[COSE] Document Action: 'CBOR Object Signing and Encryption (COSE): Initial Algorithms' to Informational RFC (draft-ietf-cose-rfc8152bis-algs-11.txt)

The IESG <iesg-secretary@ietf.org> Thu, 30 July 2020 14:54 UTC

MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Auto-Submitted: auto-generated
Precedence: bulk
Cc: cose-chairs@ietf.org, rfc-editor@rfc-editor.org, cose@ietf.org, barryleiba@gmail.com, The IESG <iesg@ietf.org>, draft-ietf-cose-rfc8152bis-algs@ietf.org, linuxwolf+ietf@outer-planes.net, Matthew Miller <linuxwolf+ietf@outer-planes.net>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
Message-ID: <159612089570.23306.16624832534711317488@ietfa.amsl.com>
Date: Thu, 30 Jul 2020 07:54:55 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/cose/cfmewh65StYtVKkrrzaEQxwtmDs>
Subject: [COSE] Document Action: 'CBOR Object Signing and Encryption (COSE): Initial Algorithms' to Informational RFC (draft-ietf-cose-rfc8152bis-algs-11.txt)

The IESG has approved the following document:
- 'CBOR Object Signing and Encryption (COSE): Initial Algorithms'
  (draft-ietf-cose-rfc8152bis-algs-11.txt) as Informational RFC

This document is the product of the CBOR Object Signing and Encryption
Working Group.

The IESG contact persons are Barry Leiba, Benjamin Kaduk and Roman Danyliw.

A URL of this Internet Draft is:
https://datatracker.ietf.org/doc/draft-ietf-cose-rfc8152bis-algs/





Technical Summary

The document draft-ietf-rfc8152bis-algs is an update to CBOR Object
Signing and Encryption (COSE) to addressing outstanding errata, make
other clarifications and fixes.  This is part of a set — this for the
algorithms, the other detailing the structure and process — that together
obsolete RFC 8152.


Working Group Summary

This -algs document is intended to be published as informational, rather
than as Internet Standard as is its -struct counterpart.  This is
intentional: cryptographic algorithms become obsolete over time as
improvements in computing and mathematics can realize vulnerabilities and
deficiencies not possible when first published.  Publishing as
Information marks the state of consensus at the time of publication, and
allows for the flexibility to deprecate and obsolete in the future.

This document received wide review from various implementers, including
those used in real-world deployments.  There were a number of editorial
comments and some substantive commentary, with consensus to publish.


Document Quality

Additional care during editing and review of this document and
draft-ietf-cose-rfc8152bis-struct were taken to ensure as best as
possible that various (internal) references made in the original RFC 8152
have proper (external) references.  All errata from RFC 8152 that is
relevant to the COSE algorithms has been addressed therein.

The CryptoForum Research Group (CFRG) published algorithm documents as
Informational; the normative references are expected and exist in the
Downref Registry.  The only exception is RFC 8439 (ChaCha20/Poly1035),
which ought to be added to the Downref Registry.

The normatively referenced documents from NIST and SECG are the
authoritative description for those algorithms; these "downrefs" are
expected.

This document and draft-ietf-cose-rfc8152bis-algs are to be published in
lockstep, and so references here to -struct (and references to this
document in -struct) are expected to be updated as part of publication. 
The referent to draft-ietf-cose-hash-sig, which is already in the RFC
Editor's queue, is also expected to be updated as part of publication.


Personnel

This work is a product of the COSE Working Group.  The document shepherd
is Matthew Miller, and the responsible Area Director is Barry Leiba.

[COSE] Document Action: 'CBOR Object Signing and … The IESG