IETF Logo Mail Archive

Re: [COSE] Structure of CBOR certificates

Carsten Bormann <cabo@tzi.org> Wed, 22 July 2020 11:12 UTC

Return-Path: <cabo@tzi.org>
X-Original-To: cose@ietfa.amsl.com
Delivered-To: cose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6858F3A07F9; Wed, 22 Jul 2020 04:12:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.919
X-Spam-Level:
X-Spam-Status: No, score=-1.919 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_MSPIKE_H4=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uI8J1dTqJAgG; Wed, 22 Jul 2020 04:12:54 -0700 (PDT)
Received: from gabriel-vm-2.zfn.uni-bremen.de (gabriel-vm-2.zfn.uni-bremen.de [134.102.50.17]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 987E33A07F5; Wed, 22 Jul 2020 04:12:54 -0700 (PDT)
Received: from [172.16.42.100] (p5089ae91.dip0.t-ipconnect.de [80.137.174.145]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by gabriel-vm-2.zfn.uni-bremen.de (Postfix) with ESMTPSA id 4BBXr43WfCzybP; Wed, 22 Jul 2020 13:12:52 +0200 (CEST)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.120.23.2.1\))
From: Carsten Bormann <cabo@tzi.org>
In-Reply-To: <CAHszGEKzcnCsNgZNpthAoJbK3JjSGYRDjsvN_2=QNqVP-F-hfg@mail.gmail.com>
Date: Wed, 22 Jul 2020 13:12:50 +0200
Cc: Michael Richardson <mcr+ietf@sandelman.ca>, draft-raza-ace-cbor-certificates@ietf.org, Ilari Liusvaara <ilariliusvaara@welho.com>, cose@ietf.org
X-Mao-Original-Outgoing-Id: 617109170.743904-0459fba31c76a4866bc1966e93b77891
Content-Transfer-Encoding: quoted-printable
Message-Id: <75486A7D-E06F-49F8-A851-6A051816EBA7@tzi.org>
References: <4fbee615-6d6f-700f-2439-237add7fbcf2@sit.fraunhofer.de> <CAHszGE+A=e9tdBZpa51wMasxm1AhA_xRbAUCmR55xXSJgtF7Lg@mail.gmail.com> <20200710125843.GA224527@LK-Perkele-VII> <CAHszGELkqDzL8n1FWOmLiTQh1jxS7EZKNZCqX89PEFoisHXPmg@mail.gmail.com> <702.1595377246@localhost> <CAHszGEKzcnCsNgZNpthAoJbK3JjSGYRDjsvN_2=QNqVP-F-hfg@mail.gmail.com>
To: Joel Höglund <joel.hoglund@gmail.com>
X-Mailer: Apple Mail (2.3608.120.23.2.1)
Archived-At: <https://mailarchive.ietf.org/arch/msg/cose/DDOMGiHOgay4MQLp3hZ8vUdy6V8>
Subject: Re: [COSE] Structure of CBOR certificates
X-BeenThere: cose@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: CBOR Object Signing and Encryption <cose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/cose>, <mailto:cose-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cose/>
List-Post: <mailto:cose@ietf.org>
List-Help: <mailto:cose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/cose>, <mailto:cose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 22 Jul 2020 11:12:58 -0000

Hi Joel,

> Michael, to quickly reply to your explicit question: the new draft was posted before the IETF 108 deadline on 2020-07-13, which is also before the expiry dates of the three different drafts that are now combined. (https://datatracker.ietf.org/doc/draft-mattsson-cose-cbor-cert-compress/ )

That draft says in https://datatracker.ietf.org/doc/draft-mattsson-cose-cbor-cert-compress/ that it Replaces		draft-raza-ace-cbor-certificates, draft-mattsson-tls-cbor-cert-compress

What is the third draft?

> Another observation is that while our starting point has been to encode rfc7925 compliant certificates, we hope to make the proposal more future proof by allowing new algorithms also deemed suitable for constrained environments. With that target, we think it is possible to exclude RSA on the list of supported algorithms.

Supported for what…

The chain may still have RSA certificates in it.

Grüße, Carsten

v2.23.0 | Report a Bug | By Email