Re: [COSE] MAC with no recipient structures
"Jim Schaad" <ietf@augustcellars.com> Sat, 14 November 2015 19:56 UTC
Return-Path: <ietf@augustcellars.com>
X-Original-To: cose@ietfa.amsl.com
Delivered-To: cose@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D27501B2AC4 for <cose@ietfa.amsl.com>; Sat, 14 Nov 2015 11:56:51 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wYIIkzXFXfh1 for <cose@ietfa.amsl.com>; Sat, 14 Nov 2015 11:56:50 -0800 (PST)
Received: from smtp3.pacifier.net (smtp3.pacifier.net [64.255.237.177]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4BB0E1B2AC3 for <cose@ietf.org>; Sat, 14 Nov 2015 11:56:50 -0800 (PST)
Received: from hebrews (c-24-21-96-37.hsd1.or.comcast.net [24.21.96.37]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) (Authenticated sender: jimsch@nwlink.com) by smtp3.pacifier.net (Postfix) with ESMTPSA id 78FBE38F1C; Sat, 14 Nov 2015 11:56:49 -0800 (PST)
From: Jim Schaad <ietf@augustcellars.com>
To: 'Olaf Bergmann' <bergmann@tzi.org>
References: <04e901d119ad$3207bea0$96173be0$@augustcellars.com> <87egftszjh.fsf@aung.informatik.uni-bremen.de>
In-Reply-To: <87egftszjh.fsf@aung.informatik.uni-bremen.de>
Date: Sat, 14 Nov 2015 11:53:54 -0800
Message-ID: <018301d11f16$31d46640$957d32c0$@augustcellars.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
X-Mailer: Microsoft Outlook 15.0
Thread-Index: AQIfvpSiX18QdRwxvFtmOBjrli/sGAKQCQ7XneouXzA=
Content-Language: en-us
Archived-At: <http://mailarchive.ietf.org/arch/msg/cose/OC9KHKdBumjXGrDDQfs40Y4WwmU>
Cc: cose@ietf.org
Subject: Re: [COSE] MAC with no recipient structures
X-BeenThere: cose@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: CBOR Object Signing and Encryption <cose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/cose>, <mailto:cose-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cose/>
List-Post: <mailto:cose@ietf.org>
List-Help: <mailto:cose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/cose>, <mailto:cose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 14 Nov 2015 19:56:52 -0000
I just read through the section referenced and did not see any reason for C and CAM to have access to the content. I will try and read the entire document later today as that might describe the reasoning. However, you are saying that it is ok for incorrect content to be in this message as far as C and CAM are concerned? Jim > -----Original Message----- > From: Olaf Bergmann [mailto:bergmann@tzi.org] > Sent: Saturday, November 14, 2015 1:26 AM > To: Jim Schaad <ietf@augustcellars.com> > Cc: cose@ietf.org > Subject: Re: [COSE] MAC with no recipient structures > > "Jim Schaad" <ietf@augustcellars.com> writes: > > > People keep telling me that they want to have a version of MACs that > > do not have a set of recipient information attached so that they can > > do direct MACs. I keep asking for a use case where this makes sense. > > In all of the use cases that I have been presented so far, a better > > answer is going to be to do an AEAD encrypted item rather than a MACed > item. > > An example where this is useful is given in Section 3.7 of draft-bergmann-ace- > dcaf-cose [1]. Here, the recipient structure is empty because CAM and C must be > able to read the payload. Technically, you can make this work with an encrypted > AEAD item as well but then, the payload information entirely goes into the AAD > part because CAM and C must not know the secret that is being used for > generating the MAC tag (they just forward the data to S). > > Of course, this is a requirement only in the cross-domain authorization scenario > where C and S can be constrained and can have distinct owners. > Where this is not considered an issue, you can easily go with COSE_encryptData > and AEAD. > > [1] https://tools.ietf.org/html/draft-bergmann-ace-dcaf-cose-00#section-3.7 > > Grüße > Olaf
- [COSE] MAC with no recipient structures Jim Schaad
- Re: [COSE] MAC with no recipient structures Olaf Bergmann
- Re: [COSE] MAC with no recipient structures Jim Schaad
- Re: [COSE] MAC with no recipient structures Mike Jones
- Re: [COSE] MAC with no recipient structures Jim Schaad
- Re: [COSE] MAC with no recipient structures Mike Jones
- Re: [COSE] MAC with no recipient structures Olaf Bergmann
- Re: [COSE] MAC with no recipient structures Justin Richer
- Re: [COSE] MAC with no recipient structures Mike Jones
- Re: [COSE] MAC with no recipient structures Francesca Palombini
- Re: [COSE] MAC with no recipient structures Jim Schaad
- Re: [COSE] MAC with no recipient structures Justin Richer
- Re: [COSE] MAC with no recipient structures Jim Schaad
- Re: [COSE] MAC with no recipient structures Hannes Tschofenig
- Re: [COSE] MAC with no recipient structures Brian Campbell