IETF Logo Mail Archive

Re: [COSE] New Version Notification for draft-schaad-cose-x509-00.txt

Samuel Erdtman <samuel@erdtman.se> Wed, 07 December 2016 06:01 UTC

Return-Path: <samuel@erdtman.se>
X-Original-To: cose@ietfa.amsl.com
Delivered-To: cose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EDC4F129677 for <cose@ietfa.amsl.com>; Tue, 6 Dec 2016 22:01:49 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=erdtman-se.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jRXjxi_QBuFV for <cose@ietfa.amsl.com>; Tue, 6 Dec 2016 22:01:47 -0800 (PST)
Received: from mail-wj0-x236.google.com (mail-wj0-x236.google.com [IPv6:2a00:1450:400c:c01::236]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0520C129676 for <cose@ietf.org>; Tue, 6 Dec 2016 22:01:46 -0800 (PST)
Received: by mail-wj0-x236.google.com with SMTP id tk12so54012319wjb.3 for <cose@ietf.org>; Tue, 06 Dec 2016 22:01:46 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=erdtman-se.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=CRtjZpb0dSPgAzpUfQWFjVeMHa6KVzdBF3c7rgZQnU8=; b=eO6xiE5qS6GdW+PNUJQlWPQFXSENJ3RnIAMZVtW3DyqqexU8GZoGL1zvCiZ4iipUu/ 43mmuyAoeaF89dOhh/I0Zc1GBy+QZIK6mUCkTU/5BUVvVemEOnzm6b+B8pYvaRKBiBNM MwZglVE06spVMvXI0pRCXdPYRkqpzOJZ7wta4YlWAacFyaCp78jHqv5fDd5A/QouaaO1 23sjeibRsAO2Rwj99aIcqvIqjabsx3dbVxW2WYZmq8NhX01MBECronXiZ0dXu/PJkmEi OTpFYEjc1ah9S+WGmXSmdTk389oFmlXXGqGdgJ6OVG9IOHXAF8Ev9hvyrHrKUl1Zf5uZ l7wQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=CRtjZpb0dSPgAzpUfQWFjVeMHa6KVzdBF3c7rgZQnU8=; b=LEv5p0vEN9BbOFOeSdx1KMdIP54Xc5OVQvMBaeauYxSvisgZYrCwsnYhKBFkfkx3Pj bpnMpo5M0laCwU47LqnPRFtCwRyOdZ6Kduo76Mryd892QdvICvgG0NaAYBkFYhjNXwB6 F+AG4ciVFBGZ9Qx8uzus/DyYx4oKPvTtUWsEi0qLwk8Gn+gOPR7RuGqJHh1LaqHA8AZY HI6DtupDJgUFED6DhjPhypoJWfg7cVbCVGZGca8M5bdWTxqfUTxR80x2ZZvGvNxmF6sU aNKB1oJLaKTvfoogisxWXG+UHko17B1g7ZmDF/TyFqD/oaakubOrLDzBbIqA7Kt41Bao WABw==
X-Gm-Message-State: AKaTC00qTrDucc1KQDH5/gfNJOhT315XIVecJLg9DHYLwhpMbHUngUPlV/qIp8v+UaZQ8IAB+HKziOvgMXTrlQ==
X-Received: by 10.25.193.196 with SMTP id r187mr21513548lff.21.1481090505210; Tue, 06 Dec 2016 22:01:45 -0800 (PST)
MIME-Version: 1.0
Received: by 10.25.219.12 with HTTP; Tue, 6 Dec 2016 22:01:44 -0800 (PST)
In-Reply-To: <06e701d24f77$8d438280$a7ca8780$@augustcellars.com>
References: <147987163959.30322.14158962529156430503.idtracker@ietfa.amsl.com> <004901d24546$8e76bfe0$ab643fa0$@augustcellars.com> <CAF2hCbZK4+mSHTqvZQnzFD+7F8PDkP0q3JNFYp=dOMRkE+Vh=w@mail.gmail.com> <9CE238FE-6AF0-458D-A1C7-B790870323D3@qti.qualcomm.com> <06e701d24f77$8d438280$a7ca8780$@augustcellars.com>
From: Samuel Erdtman <samuel@erdtman.se>
Date: Wed, 07 Dec 2016 07:01:44 +0100
Message-ID: <CAF2hCbbdp=mW5yfKvWoF-Tm53-CdVPQe7Xx-+TPpJwjsiMzofQ@mail.gmail.com>
To: Jim Schaad <ietf@augustcellars.com>
Content-Type: multipart/alternative; boundary="94eb2c1a1d56719b7e05430b41c6"
Archived-At: <https://mailarchive.ietf.org/arch/msg/cose/JzQRZ-1yVP43YujCdjIgPaInd30>
Cc: "Lundblade, Laurence" <llundbla@qti.qualcomm.com>, cose <cose@ietf.org>
Subject: Re: [COSE] New Version Notification for draft-schaad-cose-x509-00.txt
X-BeenThere: cose@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: CBOR Object Signing and Encryption <cose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/cose>, <mailto:cose-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cose/>
List-Post: <mailto:cose@ietf.org>
List-Help: <mailto:cose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/cose>, <mailto:cose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 07 Dec 2016 06:01:50 -0000

Hi Jim,

I think we should name the parameters differently x5t, x5c and x5u are used
in JOSE with slightly different semantic. This would be similar to the
"content type" in the COSE specification where cty is not used.
Since the names are not included in the encoded message it might make sense
to name them:
* x509 Certificate Thumbprint
* x509 Certificate Chain
* x509 Certificate URL

//Samuel

On Tue, Dec 6, 2016 at 5:16 AM, Jim Schaad <ietf@augustcellars.com> wrote:

> Thanks for input, it is something that nobody else has actually given yet.
>
>
>
> I could easily get behind the idea of moving to two different headers, one
> for ordered and one for a bag.  I don’t think that there would be a huge
> problem with assigning the multiple code points.
>
>
>
> I don’t know how common/uncommon it is for fields to allow multiple
> types.  I do know that the COSE spec does it in a couple of places,
> although most of them can be ignored at this point in time.  Personally, I
> don’t find the code to support that feature to be very difficult and argued
> that as part of the JOSE effort when the same topic was discussed.
>
>
>
> While it does not explicitly say that in COSE, my assumption was always
> that ‘kid’ only identified COSE based keys.  I think that is probably an
> invalid assumption.  I would however expect that if an explicit key is
> given in the form a certificate then a kid would not need to be present.
> An application however could state that a kid could be the spki value from
> a certificate so that it could be used to find certificates if desired.
> I’ll make a comment to myself on that.
>
>
>
> More comments from everybody about what is good and bad are wanted.
>
>
>
> Jim
>
>
>
>
>
> *From:* Lundblade, Laurence [mailto:llundbla@qti.qualcomm.com]
> *Sent:* Monday, December 05, 2016 6:21 PM
> *To:* Samuel Erdtman <samuel@erdtman.se>
> *Cc:* Jim Schaad <ietf@augustcellars.com>; cose <cose@ietf.org>
> *Subject:* Re: [COSE] New Version Notification for
> draft-schaad-cose-x509-00.txt
>
>
>
> Sorry for the delayed response and thanks for the draft.
>
>
>
> The order definitive chain option for x5c looks pretty good. How does the
> kid parameter come into play? Is x5c in lieu of kid?  Seems like it would
> be.
>
>
>
> Is it usual to have the data type / semantics vary for some CBOR like x5c?
> Haven’t run into any CBOR like that before.  Would it be better to have an
> x5cb (b for bag) and an x5co (o for ordered).
>
>
>
> Thanks!
>
>
>
> LL
>
>
>
>
>
>
>
>
>
>
>
> On Nov 23, 2016, at 10:43 PM, Samuel Erdtman <samuel@erdtman.se> wrote:
>
>
>
> Looks like a good start to me.
>
> Laurence what do you think?
>
> //Samuel
>
>
>
> On Wed, Nov 23, 2016 at 6:00 AM, Jim Schaad <ietf@augustcellars.com>
> wrote:
>
> This is a rough draft of what a set of X.509 headers could look like.
> There is lots of things that are incomplete or missing, but I said I would
> write up a fast version for people to look at so here it is.
>
> If you are interested, please comment on the headers.  The pointer to the
> github repository is in the document.
>
> Jim
>
>
> > -----Original Message-----
> > From: internet-drafts@ietf.org [mailto:internet-drafts@ietf.org]
> > Sent: Tuesday, November 22, 2016 7:27 PM
> > To: Jim Schaad <ietf@augustcellars.com>
> > Subject: New Version Notification for draft-schaad-cose-x509-00.txt
> >
> >
> > A new version of I-D, draft-schaad-cose-x509-00.txt has been successfully
> > submitted by Jim Schaad and posted to the IETF repository.
> >
> > Name:         draft-schaad-cose-x509
> > Revision:     00
> > Title:                CBOR Encoded Message Syntax (COSE): Headers for
> carrying
> > and referencing X.509 certificates
> > Document date:        2016-11-22
> > Group:                Individual Submission
> > Pages:                6
> > URL:            https://www.ietf.org/internet-
> drafts/draft-schaad-cose-x509-00.txt
> > Status:         https://datatracker.ietf.org/doc/draft-schaad-cose-x509/
> > Htmlized:       https://tools.ietf.org/html/draft-schaad-cose-x509-00
> >
> >
> > Abstract:
> >    This document defines the headers and usage for referring to and
> >    transporting X.509 certificates in the CBOR Encoded Message (COSE)
> >    Syntax.
> >
> > Contributing to this document
> >
> >    The source for this draft is being maintained in GitHub.  Suggested
> >    changes should be submitted as pull requests at <https://github.com/
> >    cose-wg/X509>.  Instructions are on that page as well.  Editorial
> >    changes can be managed in GitHub, but any substantial issues need to
> >    be discussed on the COSE mailing list.
> >
> >
> >
> >
> > Please note that it may take a couple of minutes from the time of
> submission
> > until the htmlized version and diff are available at tools.ietf.org.
> >
> > The IETF Secretariat
>
>
> _______________________________________________
> COSE mailing list
> COSE@ietf.org
> https://www.ietf.org/mailman/listinfo/cose
>
>
>
>
>
> _______________________________________________
> COSE mailing list
> COSE@ietf.org
> https://www.ietf.org/mailman/listinfo/cose
>
>

v2.23.0 | Report a Bug | By Email