IETF Logo Mail Archive

Re: [COSE] [jose] Call for Adoption: draft-jones-jose-fully-specified-algorithms

Orie Steele <orie@transmute.industries> Mon, 08 January 2024 15:07 UTC

Return-Path: <orie@transmute.industries>
X-Original-To: cose@ietfa.amsl.com
Delivered-To: cose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 17222C15108E for <cose@ietfa.amsl.com>; Mon, 8 Jan 2024 07:07:18 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.086
X-Spam-Level:
X-Spam-Status: No, score=-2.086 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_KAM_HTML_FONT_INVALID=0.01, T_REMOTE_IMAGE=0.01, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=transmute.industries
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id u60c_j-CJf42 for <cose@ietfa.amsl.com>; Mon, 8 Jan 2024 07:07:13 -0800 (PST)
Received: from mail-pj1-x1035.google.com (mail-pj1-x1035.google.com [IPv6:2607:f8b0:4864:20::1035]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D293EC15108D for <cose@ietf.org>; Mon, 8 Jan 2024 07:07:13 -0800 (PST)
Received: by mail-pj1-x1035.google.com with SMTP id 98e67ed59e1d1-28cec7ae594so1689384a91.3 for <cose@ietf.org>; Mon, 08 Jan 2024 07:07:13 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=transmute.industries; s=google; t=1704726433; x=1705331233; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=DQ1wsnd5+6bc9i+naSisKsmEyK38ndrNIZdc2Z0z8/o=; b=ZhMdxAPf1RdB8Ijw3G188w8w84o9lOsjA8m5pSL4qyqwpM08/OT3S8VwxVyGwTr3n2 XB6BnST5ELVt1kTZ7CQUr4HlFlBQA77IcNAz8r2Na/PFvyJAOOfbehuke++9KDAK2iQW ESC1iD8VzWwHjHYR12RAxHFDh49NvhgtSDXXowmnoIsud8lXfpxnNgumDNjEkoiJLgZz bYET+o+S19QH8oBiuWKUXW/EvFPjsgx9T4HJgkBs9SVnZB9mhic2iz3wUG4SzgNXx+5d p1zKrVG9KTbnsuBYVDD+5IUNlHNEE5A77ngDczItMEnFTBxSwBC5iMAyxnCLTEDeeqCl B5WA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1704726433; x=1705331233; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=DQ1wsnd5+6bc9i+naSisKsmEyK38ndrNIZdc2Z0z8/o=; b=SgUfjV+L0JWilt+GqxMBlzxGMH3OU/dVQoB1zxY05C/9IfrRFAbONAbwB3fNhv/gz7 OSkij7NnnPdRC/hY97+nmL1abaWBnaf1VQnCE04z+94FEVs/17J7vUh8TIHkKcSFFzXK ebiGnqYPK2LL/6w0oWsJc4BCmQQtqPx21zwczR62moKBQma0Tjrvt8z/mcZkhz6Ekd0y QasdJj/7/I5/J8R/tcer7ogblHB8P3sjL2rCzsUhNXVz0o04APGdhtLq1dVJf4LJ9hs5 cNhmMR8+VlFkaA+fpHb0SAbOECh8vkVa17+l7St1c/+KJchwBDEDiHegDWDQrXupdLNN eUlQ==
X-Gm-Message-State: AOJu0YzLl8otBHiQdZu84K3GDwYskmsrO1p/RhsPHl3ZAQSKWlUTOFbE QIJnGhv5M+HOHt5qZmjzM+Wn21e1iNl/2XBBwn0EOpg9O0dO4Q==
X-Google-Smtp-Source: AGHT+IHII4ToJLHYS1mNIZlY9zULINWCV11esCEyXMPUjrjSaqNDVPBorfxKhvpkaPJADYT96j6MDZB/9YYDltlqRGw=
X-Received: by 2002:a17:90a:e147:b0:28c:28b5:a86c with SMTP id ez7-20020a17090ae14700b0028c28b5a86cmr1544861pjb.2.1704726432871; Mon, 08 Jan 2024 07:07:12 -0800 (PST)
MIME-Version: 1.0
References: <CAN8C-_+jskd04A+owwf=P7xKwDDdmB2qOf37o+teDfx8TVzZHQ@mail.gmail.com> <EF57B98F-FE41-488B-B85E-7F9585790B93@gmail.com> <CAMBN2CRJ5o6AMgPY+pxtOD3a=SG2dG3-AJZ7oz7xo1i-otd3wg@mail.gmail.com>
In-Reply-To: <CAMBN2CRJ5o6AMgPY+pxtOD3a=SG2dG3-AJZ7oz7xo1i-otd3wg@mail.gmail.com>
From: Orie Steele <orie@transmute.industries>
Date: Mon, 08 Jan 2024 09:07:02 -0600
Message-ID: <CAN8C-_LMd6Toy8PdQRHy=9Ae8s+ipC-_-8jxsbBg6vzkANT=cw@mail.gmail.com>
To: Manu Sporny <msporny@digitalbazaar.com>
Cc: Neil Madden <neil.e.madden@gmail.com>, Karen ODonoghue <kodonog@pobox.com>, jose@ietf.org, cose <cose@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000007887ff060e708d5f"
Archived-At: <https://mailarchive.ietf.org/arch/msg/cose/EtYp5C81ABJnEYYjCu2xJ8kPcnA>
Subject: Re: [COSE] [jose] Call for Adoption: draft-jones-jose-fully-specified-algorithms
X-BeenThere: cose@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: CBOR Object Signing and Encryption <cose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/cose>, <mailto:cose-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cose/>
List-Post: <mailto:cose@ietf.org>
List-Help: <mailto:cose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/cose>, <mailto:cose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 08 Jan 2024 15:07:18 -0000

Another comment since Manu pointed out that this could complicate the
ecosystem further, the suites defined in Verifiable Credential Data
Integrity 1.0, have the same issue:

https://www.w3.org/TR/vc-data-integrity/#cryptographic-suites

IIRC:

"cryptosuite": "eddsa-2022", is actually Ed25519EdDSA

"cryptosuite": "eddsa-2025", could be Ed448EdDSA

"cryptosuite": "eddsa-2022", is actually ECDSA with secp256r1

"cryptosuite": "eddsa-2025", could be ECDSA with secp384r1

As I understand it, data integrity cryptosuites are fully specified, and
even beyond cryptographic dependencies, there is application pre-processing
that is fully specified for example:

 "cryptosuite": "jcs-eddsa-2022", uses JCS, whereas the other suites use
RDF Data Set Canonicalization.

Of course none of these suites rely on JOSE or COSE algorithm definitions,
but since they are new work, and seem to be attempting to provide easy to
understand names for fully specified algorithms, perhaps they should also
take Neil's advice and omit these algorithm identifiers all together and
simple rely on the key type to restrict the algorithm used... His blog post
appears to be just as relevant to data integrity as it is to "alg" being
mandatory in JOSE headers:
https://neilmadden.blog/2018/09/30/key-driven-cryptographic-agility/

Manu, if the draft in question did not make any new registrations, but did
provide guidance that reduced debate on naming and captured IETF consensus
on how to name suites (as you appear to be doing for data integrity suites
in W3C), would that be worth adopting?

OS

On Mon, Jan 8, 2024 at 8:33 AM Manu Sporny <msporny@digitalbazaar.com>
wrote:

> On Mon, Jan 8, 2024 at 4:19 AM Neil Madden <neil.e.madden@gmail.com>
> wrote:
> > It’s pretty clear that we’re just talking past each other now. I’ve made
> the points I wanted to make. I don’t think you have addressed any of them,
> so I still don’t support adoption of this draft.
>
> I found Neil's concerns compelling.
>
> For better or worse, JOSE uses "polymorphic" algorithm identifiers and
> that's the way things have worked for a long time. The Working Group
> was warned that this was not a good idea at the time, but rough
> consensus landed in the "polymorphic" camp and that's what the
> ecosystem does today.
>
> Adding more options to support both "polymorphic" and "fully
> specified" approaches creates additional complexity that will lead to
> interoperability failures. Don't complicate the ecosystem more than it
> already is.
>
> I do not support the adoption of this draft for the reasons Neil
> mentioned as well as the reasons stated above.
>
> -- manu
>
> --
> Manu Sporny - https://www.linkedin.com/in/manusporny/
> Founder/CEO - Digital Bazaar, Inc.
> https://www.digitalbazaar.com/
>


-- 


ORIE STEELE
Chief Technology Officer
www.transmute.industries

<https://transmute.industries>

v2.23.0 | Report a Bug | By Email