IETF Logo Mail Archive

Re: [COSE] The one-byte saving from use of a sequence

John Mattsson <john.mattsson@ericsson.com> Fri, 14 May 2021 08:22 UTC

Return-Path: <john.mattsson@ericsson.com>
X-Original-To: cose@ietfa.amsl.com
Delivered-To: cose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8D96E3A28E1 for <cose@ietfa.amsl.com>; Fri, 14 May 2021 01:22:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.798
X-Spam-Level:
X-Spam-Status: No, score=-2.798 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.698, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dqJKIgizLJ03 for <cose@ietfa.amsl.com>; Fri, 14 May 2021 01:22:47 -0700 (PDT)
Received: from EUR04-HE1-obe.outbound.protection.outlook.com (mail-eopbgr70045.outbound.protection.outlook.com [40.107.7.45]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 462143A28E0 for <cose@ietf.org>; Fri, 14 May 2021 01:22:46 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=W8kzk+cRhFDKgA8tH5/R8reKg3R4bqtaVz1yVnoF9oRLZoRrIkFr4cOko3TNwBAk9cfXCvynt0buldkDmrB+rIbMTRM4Nm+uME1bWm1WiztSgIqMhs3GkPIkqoLchk0sSdTowwzwdSVQrhMCxytScrJ7Xt3vtGwad/juh2NrMktzgCXVn5Yl1RsFgyDZ9r1VtxowUV7es3kiyG91kCCz8beZxZu0tUh66x5j6jWhSUtt/DWh6iWr9dtHKeI6KIJw0iRSG/HMqP1Srn6xbVMPcXWTNxSYehw0MWvCnnpeYT1WgdSXcIE2M6NzaIuL2fM3q+Q7ch3hlR3NHMI3SZ12lA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=1f8ZIA1+O5b6KTyTXjP4a0jm7g7q/kzru6hmTcWLbVw=; b=XKYGYN1YJ3FbERm8IQvMWw+UyAOx0wt8qe2QoWC15twB27HSK4xCw7Ia4YZ4vqWbmXNWsoV/O/8zTh3sI7i9RXCEj1545Q1tmrv4DaGQ1oLpT/0i6DPzUXbVptLLmxVHiw7Md5HuiaJCsDIbq/7JBomeXn4sKHYtPiI2ceyd7kBsGxHLhp5mBWv5NxCLh2XtxGVFwXGOLDnO7WoYSFs/D3H+s/co7M0WLovdTCHUuTSDJFrxuE5A1qcFxRL57U+qFAdQ6HFoyfGeAeN9R/Ng9ZhbgjELmAltRm1x0dq/TlVqWEb8iChb5TdBNWsSOhXNW/+nZCf8KEnHWeq6ChBehQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ericsson.com; dmarc=pass action=none header.from=ericsson.com; dkim=pass header.d=ericsson.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=1f8ZIA1+O5b6KTyTXjP4a0jm7g7q/kzru6hmTcWLbVw=; b=LidWf/d4M5ur/+5/tSKXYoV8tkP+zIzlJUCyE5WV7xb3XIiKMDEWUPzy9G9jnEiCGl3ycZb5v5bOEWBP6Fsx5zfOcvtRYkJB5vmWoyuUIRb8BHOPojsjGKBb9Fb33sm1S9O3lNNgXoHfIfzgUacMZW+sGOmyrlO7keswTukQVuQ=
Received: from HE1PR0701MB3050.eurprd07.prod.outlook.com (2603:10a6:3:4b::8) by HE1PR0701MB2729.eurprd07.prod.outlook.com (2603:10a6:3:93::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4150.12; Fri, 14 May 2021 08:22:44 +0000
Received: from HE1PR0701MB3050.eurprd07.prod.outlook.com ([fe80::b071:a4a:817d:2d3]) by HE1PR0701MB3050.eurprd07.prod.outlook.com ([fe80::b071:a4a:817d:2d3%11]) with mapi id 15.20.4129.026; Fri, 14 May 2021 08:22:44 +0000
From: John Mattsson <john.mattsson@ericsson.com>
To: Laurence Lundblade <lgl@island-resort.com>, cose <cose@ietf.org>
Thread-Topic: [COSE] The one-byte saving from use of a sequence
Thread-Index: AQHXSHZohGc6rTH0OUiAXUwROoGzU6rixTmA
Date: Fri, 14 May 2021 08:22:44 +0000
Message-ID: <D5C7BFED-0148-40AD-8434-F9F2E65130F4@ericsson.com>
References: <CAJFkdRwmFZy7PGgJNUpr6New9Op=9cpUg56mmmNFGzhn8pWmXQ@mail.gmail.com> <YFjTK7GSzs1EtPR2@LK-Perkele-VII2.locald> <A8BC22D5-B869-47ED-9F70-C24D51DE0401@ericsson.com> <A4F794D5-94A0-48F1-9303-4A6A2E7F6E76@island-resort.com>
In-Reply-To: <A4F794D5-94A0-48F1-9303-4A6A2E7F6E76@island-resort.com>
Accept-Language: en-US
Content-Language: en-GB
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.49.21050901
authentication-results: island-resort.com; dkim=none (message not signed) header.d=none;island-resort.com; dmarc=none action=none header.from=ericsson.com;
x-originating-ip: [81.225.97.222]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: f220684c-f28f-4dd3-9bec-08d916b17300
x-ms-traffictypediagnostic: HE1PR0701MB2729:
x-microsoft-antispam-prvs: <HE1PR0701MB272907F1FAF8D91C2D5A567C89509@HE1PR0701MB2729.eurprd07.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: kFQHcCUfuCc9q6u7lZ56H/9SdyRaCxpJiaIqvu8mbApm1+kpIdSuXtsF3c5CDMTd6r1UkafKE9aHAyekituNxoSUjprSn8xJfmncOl6ybGCmaFwvWOZ+rNn+g6b5Nu2Ni25zMjFNEV7/k0Q6KyibAXZJTS1uCO5J/JWSlSPb2qBqrl8BEmpG/ob8jGbQWG0r6nU8YIdqrpnan6tB8r/FLGZV9WBW+8iLOtoPfRVfxEB6jdSh9wNwJEDi/qjRUs37X+TzzuLu6/Daymf0JsnzPbFiNQO0chLrKmG7mx0b0sLh5oAJXY0fdSl7jONIKPiUCdUbDDrEk8VFfHAFcvLrxFKZPIJvzyPN7p5N1UWiDynyhFNjaDEJqm3iwob7LPsJ3OTqTawFBJ8mjAP/Z5NoPL2g8LmTvSc+wcoDLrtmBsL6tRZy45j8IQk5JFgXW9xauPrjI6fiYnpbPjyMb89yRnQHfFR0LTGSiZTamoW8faLUXCfwkAWbiEVoaqozB7Zc5nLD/yf1mPTgj7wetYMdb2ucBIdyN4enb2KavaDiGPA3KMulTJTxr66vSRtDkm8udt72piivrSxAmMko3NlnWho/TFUcvur4vPlZJLZvSf6ARAIuoRnvFgaEG9fevggHACo6yvdi5eg/brFqRnFnLiCsjtNoW31ww3scJ3/xlqs=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:HE1PR0701MB3050.eurprd07.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(376002)(366004)(346002)(39860400002)(396003)(136003)(83380400001)(2906002)(86362001)(316002)(66476007)(64756008)(76116006)(66556008)(8676002)(66446008)(36756003)(110136005)(5660300002)(44832011)(19627235002)(6512007)(2616005)(66946007)(478600001)(71200400001)(186003)(6486002)(122000001)(6506007)(8936002)(53546011)(26005)(38100700002)(33656002)(45980500001); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata: zHWp3r9ovnQwbfyAkH1xPXsNcPPPn5os0ii9eBXi3r78ac5fm/7Ms7j6dvR9nTN4/276NfbvV2FDuzDx2PElLppptsvZrQyrO3Tv6uKvTjC5WDoO3pjdDcJo/RnCINgiFkTsqSZL7ugSzHLVwnjqOzxSpjV8JqqYFFGADQMNPLcGPs5lROHSjVJeEDYQgPEIwnJE+E4eGbdYSApR6i53sQWsVpw9BT+3odiNdjZb2AnYD6tBfP6Ww9nndR8rNd7L5H8FagEmABcIj8Vx5J1elHRDLNvCmQhMCiJp077VL2G2z5/fp4wuBybkNmopIwWdy+YlVodSjZD8eNWcmSaOtuaZkv1TDsA5ZZhLnRDk3xO9GcBCVgDd/yuLZLrUIzeXIFZ62EB1mdHcfKmZ4EoVFOSukl0VT2dNV+QwRrXc/42yIXZValiCud2oAOaVmIMI9S9b+BZRSrhSlwUUVbOuBc9uA0LXCcieI/gTBtp/wbxBqfqYUYUDPrw/nx+Wo/sgy4/qXzLxcmBq3cPd4ZrBr2cNE3+MapGRszCkkzL7iX49SYvmBnh3bCMKaVGY6Oqe2mpW/5EAHv3vFi0PJzKHAoNFlA4OAa1spn0AzSTFC6yQ76D4Bxm9X4CXOxj6nzWkeTfIlQ/Sg8J//lnJqFsmUqgUq/AtxfD9y9z/tPt0f9rBjATXwV8ibp0YQdGjSgN4tGTi6m3/hd0lvFsk9xy27hh3V+JCfq+pJBK0jD+vBUIrQk4nU+/PDMmlXwqIz+ulZ82Dd9R0ORT1szBMx7KKcgQb5hUvOS3B7++LdmZpSk54t0Ny4cGGYMyczDlOTUyoZtbMXpMMM5pRi/yMm124kXtdScpZjpj1bCU1gUXv/z/M8vchbIq8NWF1zH/g/BRYVuOAS602fwDWzcGJmwqutzSd2An/P+HMDF9PICFKmYIxEw6o9+QgOJLEeSAki9gOBAhIvw4NPd8oXmy+2ZZ1THy1s5ltlr5LZYV1qs4/OiPcybKi1pJM9mkeArO6nFkwzQz+tdWRDcb6fyZ32JQtSbnKOztHnyZ6X2BEkhlJtk0V1OjZwlhb1Y3u3V5gGCc2kRQJLyTkh2QxqNzX3Kob+JqaXAsGH4LVcbhfsH6A1jkhhwJLxD8axibRjfjfWMqBQGOWXVG0pAUUlHAUapigNZeYjJGLxXPlaipO1aYC8iGb1njy08XxOFkCTUZnhYeH0tVKQtTwQ9oQEt6ZILBIvOdZ9jZYd1c32oAYDH8YopK7MrZjGfkqrl4QSWL2kXFQaqlbYYH10krv4f3he9cWGNdfuXZ3T5XELLPf8CgqFU93fOftHOXuwRW0+9PJ5S32
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_D5C7BFED014840AD8434F9F2E65130F4ericssoncom_"
MIME-Version: 1.0
X-OriginatorOrg: ericsson.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: HE1PR0701MB3050.eurprd07.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: f220684c-f28f-4dd3-9bec-08d916b17300
X-MS-Exchange-CrossTenant-originalarrivaltime: 14 May 2021 08:22:44.2708 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: 4ITn+s/DPbnCyNLtDSgYbyD6ew9XHc2L1JTLX2O0GZysf2VduHJ59BrJuikT69mLwRlRknJvyl0C5e8mIo7MKot3SukcR4yw9XdWAq0NzW0=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: HE1PR0701MB2729
Archived-At: <https://mailarchive.ietf.org/arch/msg/cose/ZDmq109eeuyhcCf86T6ucCWPsAc>
Subject: Re: [COSE] The one-byte saving from use of a sequence
X-BeenThere: cose@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: CBOR Object Signing and Encryption <cose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/cose>, <mailto:cose-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cose/>
List-Post: <mailto:cose@ietf.org>
List-Help: <mailto:cose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/cose>, <mailto:cose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 14 May 2021 08:22:53 -0000

> This is what is in the draft now, I'm I'm pretty sure it is incorrect CDDL
>
> COSE_C5 = [ + CBORCertificate ]

This is not in the current version. It has already been changed in the GitHub version based on the discussions during the previous interim. There seemed to be agreement to use arrays. We did not want to make technical changes is -00 so the change will come in -01. The current version is
COSE_C5 = [ [ + C509Certificate ] ]

It should be discussed if the inner array should be moved to C509Certificate. The idea to unwrap ~C509Certificate when the array is not needed is a good idea.

> I'm I'm pretty sure it is incorrect CDDL

I don't know why you think this was incorrect CDDL. RFC 8610 even has the following example [+(left: uint, right: uint)] (but this does not matter as I think we have already taken the decision to use arrays).
> It would not be possible to decode correctly.

I don’t think that was true. That would only be true if you cannot determine the number of elements from c509CertificateType (but this does not matter as I think we have already taken the decision to use arrays).

Cheers,
John


From: COSE <cose-bounces@ietf.org> on behalf of Laurence Lundblade <lgl@island-resort.com>
Date: Friday, 14 May 2021 at 06:05
To: cose <cose@ietf.org>
Subject: [COSE] The one-byte saving from use of a sequence

If I’m thinking right, the one-byte saving from using a sequence rather than array for CBORCertificate only happens when using CBORCertificate in a non-CBOR protocol. When you put CBORCertificate in a CBOR protocol, it has to be an array (or a bstr-wrapped sequence) so it can be distinguished from the surrounding CBOR. In non-CBOR protocols, the surrounding protocol (e.g., the DER, or the TLS records) provides the framing for what is the cert, so the array is not needed.

I’d like to see CBORCertificate an array in the main definition. Then when CBORCertificate is put in a non-CBOR protocol, it can be “unwrapped" to save the byte. The CDDL notation for that would be ~CBORCertificate. (I’ve been reading up on CDDL unwrapping lately, so hopefully I got that right).

This also aligns CBORCertificate with the other CBOR protocols I’ve seen so far. They use an array or map to hold the top-level messages together.

Also, I’m pretty sure the CDDL for COSE_C5 is wrong in the -08 draft. It says:


    COSE_C5 = [ + CBORCertificate ]



With CBORCertificate defined as a CDDL group, no framing structure to distinguish the individual CBORCertificates is generated. The array defined by this is not of individual certs, but of an aggregation of all the certificate data items. It would not be possible to decode correctly. Making CBORCertificate an array solves this problem.


We should expect CBORCertificate to be incorporated into lots and lots of other CBOR-based protocols. If we are making a mistake like this because of CBORCertificate being a sequence and not an array, it seems others may as well. So another reason for the main definition of CBORCertificate to be an array.



LL

v2.23.0 | Report a Bug | By Email