IETF Logo Mail Archive

Re: [COSE] tstr values for kty, alg, crv, etc.

Laurence Lundblade <lgl@island-resort.com> Mon, 09 August 2021 20:21 UTC

Return-Path: <lgl@island-resort.com>
X-Original-To: cose@ietfa.amsl.com
Delivered-To: cose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E196A3A15A6 for <cose@ietfa.amsl.com>; Mon, 9 Aug 2021 13:21:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.897
X-Spam-Level:
X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bsDvgDJSW867 for <cose@ietfa.amsl.com>; Mon, 9 Aug 2021 13:21:32 -0700 (PDT)
Received: from p3plsmtpa07-10.prod.phx3.secureserver.net (p3plsmtpa07-10.prod.phx3.secureserver.net [173.201.192.239]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A8CA53A1597 for <cose@ietf.org>; Mon, 9 Aug 2021 13:21:32 -0700 (PDT)
Received: from [192.168.0.100] ([71.92.144.145]) by :SMTPAUTH: with ESMTPSA id DBm5mBqvATJ8VDBm6msltj; Mon, 09 Aug 2021 13:21:31 -0700
X-CMAE-Analysis: v=2.4 cv=eIjWMFl1 c=1 sm=1 tr=0 ts=61118e4b a=E5cCtQzjhQJ5yJ7bKjC7Hg==:117 a=E5cCtQzjhQJ5yJ7bKjC7Hg==:17 a=l70xHGcnAAAA:8 a=gKmFwSsBAAAA:8 a=3m2aLBOWVkK0B67FkycA:9 a=QEXdDO2ut3YA:10 a=Bifs-xScn1LMGr9p:21 a=_W_S_7VecoQA:10 a=JtN_ecm89k2WOvw5-HMO:22 a=nnPW6aIcBuj1ljLj_o6Q:22
X-SECURESERVER-ACCT: lgl@island-resort.com
From: Laurence Lundblade <lgl@island-resort.com>
Message-Id: <CE55A0F1-96FA-4298-BF2E-731B9E49F485@island-resort.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_A3CE12AB-B14B-4173-B2FD-4327E8BFCE2F"
Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.120.23.2.1\))
Date: Mon, 09 Aug 2021 13:21:29 -0700
In-Reply-To: <10529.1628538225@localhost>
Cc: Carsten Bormann <cabo@tzi.org>, AJITOMI Daisuke <ajitomi@gmail.com>, cose@ietf.org, jodonogh@qti.qualcomm.com
To: Michael Richardson <mcr+ietf@sandelman.ca>
References: <CAFWvErXkR1vVNQFjn+rVCe8jaJ7DspBUq5kVJdGzonBU98Ctbw@mail.gmail.com> <78EB5028-71BD-4034-A9B3-340E206F1F90@tzi.org> <10529.1628538225@localhost>
X-Mailer: Apple Mail (2.3608.120.23.2.1)
X-CMAE-Envelope: MS4xfEtOFw4qg41e0EG9/xrpyAa6baEMEhYMTPTmTzzqzs63uyq4ZMPSxwaB4uhYfyS1nYVZ2lQbuihYmqyygLxE/48nEhG/FT+pNeqwciYleWfTmahPcbea bKCdm44uihhWg3duVcFDhSFi7NKI/7eZHYibdPvAgKOOYY4azX5KbXqmu1CPdX+ZVRFZnFNa9GJ6Ly8LVwxeYHvE7cyFL2oj8S1IXpSBHdrYciETKYoWyGjt s3Bk8J2nCH7iAqDen8mDGZWIMt60T6o7ouufj62Icf4p3oQSwEhRwarp4I1qnjKID3VL2M0fQhgcgBJinIB5ew==
Archived-At: <https://mailarchive.ietf.org/arch/msg/cose/XLvThDWXRtoMUnU_mfEgnZNvkjc>
Subject: Re: [COSE] tstr values for kty, alg, crv, etc.
X-BeenThere: cose@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: CBOR Object Signing and Encryption <cose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/cose>, <mailto:cose-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cose/>
List-Post: <mailto:cose@ietf.org>
List-Help: <mailto:cose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/cose>, <mailto:cose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 09 Aug 2021 20:21:42 -0000

> On Aug 9, 2021, at 12:43 PM, Michael Richardson <mcr+ietf@sandelman.ca> wrote:
> 
> 
> Carsten Bormann <cabo@tzi.org> wrote:
>> This discussion is all a bit short sighted to me. Sure, we can advise
>> against registering text labels now. But COSE has a long life with many
>> applications before it, some of which may be outside what you are
>> thinking about now. What’s the rush on disabling these?
> 
> I understood that some people think that we can encode the map key for 'kty'
> as both 'kty' and also 1.
> 
> (section 7 of RFC8152)
> [ditto alg and I think key_ops]
> 
> I'm not convinced the document says that.

Agreed.

The CDDL allows only 1, 2, 3,...for the params defined in COSE, but allows tstr for future params.


   label = int / tstr


   COSE_Key = {
       1 => tstr / int,          ; kty
       ? 2 => bstr,              ; kid
       ? 3 => tstr / int,        ; alg
       ? 4 => [+ (tstr / int) ], ; key_ops
       ? 5 => bstr,              ; Base IV
       * label => values
   }

Essentially, I think anyone trying to register tstr COSE identifier or label should be asked if they really want to do that, is it really necessary to use a tstr instead of an int:  Are you just doing it because you are used to JSON? You know that most implementations don’t support tstr, right?

Also, to be clear, you don't register both a tstr and an int for a particular item. There are two ways of doing this, but not for an individual item. Having tstr ‘foo’ and int 42 both referring to the same item would actually require two registrations and would be the worst thing to do.

LL

v2.23.0 | Report a Bug | By Email