IETF Logo Mail Archive

Re: [COSE] [Ace] Gap in registration of application/cwt?

Laurence Lundblade <lgl@island-resort.com> Thu, 27 August 2020 20:05 UTC

Return-Path: <lgl@island-resort.com>
X-Original-To: cose@ietfa.amsl.com
Delivered-To: cose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 36D363A129A for <cose@ietfa.amsl.com>; Thu, 27 Aug 2020 13:05:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.894
X-Spam-Level:
X-Spam-Status: No, score=-1.894 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mJoAL3MMoGwr for <cose@ietfa.amsl.com>; Thu, 27 Aug 2020 13:05:51 -0700 (PDT)
Received: from p3plsmtpa08-07.prod.phx3.secureserver.net (p3plsmtpa08-07.prod.phx3.secureserver.net [173.201.193.108]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 08D163A1299 for <cose@ietf.org>; Thu, 27 Aug 2020 13:05:50 -0700 (PDT)
Received: from [192.168.1.78] ([76.167.193.86]) by :SMTPAUTH: with ESMTPA id BO9dkjp3eFItaBO9dkaITh; Thu, 27 Aug 2020 13:05:50 -0700
X-CMAE-Analysis: v=2.3 cv=aOKOVo1m c=1 sm=1 tr=0 a=t2DvPg6iSvRzsOFYbaV4uQ==:117 a=t2DvPg6iSvRzsOFYbaV4uQ==:17 a=48vgC7mUAAAA:8 a=VrHXGImtAAAA:8 a=K6EGIJCdAAAA:8 a=Eqp6jkYgQ34o3N5TpJAA:9 a=SyrdsgEqa-XJUW_k:21 a=vFFfuvnHeaAGb_Vv:21 a=QEXdDO2ut3YA:10 a=ZZLNv0RtSJYDGVn108QA:9 a=uSGSoO5p8o597y66:21 a=8ZSD_EyMHTX0iJQT:21 a=_FPemj0bJg9INCJ5:21 a=_W_S_7VecoQA:10 a=w1C3t2QeGrPiZgrLijVG:22 a=rjybpTLx1R2UrS7S5igv:22 a=L6pVIi0Kn1GYQfi8-iRI:22
X-SECURESERVER-ACCT: lgl@island-resort.com
From: Laurence Lundblade <lgl@island-resort.com>
Message-Id: <1EEB1097-5E9E-4987-BA7B-29A71B3A120B@island-resort.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_BF215473-5BB2-4E56-ACBB-C2C8DC26BADE"
Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.15\))
Date: Thu, 27 Aug 2020 13:05:49 -0700
In-Reply-To: <00d201d67333$d8449d30$88cdd790$@augustcellars.com>
Cc: Ace Wg <ace@ietf.org>, cose <cose@ietf.org>
To: Jim Schaad <ietf@augustcellars.com>
References: <D964158E-4895-4C75-A27F-0141D4EDCE5A@island-resort.com> <004201d66f79$3d95ed10$b8c1c730$@augustcellars.com> <D2ADF917-F69E-40E4-AA03-DFF6DB8BB9B3@island-resort.com> <66829A45-EDC1-4317-AA0A-FD335B6CF820@island-resort.com> <00af01d6728b$27579480$7606bd80$@augustcellars.com> <39135152-A5D8-48AB-B882-B29DCE5E3811@island-resort.com> <00d201d67333$d8449d30$88cdd790$@augustcellars.com>
X-Mailer: Apple Mail (2.3445.104.15)
X-CMAE-Envelope: MS4wfBO+VgS/fmQsDM4Ijhh6yMJYC/vj4NsvK8ckaWYDTx0svJRC7hH5RCDCN4dPDfC9is0UdWsr/t70EPCXrMZld97XLDP20JMwPExLTj6X4lVRMrfdmMaY yQCk1E+DfS93EEyhJN7vhbTSsZVUDIp+KvwZ/+NixfCvdB9DPvYqwajABwXbVUlej9d5cEr4yvk7u/HTt7/lDhz20K9TxVve6WknHa5jxAGEt9tQr3M+r7nq
Archived-At: <https://mailarchive.ietf.org/arch/msg/cose/X8Jax93b8Pqmv6ydXE6pqI9XuT4>
Subject: Re: [COSE] [Ace] Gap in registration of application/cwt?
X-BeenThere: cose@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: CBOR Object Signing and Encryption <cose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/cose>, <mailto:cose-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cose/>
List-Post: <mailto:cose@ietf.org>
List-Help: <mailto:cose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/cose>, <mailto:cose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 27 Aug 2020 20:05:55 -0000

In a CBOR thread it became clear (to me anyway) that in the context of CBOR a “tag" is not a prefix, badge, identifier or such. It is the combination of the identifier and the content. In the CBOR context when you say “tag 1” or “epoch-based date tag” you mean the major type 6 and the number content.  The encoded CBOR for a tag 1 with value for Jan 1, 1970 would be 0xc1 0x00.

RFC 8392 uses the terminology incorrectly in section 5 <https://tools.ietf.org/html/rfc8392#section-5>. It refers to the tag as a prefix. Maybe errata should be filed on this?


Going back to the identification of a CWT and/or COSE, my understanding is that a “CWT” is a protocol message. A “CWT Tag” is a type 6 item value 61 and the CWT protocol message.  The definition of the CWT protocol message stands apart from the definition of tag 61. (This is not true of a tag 1 epoch date; the definition of the date is intwined with the definition of tag 1).

I believe the definition of the CWT protocol message allows the type of COSE used to secure it to be identified in many ways. You can do it with CBOR tags or you can do with externally such as my Application/CWT; cose-type=COSE_Sign1 content type example.

Further, I think nesting of COSE works as follows. It doesn’t have to be identified with COSE tags. Several levels of COSE can be required by some top level media type or even by some CBOR tag that is not a COSE defined tag. For example, I could define application/very-secure-string as follows.
  - Start with string of bytes
  - Encrypt it with COSE_Encrypt (the string of bytes is the payload) (note that this is not COSE_Encrypt_Tagged)
  - Sign it COSE_Sign1 (the COSE_Encrypt is the payload) (note that this is not COSE_Sign1_Tagged
  - Mac it with COSE_Mac0 (the COSE_Sign1 is the payload) (note that this is not COSE_Mac0_Tagged)

I could make the payload at some level in this example some newly defined tag that requires a COSE_Sign1 with EdDSA and indicates something about its payload format.

LL





> On Aug 15, 2020, at 11:42 AM, Jim Schaad <ietf@augustcellars.com> wrote:
> 
>  
>  
> From: Laurence Lundblade <lgl@island-resort.com <mailto:lgl@island-resort.com>> 
> Sent: Saturday, August 15, 2020 10:58 AM
> To: Jim Schaad <ietf@augustcellars.com <mailto:ietf@augustcellars.com>>
> Cc: cose <cose@ietf.org <mailto:cose@ietf.org>>; Ace Wg <ace@ietf.org <mailto:ace@ietf.org>>
> Subject: Re: [Ace] [COSE] Gap in registration of application/cwt?
>  
>  
> 
> 
>> On Aug 14, 2020, at 3:35 PM, Jim Schaad <ietf@augustcellars.com <mailto:ietf@augustcellars.com>> wrote:
>>  
>>  
>>  
>> From: Laurence Lundblade <lgl@island-resort.com <mailto:lgl@island-resort.com>> 
>> Sent: Friday, August 14, 2020 1:59 PM
>> To: Jim Schaad <ietf@augustcellars.com <mailto:ietf@augustcellars.com>>
>> Cc: Ace Wg <ace@ietf.org <mailto:ace@ietf.org>>; cose <cose@ietf.org <mailto:cose@ietf.org>>
>> Subject: Re: [COSE] Gap in registration of application/cwt?
>>  
>> Here’s a series of scenarios that I think are legal CWT. These are allowed by RFC 8392, right?
>>  
>> 1) Explicitly tagged, no external type info needed
>> - Has CWT tag
>> - Has COSE type tag
>> [JLS] Yes
>>  
>> 2) CWT identification by label, COSE type tagged
>> - The CWT is a CBOR data item with a label. The definition of the label says the contents of the label are always CWT
>> - No CWT tag necessary as it is implied by the label
>> - Has a COSE type tag
>> [JLS] Yes, the label could be internal to the CBOR object or external such as an media-type
>  
> I was being very specific with the term label, meaning a label/key identifying an item in a CBOR map.
> 
> 
>>  
>> 3) CWT and COSE by label
>> - The CWT is an item with a label. The definition of the label says the contents of the label are always CWT and of a specific COSE type
>> - No tags necessary
>> [JLS] Yes that would be fine
>>  
>> 4) Application/CWT identifies content as CWT, tagging for COSE type
>> - No CWT tag
>> - Has a COSE tag
>> [JLS] This is the same as 2?  I don’t think that it would be restricted to just that media type.
>  
> You mean there could be other media types that also identify the content as CWT?
> [JLS] Yes this could be done in the future.   One would normally expect this to be an application specific profile, but funny things happen.
>>  
>> 5) Application/CWT identifies content as CWT
>> - Has CWT tag even though it is redundant 
>> - Has a COSE tag
>> [JLS] Yes
>  
> Additionally, one might interpret CBORbis 4.2.2 to say the the CWT tag should not be present.
> [JLS] For deterministic encoding, but not  for general encoding.
>>  
>> 6) Application/CWT; cose-type=COSE_Sign1 (or Mac0 or …)
>> - No tags are used
>> - Identification is completely by the MIME type header
>> - (I understand that the cose-type MIME parameter is not defined, but it could be. 8392 doesn’t forbid it)
>> [JLS] Yes you could do that, and as I stated in a previous mail this is not a good idea for the CoAP world.
>>  
>> 7) A protocol like FIDO identifies a protocol element that is an attention type the type of which is CWT with COSE_Sign1
>> - No tags are used
>> [JLS] yes
>>  
>> 8) A protocol like FIDO identifies a protocol element that is an attention type the type of which is CWT; the COSE type is determined by tag
>> - No CWT tag
>> - Has a COSE tag
>> [JLS] yes
>>  
>> The one thing you can’t do is have a CWT tag without a COSE type tag. 8392 section 6 forbids this.
>>  
>> [JLS] There however is a set of nested cases that you might need to look at.  That is 6.CWT ( COSE_Encrypt_Tagged ( COSE_Sign ))  You would also need to think about the requirements for nested COSE layers.
>  
> All but the most outer COSE type are always identified by a tag, per 7.1 step 5 and 7.2 step 6, right?
> [JLS] Yes I guess that is true.  I think my code is more generous that this in terms of what is accepted.
> Jim
>  
>  
> LL
>  
> 
> 
>>  
>> Jim
>>  
>>  
>> LL
>>  
>>  
>>  
>>  
>> 
>> 
>> 
>>> On Aug 11, 2020, at 12:20 PM, Laurence Lundblade <lgl@island-resort.com <mailto:lgl@island-resort.com>> wrote:
>>>  
>>>  
>>> 
>>> 
>>> 
>>>> On Aug 10, 2020, at 5:49 PM, Jim Schaad <ietf@augustcellars.com <mailto:ietf@augustcellars.com>> wrote:
>>>>  
>>>> This is all based on my understanding that the surrounding protocol for must specify exactly when CBOR tags are to be used and when they are not to be used and that the surrounding protocol must not leave it as an optional implementation choice. In this case application/cwt is the supporting protocol.
>>>>  
>>>> [JLS] What is the text that says that this is true.  This would be a surprising statement for me.
>>> 
>>>  
>>> Here’s three things that lead me to this.
>>>  
>>>> CBORbis
>>>> The sentence of the first paragraph in 4.2.2 <https://tools.ietf.org/html/draft-ietf-cbor-7049bis-14#section-4.2.2> very clearly states this, though this is only for deterministic encoding.
>>>>  
>>>> Typical CDDL
>>>> Most CDDL that describes tagged data describes it only as tagged or untagged, not as optionally tagged.  COSE is one example of this. 
>>>>  
>>>> Email threads
>>>> This thread <https://mailarchive.ietf.org/arch/browse/cbor/?gbt=1&index=Hz7VjeBab9DxPas9E5_KfOmZwN0> and this thread <https://mailarchive.ietf.org/arch/browse/cbor/?gbt=1&index=y1EZ-IylFpJ3_MndQGADSbKhx0s>.
>>>>  
>>>> I summarized this behavior in this email <https://mailarchive.ietf.org/arch/msg/cbor/Hz7VjeBab9DxPas9E5_KfOmZwN0/> and no where in the rest of the thread was it indicated differently.
>>>>  
>>> So, it is not a hard requirement because 4.2.2 is only for deterministic encoding, but seems like a “should" in spirit. It is the preferred way to design a CBOR protocol.
>>>  
>>> However you slice it, I think it is up to the surrounding protocol to say whether a tag is always required, never required or optionally required. If the protocol doesn’t say, then it defaults to optionally required.
>>>  
>>> Defaulting or explicitly allowing optional tagging means the receiver has to allow for all the tagging scenarios and makes possible the error case where the surrounding protocol says the data is of one type and the tag conflicts with it. (e.g. an application/cwt that contains a tagged CoSWID).
>>>  
>>> I don’t think optional tagging is of any advantage in a protocol design. It doesn’t enable anything.
>>>  
>>> It has some disadvantage because it introduces error conditions and potential confusion.
>>>  
>>> I think there are several scenarios with section 6 and application/cwt that could be more clear.
>>>  
>>>> Can you use tag 61 or not? I think the current answer is that in application/cwt, tag 61 is optional.
>>>>  
>>>> How do you know what the COSE type is? It is somewhat obvious that COSE tags will work, but there is no requirement to use them. A MIME parameter or other is entirely allowed here.
>>>>  
>>>> Section 6 does say that determination that something is a CWT is application dependent, but doesn’t say that the COSE type is also application dependent. Section 7 does address this.
>>>  
>>> Said another way, my fully general CWT decoder that is called by some application needs an input parameter to indicate the COSE type because there is no requirement in 8392 that a CWT indicate which COSE type is in use. Sometimes the caller will be able to provide the COSE type and sometimes they won’t. Sometimes there will be an error of conflicting COSE type and sometimes the error will be that the COSE type can’t be determined.
>>>  
>>> I think it would have been cleanest if CWT always indicated the COSE type be used and the tagging optionality didn’t span two protocol layers, but that would be an incompatible change.  Maybe a recommendation that CWT’s SHOULD always indicate their COSE type?
>>>  
>>> LL
>> 
>>  
>> _______________________________________________
>> Ace mailing list
>> Ace@ietf.org <mailto:Ace@ietf.org>
>> https://www.ietf.org/mailman/listinfo/ace <https://www.ietf.org/mailman/listinfo/ace>
>  
> _______________________________________________
> Ace mailing list
> Ace@ietf.org
> https://www.ietf.org/mailman/listinfo/ace

v2.23.0 | Report a Bug | By Email