smtp.googlemail.com with ESMTPSA id l28sm55679687wrz.90.2022.02.21.21.59.01 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Mon, 21 Feb 2022 21:59:02 -0800 (PST)
Message-ID: <2c8be442-9899-d117-155c-f6f2096b7055@gmail.com>
Date: Tue, 22 Feb 2022 06:59:01 +0100
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Thunderbird/91.6.1
Content-Language: en-US
To: Carsten Bormann <cabo@tzi.org>
Cc: Hannes Tschofenig <Hannes.Tschofenig@arm.com>, "rats@ietf.org" <rats@ietf.org>, "cose@ietf.org" <cose@ietf.org>
References: <e8995f0c-ad85-f702-da6b-051ffdc4cb08@gmail.com> <DBBPR08MB5915B874FD16107A7B0105AAFA3A9@DBBPR08MB5915.eurprd08.prod.outlook.com> <1a16c80d-40cd-baba-b1ce-2033dd0db294@gmail.com> <D22D0D63-F76C-48B3-A034-F8B5B2BB6005@tzi.org>
From: Anders Rundgren <anders.rundgren.net@gmail.com>
In-Reply-To: <D22D0D63-F76C-48B3-A034-F8B5B2BB6005@tzi.org>
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/cose/AlMdpnyLMaz21GHIdpie-d1b-qs>
Subject: Re: [COSE] [Rats] RAM requirements for COSE/CWT
X-BeenThere: cose@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: CBOR Object Signing and Encryption <cose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/cose>, <mailto:cose-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cose/>
List-Post: <mailto:cose@ietf.org>
List-Help: <mailto:cose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/cose>, <mailto:cose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 22 Feb 2022 05:59:08 -0000

On 2022-02-21 17:31, Carsten Bormann wrote:
> On 2022-02-21, at 17:15, Anders Rundgren <anders.rundgren.net@gmail.com> wrote:
>>
>> I couldn't find any valid reason for using JSON
> 
> We seem to have found an area where we agree :-)

In this context, right :)
However, due to the myriad of CBOR serialization options, CWTs suffer from interoperability issues (*) making JWTs a better choice for *ubiquitous* usage :(

By *mandating* preferred serialization ("I-CBOR") you can achieve the same interoperability as with JWTs, as well as getting away from the need to bury data-to-be-signed in byte-strings.

Such solutions can also conserve buffer RAM in the case RAM is a scarce resource.  Yes, depending on the application your mileage may vary.

Cheers,
Anders

*) Looking at things from a *specification* point of view only.

> 
> Grüße, Carsten
>

v2.8.7 | Report a Bug | By Email