Re: [COSE] Key identifier of type bstr / int
Benjamin Kaduk <kaduk@mit.edu> Fri, 13 August 2021 00:00 UTC
Return-Path: <kaduk@mit.edu>
X-Original-To: cose@ietfa.amsl.com
Delivered-To: cose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 59B6F3A0E15; Thu, 12 Aug 2021 17:00:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.499
X-Spam-Level:
X-Spam-Status: No, score=-1.499 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, KHOP_HELO_FCRDNS=0.399, SPF_HELO_NONE=0.001, SPF_NONE=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 41XSrhSNyR_U; Thu, 12 Aug 2021 17:00:26 -0700 (PDT)
Received: from outgoing.mit.edu (outgoing-auth-1.mit.edu [18.9.28.11]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A07693A0E14; Thu, 12 Aug 2021 17:00:26 -0700 (PDT)
Received: from kduck.mit.edu ([24.16.140.251]) (authenticated bits=56) (User authenticated as kaduk@ATHENA.MIT.EDU) by outgoing.mit.edu (8.14.7/8.12.4) with ESMTP id 17D00JaM000632 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 12 Aug 2021 20:00:24 -0400
Date: Thu, 12 Aug 2021 17:00:18 -0700
From: Benjamin Kaduk <kaduk@mit.edu>
To: Göran Selander <goran.selander=40ericsson.com@dmarc.ietf.org>
Cc: "cose@ietf.org" <cose@ietf.org>
Message-ID: <20210813000018.GY50759@kduck.mit.edu>
References: <95B75634-B147-4756-A950-C6B139CF3ADD@ericsson.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <95B75634-B147-4756-A950-C6B139CF3ADD@ericsson.com>
Archived-At: <https://mailarchive.ietf.org/arch/msg/cose/hMtj2-6bJocnNa6C9fhe6k-qBgo>
Subject: Re: [COSE] Key identifier of type bstr / int
X-BeenThere: cose@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: CBOR Object Signing and Encryption <cose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/cose>, <mailto:cose-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cose/>
List-Post: <mailto:cose@ietf.org>
List-Help: <mailto:cose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/cose>, <mailto:cose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 13 Aug 2021 00:00:33 -0000
On Fri, Jul 30, 2021 at 12:28:58PM +0000, Göran Selander wrote: > Hi, > > In LAKE yesterday we had a discussion on compact key identifiers. The main candidate to use, 'kid', is specified as a CBOR bstr, which is typically at least 2 bytes (exception: empty bstr which is 1 byte). We therefore want to allow keys to be identified with CBOR ints which has 48 1-byte values to allow for a larger number of optimally small identifiers. > > One solution would be to define a new COSE key common parameter and COSE header parameter, say 'kid2', of type bstr / int. Another solution would be to extend 'kid' to be bstr / int. > > In the former case a 'kid2' can be used to reference keys identified with either 'kid2' or 'kid', but 'kid' would not be able to reference keys identified with 'kid2' having an int value. Not clear to me if that is a problem. > > While the LAKE WG did not express any preference, one opinion I learnt after the meeting was a preference of extending 'kid' to bstr / int. > > What do folks in COSE think? > > I'm familiar with the process of registering new COSE parameters, what is the requirement for changing the value type of an existing registration? Standards action with expert review? I think so. There's a decent case that just standards action would suffice, but I like ensuring that the experts also weigh in. >From the follow-up: > Another alternative to what has been listed below is to define 'kid2' to > only be of type int - is that a better option? That would avoid some of the decoder complexity that Laurence raised, but leaves the issue of needing logic to handle a message that sets both 'kid' and 'kid2'. For a long-term steady-state best outcome I don't see a huge difference between an expanded 'kid' and deprecating 'kid' entirely in favor of a 'kid2' that does both. I'm less sure how to compare that option against the one-parameter-per-type option (kid==bstr, kid2==int) that is easier to decode but has the possibility to provide both parameters. -Ben
- [COSE] Key identifier of type bstr / int Göran Selander
- Re: [COSE] Key identifier of type bstr / int Laurence Lundblade
- Re: [COSE] Key identifier of type bstr / int Göran Selander
- Re: [COSE] Key identifier of type bstr / int Benjamin Kaduk
- Re: [COSE] Key identifier of type bstr / int Laurence Lundblade
- Re: [COSE] Key identifier of type bstr / int Göran Selander
- Re: [COSE] Key identifier of type bstr / int Laurence Lundblade
- Re: [COSE] Key identifier of type bstr / int Göran Selander
- Re: [COSE] Key identifier of type bstr / int Orie Steele
- Re: [COSE] Key identifier of type bstr / int Göran Selander
- Re: [COSE] Key identifier of type bstr / int Orie Steele
- Re: [COSE] Key identifier of type bstr / int Laurence Lundblade
- Re: [COSE] Key identifier of type bstr / int Orie Steele
- Re: [COSE] Key identifier of type bstr / int Göran Selander
- Re: [COSE] Key identifier of type bstr / int Orie Steele
- Re: [COSE] Key identifier of type bstr / int Benjamin Kaduk
- Re: [COSE] Key identifier of type bstr / int Anders Rundgren
- Re: [COSE] Key identifier of type bstr / int Mike Prorock
- Re: [COSE] Key identifier of type bstr / int Orie Steele
- Re: [COSE] Key identifier of type bstr / int Michael Richardson
- Re: [COSE] Key identifier of type bstr / int Carsten Bormann
- Re: [COSE] Key identifier of type bstr / int Anders Rundgren
- Re: [COSE] Key identifier of type bstr / int Laurence Lundblade
- Re: [COSE] Key identifier of type bstr / int Laurence Lundblade
- Re: [COSE] Key identifier of type bstr / int Göran Selander
- Re: [COSE] Key identifier of type bstr / int Orie Steele
- Re: [COSE] Key identifier of type bstr / int Anders Rundgren
- Re: [COSE] Key identifier of type bstr / int Carsten Bormann
- Re: [COSE] Key identifier of type bstr / int Laurence Lundblade
- Re: [COSE] Key identifier of type bstr / int Christian Amsüss
- [COSE] Attempting to summarize: Key identifier of… Christian Amsüss
- Re: [COSE] Key identifier of type bstr / int Ilari Liusvaara
- Re: [COSE] Key identifier of type bstr / int Tobias Looker
- Re: [COSE] Key identifier of type bstr / int Anders Rundgren
- [COSE] draft-looker-cose-bls-key-representations Anders Rundgren
- Re: [COSE] Key identifier of type bstr / int Michael Richardson
- Re: [COSE] draft-looker-cose-bls-key-representati… Orie Steele
- Re: [COSE] draft-looker-cose-bls-key-representati… Anders Rundgren
- Re: [COSE] Key identifier of type bstr / int Michael Richardson
- Re: [COSE] Key identifier of type bstr / int Carsten Bormann
- Re: [COSE] Key identifier of type bstr / int Laurence Lundblade