IETF Logo Mail Archive

Re: [COSE] tstr values for kty, alg, crv, etc.

AJITOMI Daisuke <ajitomi@gmail.com> Fri, 06 August 2021 03:29 UTC

Return-Path: <ajitomi@gmail.com>
X-Original-To: cose@ietfa.amsl.com
Delivered-To: cose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2331A3A1A46 for <cose@ietfa.amsl.com>; Thu, 5 Aug 2021 20:29:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RPrOrG7It8vp for <cose@ietfa.amsl.com>; Thu, 5 Aug 2021 20:29:36 -0700 (PDT)
Received: from mail-il1-x12d.google.com (mail-il1-x12d.google.com [IPv6:2607:f8b0:4864:20::12d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0F1D13A1A44 for <cose@ietf.org>; Thu, 5 Aug 2021 20:29:36 -0700 (PDT)
Received: by mail-il1-x12d.google.com with SMTP id x7so7372659ilh.10 for <cose@ietf.org>; Thu, 05 Aug 2021 20:29:35 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=8UGcKq/SS3f0d76fBI9ZE6zqbhveUZpmvbDWtbqjcOU=; b=ajmMQquAQ7ubLEjIU+hIB+EAG6DEIA3Ha/Obfzq6kh4Z4iXefgTC/UlG+wpn8N9Wn1 k1TTdVPqzHQltwwPbCqRS54wwr48EQ9ELJ/9SwzCCteGjPazYwoNhw0BFUuZ3LZwnhTC FPJ3JuFcenKe225mdB4Y5VaSXsMa+58VmkOANhLeIKkHdGDktjaBIuoC408/o9oWpd9x GHi1OSuyFCNzZwPD6v3vHObKvB8cCxDXIyh9tPYjVustZc/pQIxPe3WMSBddPG8/9ar7 vihmc31E85syjhCLWsjIlWWZanfKHtx2MXKwmsihJ6YySFbcIR799cKUaCuP4UXxTKMa qfcw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=8UGcKq/SS3f0d76fBI9ZE6zqbhveUZpmvbDWtbqjcOU=; b=rkDqvE8HV/rCHLub4EcCk+dwjQcfSFdYEsiQ1p9mjPMdYj1k5UHqTNvnQ2HzvSrx8V EBVO7vaNaMYiGbQjtLSbAPoOZrE0BH+mM1GOLxCMqBaJv+eDDrHefhJwGVXhRm64eMpU PYIzgkGF5ADTz7sb9dBFQzasAu0SdGFO/39FdZeAQGJK74UpDUaawn2AJaDHbBbxHml+ MT5/YR09qCdbgVd/8+BUPq99yrai3K686pSmjGYTpycVCyQ7bvdbj1SfRqFj6J1XLdYx cZ11FGyArNqiGODZS/7sWvsjc3IiZQU5BbQJ8Q83j+nIzbUxnlGBOvOHvSgYIvt5PJ8g l/mA==
X-Gm-Message-State: AOAM530y2op/R4vlFxq5rC069oPqMwES9Bt00GFlSs1ouxsl6X6+DWCF Tv+0gxm8HV/TmEnPxwHF2KQCnMac2iZE4IMz6g==
X-Google-Smtp-Source: ABdhPJyubqdoosaxwPB7ma51C0+TUhTcadn0s37RdOCNq1QSgO5sy33zEbQudGD8UXBQ4ECF1kY0iKOcb3xgG5C3FqY=
X-Received: by 2002:a92:ca48:: with SMTP id q8mr270830ilo.113.1628220573377; Thu, 05 Aug 2021 20:29:33 -0700 (PDT)
MIME-Version: 1.0
References: <CAFWvErVLfud5ffyzKdBJmzm7Wj+=osfZ0u7tKVpniicZDYqjxg@mail.gmail.com> <815DB7E9-555A-4A7D-B3DE-CC807DE3A222@tzi.org> <41E79CBD-04D1-4C0F-BEE3-4F63780D514E@island-resort.com>
In-Reply-To: <41E79CBD-04D1-4C0F-BEE3-4F63780D514E@island-resort.com>
From: AJITOMI Daisuke <ajitomi@gmail.com>
Date: Fri, 06 Aug 2021 12:29:22 +0900
Message-ID: <CAFWvErWfSkzHGwLaP0t7RsufgkMiryrHkp4zWoVsRGR718Dqow@mail.gmail.com>
To: Laurence Lundblade <lgl@island-resort.com>, cose@ietf.org, jodonogh@qti.qualcomm.com
Cc: Carsten Bormann <cabo@tzi.org>
Content-Type: multipart/alternative; boundary="000000000000e46a2005c8dba461"
Archived-At: <https://mailarchive.ietf.org/arch/msg/cose/W4ZDcx_X_Gq0t_5v9SiaENsoHfk>
Subject: Re: [COSE] tstr values for kty, alg, crv, etc.
X-BeenThere: cose@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: CBOR Object Signing and Encryption <cose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/cose>, <mailto:cose-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cose/>
List-Post: <mailto:cose@ietf.org>
List-Help: <mailto:cose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/cose>, <mailto:cose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 06 Aug 2021 03:29:41 -0000

Hi folks,

> I prefer to see the option of `tstr` labels removed if possible.

I'm glad to see that there are several people who agree with me.

To remove the option of tstr labels from the spec, would a revised RFC be
needed? Or would an errata enough for that?
Anyway, I would like to hear from the key members in COSE whether this
change is acceptable or not.

If it is acceptable, I would like to support moving this effort forward.

Best regards,
Daisuke

2021年8月5日(木) 19:48 Jeremy O'Donoghue <jodonogh@qti.qualcomm.com>:

> Hi list,
>
>
>
> I agree with Laurence on this. I work on platform-related security
> standards at GlobalPlatform where we are using COSE quite extensively. A
> major use-case is highly constrained embedded targets where the benefits
> from eliminating string handling are considerable – many such platforms do
> not have a heap, and minimal code size is an important design goal.
>
>
>
> I prefer to see the option of `tstr` labels removed if possible. We do
> have a 64bit integer space for algorithms which should suffice. If this is
> not possible (e.g. for backward compatibility with proprietary
> implementations), at least a note to registrants that integer values are
> greatly preferred in some implementations for reasons of code size would be
> helpful. Implementations could then decide whether to not implement tstr
> support.
>
>
>
> Best regards
>
> Jeremy
>

2021年7月29日(木) 5:50 Laurence Lundblade <lgl@island-resort.com>:

> Yes, I much prefer int labels for a small C implementation. Adding support
> for tstr labels would noticeably increase code size. I hope no one
> registers a tstr label.  It seems unlikely because algorithms are
> relatively hard to invent and vet.
>
> LL
>
>
> On Jul 28, 2021, at 5:47 AM, Carsten Bormann <cabo@tzi.org> wrote:
>
> Hi Daisuke,
>
> On 2021-07-28, at 13:45, AJITOMI Daisuke <ajitomi@gmail.com> wrote:
>
> In my opinion, the tstr type for 'kty', 'alg', 'crv' or 'key_ops' is not
> necessary because I think the major advantage of COSE is its
> compactness,but I would like to know what you are assuming as the value of
> tstr.
>
>
> The registrant gets the choice between a text string and an integer.
>
> https://www.iana.org/assignments/cose/cose.xhtml lists the registration
> procedures for certain ranges, e.g.:
>
> https://www.iana.org/assignments/cose/cose.xhtml#algorithms
>
> Range <sort_none.gif> Registration Procedures <sort_up.gif>
> Strings of length 1 Standards Action With Expert Review
> Integer values between -256 and 255 Standards Action With Expert Review
> Strings of length 2 Specification Required
> Integer values from 256 to 65535 Specification Required
> Integer values from -65536 to -257 Specification Required
> Strings of length greater than 2 Expert Review
> Integer values greater than 65535 Expert Review
>
> So labels the representations of which would be 1+0 and 1+1 bytes long
> require standards action, 1+2, specification required, and 1+>2, expert
> review.
>
> It doesn’t look like anyone has felt a need to register a text string
> label for an algorithm ID yet; there are still quite a few 1+1 (and even a
> few 1+0!) values available for registration.
>
> I would expect that, until we run out of codepoints, the registration of
> text labels will remain an occurrence for special circumstances (which
> means we might not be prepared for text labels when we finally actually
> need them).
>
> Grüße, Carsten
>
> _______________________________________________
> COSE mailing list
> COSE@ietf.org
> https://www.ietf.org/mailman/listinfo/cose
>
>
>

v2.23.0 | Report a Bug | By Email