Re: [COSE] Last Call: <draft-ietf-cose-hash-algs-03.txt> (CBOR Object Signing and Encryption (COSE): Hash Algorithms) to Informational RFC
tom petch <daedulus@btconnect.com> Tue, 19 May 2020 09:35 UTC
Return-Path: <daedulus@btconnect.com>
X-Original-To: cose@ietfa.amsl.com
Delivered-To: cose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A75273A09C8; Tue, 19 May 2020 02:35:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0
X-Spam-Level:
X-Spam-Status: No, score=0 tagged_above=-999 required=5 tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, MSGID_FROM_MTA_HEADER=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=btconnect.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ngfVlhBXhxLu; Tue, 19 May 2020 02:35:52 -0700 (PDT)
Received: from EUR04-HE1-obe.outbound.protection.outlook.com (mail-eopbgr70118.outbound.protection.outlook.com [40.107.7.118]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 779993A09C4; Tue, 19 May 2020 02:35:51 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=F2zDjEv2+l6FuahiFhureFsDPImrTJ3IygWS+nlx32vJr20YMiKtVqguoh8OSerwtsefYx2c+7p6SI3/qFPo00PsA95vKJifkTIr5ESz9rdDw9mUAi7GiCu89CqxMsA9Hu6XN41uBIHm+dHdwJ0bkgtumkqBN8a+HyXCjUmMC7ssTV8b2gIt0HILgBKO4HeCkw4Sny6xCcpf/Ce+90aNV952iqB/RaXJI25HdE1d9fbYqXbX2K1BbVSzvvs8TK9Sx7EJqXjPzA8BmwIcSMcdJkhA+ZJGKcNCaPjJ8xJ7+DVdfYL5f0Q/vZCUrTNJIZMh9zhYUrlYnnQ5SjrihQnYnw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=+0sZRRH6w9ia+9aE6QoNH5NFnGceAILcMFQgk628o6c=; b=imNU/3Hsf9R/R5ZwLHQ7i2OGZaxoHXoeahnsNLTZ7qJ9LsR4jOPGT4fOPfWMuhcs3190qN1hLG8fLv/TVx+9sz2RD5s/WtrS8SQdNCu7l13fb2I/vSgEeFolU+X29SH5RyIhxjhbio70nao81qVgTbrYnROamxVtMjZ3wrptsOZKo7Ny2VYzRcaaWyC2bfm+QzUNOG4q15q1h1cd36sX7JKW9g+MkzuJaEM5ykZ9t4kYOKdLO5mJnu06BEbdQJpySt8ZRgxvIK8qnnh65H2tnkfbBNE6UerpCkZheA7W4OKSAlo6DRQvrVmZ1QiidlyhNJjMmngZN+bkNIxs6gLGDA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=btconnect.com; dmarc=pass action=none header.from=btconnect.com; dkim=pass header.d=btconnect.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=btconnect.onmicrosoft.com; s=selector2-btconnect-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=+0sZRRH6w9ia+9aE6QoNH5NFnGceAILcMFQgk628o6c=; b=XaTIV1RFaaQe7r7RZjoDTsgqzlirpS4NcWQUdOX+J1TDFliuYzMSycOGT0i350EDXAiv4WxkB128yCZDxrPNjls/uRELMZFG7pV8IokPygm9xYcDbZS7ZwLXypPBiaWJ8iGxLza5Dc6D0zcGmK3TnJyO7lyre0/u3akTdSCEgsg=
Authentication-Results: ackl.io; dkim=none (message not signed) header.d=none;ackl.io; dmarc=none action=none header.from=btconnect.com;
Received: from VI1PR0701MB2480.eurprd07.prod.outlook.com (2603:10a6:800:63::16) by VI1PR0701MB2192.eurprd07.prod.outlook.com (2603:10a6:800:31::23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3021.11; Tue, 19 May 2020 09:35:48 +0000
Received: from VI1PR0701MB2480.eurprd07.prod.outlook.com ([fe80::3474:b82e:e75a:b176]) by VI1PR0701MB2480.eurprd07.prod.outlook.com ([fe80::3474:b82e:e75a:b176%11]) with mapi id 15.20.3021.019; Tue, 19 May 2020 09:35:48 +0000
To: Last Call <last-call@ietf.org>
Cc: draft-ietf-cose-hash-algs@ietf.org, cose-chairs@ietf.org, cose@ietf.org, ivaylo@ackl.io
From: tom petch <daedulus@btconnect.com>
Message-ID: <5EC3A871.80903@btconnect.com>
Date: Tue, 19 May 2020 10:35:45 +0100
User-Agent: Mozilla/5.0 (Windows NT 5.1; rv:38.0) Gecko/20100101 Thunderbird/38.5.0
Content-Type: text/plain; charset="windows-1252"; format="flowed"
Content-Transfer-Encoding: 7bit
X-ClientProxiedBy: LO2P265CA0257.GBRP265.PROD.OUTLOOK.COM (2603:10a6:600:8a::29) To VI1PR0701MB2480.eurprd07.prod.outlook.com (2603:10a6:800:63::16)
MIME-Version: 1.0
X-MS-Exchange-MessageSentRepresentingType: 1
Received: from [192.168.1.65] (81.131.229.108) by LO2P265CA0257.GBRP265.PROD.OUTLOOK.COM (2603:10a6:600:8a::29) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.3000.25 via Frontend Transport; Tue, 19 May 2020 09:35:47 +0000
X-Originating-IP: [81.131.229.108]
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: 7acc53a5-b2d1-4d6b-182a-08d7fbd8032f
X-MS-TrafficTypeDiagnostic: VI1PR0701MB2192:
X-Microsoft-Antispam-PRVS: <VI1PR0701MB219238E642CABAE2B92A713DC6B90@VI1PR0701MB2192.eurprd07.prod.outlook.com>
X-MS-Oob-TLC-OOBClassifiers: OLM:10000;
X-Forefront-PRVS: 040866B734
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: 9gvj5Qycjz6Y8Mn6ubFPBDfbhUxou4Q51bkaRSc8UOYlb+ek4T+6ncZQ/0JWzKWzK8xjX1ayv3mdYT+kNgWO07v6qoXNN2uUybeU+xm4GvoXvuuD9dBnAnJLEp9+Gj4beuVeWp4fPbGjDWYmkYNdjr0NYJhXwegqBlgCiQe8qTcCyMlyB4AEXen69bsgu2I5+eibrng1A1bb0J2pTE+j2RnaDRHXITzT3nOAoXUVIYTIixtcaVL/QyfOTS//cLjFxh3bL1hUccU9TqhpqD/2LAYdRG3LP4XT+YykukUTQ5e63CIvbAJqiRE6IaxnvDaDVPQVnvSePYVJC/k0dD5eeSn+lPzwJ26ggrfWIi/djOJYw1qM6ktvEmEoifd4a6Uc5od7qFuTviYmrzXo6xppDG5YlK4RCeHgf9dZkzUh+yk7eSQA0sQG8KUW2UEyKBSCLKCX9nsoVDHa/dzR0cZI0wLBm8ix/CKudx3Ylh+XfL4=
X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:VI1PR0701MB2480.eurprd07.prod.outlook.com; PTR:; CAT:NONE; SFTY:; SFS:(366004)(39860400002)(136003)(396003)(376002)(346002)(8676002)(52116002)(16576012)(33656002)(8936002)(86362001)(478600001)(5660300002)(6486002)(6916009)(16526019)(186003)(2906002)(26005)(316002)(36756003)(4326008)(956004)(2616005)(966005)(66476007)(66946007)(66556008)(49324003)(43740500002); DIR:OUT; SFP:1102;
X-MS-Exchange-AntiSpam-MessageData: E9p/gv/bUWchXtOz5tQ3SoWJ49TVSyYkyAZK65dBqt4b2sAiIJL+jrIfRCbMRPTBkhOv8BxH8zYtRTLUXtXeH/Y3wMSinPDUrww4gIe6qhdIbFNqINcT4/x2MsAIW+x8Kqk7EbT/K9aKWQtHv7LkRNFzZkI9QQhmG9+AOUEkYDrwgwf8oYfdZHqOvvtOFr5wSggRJaLDp1ZiwHHEWSptxt7t+am8BLDpUd4dM7PM0NClJVe+LVcrwfuA1mOS8yNzUT7BFLttcSLlEGMcMpT4mFS0wT6cXVA0iaB9iywbeL6Hsl6KelKr1l+tAwz53ygOjrzQSc8IknlxkV2zGPs/rJSAn+UwP94eZL+Fm4joH4ffGIf2q6LqnEv/E1KoCeSqdQGucbPLFHB1CTpIR5Y/LlN7bVRWhFSQ9yL95ShexnJveGl/Ke+CWn6DMUBNJ3n2o3sHmMODCYg5sv8ahZwkPW1OQxVEYyQFg96Fpucc8vc=
X-OriginatorOrg: btconnect.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 7acc53a5-b2d1-4d6b-182a-08d7fbd8032f
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 19 May 2020 09:35:48.5978 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: cf8853ed-96e5-465b-9185-806bfe185e30
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: vhRrTo3snbW5ehvKU0kJatCrkhU4OkyYCXLJOETgoSNirLMD/8K/essdJ2wY2MzLTC/uJeunj8nMwgLsgCRORw==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI1PR0701MB2192
Archived-At: <https://mailarchive.ietf.org/arch/msg/cose/FuMt4IgjaZKG6ZhqpjKjfVt4CX0>
Subject: Re: [COSE] Last Call: <draft-ietf-cose-hash-algs-03.txt> (CBOR Object Signing and Encryption (COSE): Hash Algorithms) to Informational RFC
X-BeenThere: cose@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: CBOR Object Signing and Encryption <cose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/cose>, <mailto:cose-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cose/>
List-Post: <mailto:cose@ietf.org>
List-Help: <mailto:cose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/cose>, <mailto:cose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 19 May 2020 09:35:56 -0000
I encounter a number of problems with this I-D. Much of it is about IANA Considerations and I note the absence of a reference to RFC8126 which provides the basis for much of my comments. RFC8126 specifies a two-tier structure for IANA, of Group name an Registry name, which makes it easier to find data, now and in future. This I-D makes no mention of the Group name; perhaps easy enough to guess in this instance, but better specified. The I-D contains references to some of TBD1 to TBD11, with no indication of what to do with them. Looking at the current registry it is apparent that Early Allocation took place in 2018 and 2019. The I-D makes no reference to this. Are all these values to be made permanent? Some of them? I expect the I-D to say. The I-D adds the value 'filter only' to one of the columns. The registry was set up by RFC8152 which lists permitted values of which this is not one. This then constitutes an update to RFC8152 which the I-D does not mention. The registry has five columns; this I-D adds a new one, Capabilities, another update to RFC8152. What then happens to this column for existing entries in the registry? The I-D is silent. RFC8152 is Standards Track; this I-D which IMHO updates it is Informational. The IANA registry entry gives a reference of 'RFC8152'; this I-D, which changes the specification of the registry, needs adding to that reference. RFC8126 recommends that IANA Considerations be for IANA, that IANA does not have to search the rest of the document for the data it needs. Here, the relevant data appears in three other sections as well (and there is much in the I-D that is not relevant to IANA, it is not one of those I-D that is only about IANA). Abstract should be plain text - [I-D.ietf-cose-rfc8152bis-struct] does not look like plain text. I have great faith in the ability of IANA to make sense of what they are asked to do but do think that the more straightforward that is the better. And then there are those that come after, who want the RFC to say what happened and why without digging into the e-mail archives (as I see happening now and again:-) Tom Petch > ----- Original Message ----- > From: "IETF-Announce on behalf of The IESG" > <ietf-announce-bounces@ietf.orgiesg-secretary@ietf.org> > To: <IETF-Announce> > Cc: <draft-ietf-cose-hash-algs@ietf.org>; <cose-chairs@ietf.org>; > <cose@ietf.org>; <ivaylo@ackl.io> > Sent: Tuesday, May 12, 2020 4:26 PM > >> The IESG has received a request from the CBOR Object Signing and > Encryption >> WG (cose) to consider the following document: - 'CBOR Object Signing > and >> Encryption (COSE): Hash Algorithms' >> <draft-ietf-cose-hash-algs-03.txt> as Informational RFC >> >> The IESG plans to make a decision in the next few weeks, and solicits > final >> comments on this action. Please send substantive comments to the >> last-call@ietf.org mailing lists by 2020-05-26. Exceptionally, > comments may >> be sent to iesg@ietf.org instead. In either case, please retain the > beginning >> of the Subject line to allow automated sorting. >> >> Abstract >> >> >> The CBOR Object Signing and Encryption (COSE) syntax >> [I-D.ietf-cose-rfc8152bis-struct] does not define any direct > methods >> for using hash algorithms. There are however circumstances where >> hash algorithms are used: Indirect signatures where the hash of one >> or more contents are signed. X.509 certificate or other object >> identification by the use of a fingerprint. This document defines > a >> set of hash algorithms that are identified by COSE Algorithm >> Identifiers. >> >> >> The file can be obtained via >> https://datatracker.ietf.org/doc/draft-ietf-cose-hash-algs/ >> >> >> >> No IPR declarations have been submitted directly on this I-D. >> >> >> >> >> >> _______________________________________________ >> IETF-Announce mailing list >> IETF-Announce@ietf.org >> https://www.ietf.org/mailman/listinfo/ietf-announce >> =
- [COSE] Last Call: <draft-ietf-cose-hash-algs-03.t… The IESG
- Re: [COSE] Last Call: <draft-ietf-cose-hash-algs-… tom petch
- Re: [COSE] Last Call: <draft-ietf-cose-hash-algs-… Jim Schaad
- Re: [COSE] Last Call: <draft-ietf-cose-hash-algs-… tom petch
- Re: [COSE] [Last-Call] Last Call: <draft-ietf-cos… Benjamin Kaduk