Re: [COSE] How COSE items are identified
Justin Richer <jricher@mit.edu> Mon, 16 November 2015 15:17 UTC
Return-Path: <jricher@mit.edu>
X-Original-To: cose@ietfa.amsl.com
Delivered-To: cose@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6B1421A044E; Mon, 16 Nov 2015 07:17:14 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.786
X-Spam-Level:
X-Spam-Status: No, score=-4.786 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.585, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id V7CXVOuFBOzQ; Mon, 16 Nov 2015 07:17:13 -0800 (PST)
Received: from dmz-mailsec-scanner-7.mit.edu (dmz-mailsec-scanner-7.mit.edu [18.7.68.36]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B3B7F1A0423; Mon, 16 Nov 2015 07:17:12 -0800 (PST)
X-AuditID: 12074424-f79216d00000156e-72-5649f377f047
Received: from mailhub-auth-1.mit.edu ( [18.9.21.35]) (using TLS with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by dmz-mailsec-scanner-7.mit.edu (Symantec Messaging Gateway) with SMTP id 05.1A.05486.773F9465; Mon, 16 Nov 2015 10:17:11 -0500 (EST)
Received: from outgoing.mit.edu (outgoing-auth-1.mit.edu [18.9.28.11]) by mailhub-auth-1.mit.edu (8.13.8/8.9.2) with ESMTP id tAGFH5wl032127; Mon, 16 Nov 2015 10:17:06 -0500
Received: from [192.168.0.104] (ip-53-040.atvci.net [209.240.53.40]) (authenticated bits=0) (User authenticated as jricher@ATHENA.MIT.EDU) by outgoing.mit.edu (8.13.8/8.12.4) with ESMTP id tAGFH2OO030677 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Mon, 16 Nov 2015 10:17:04 -0500
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 8.2 \(2104\))
From: Justin Richer <jricher@mit.edu>
In-Reply-To: <001601d1203e$2a919460$7fb4bd20$@augustcellars.com>
Date: Mon, 16 Nov 2015 09:17:02 -0600
Content-Transfer-Encoding: quoted-printable
Message-Id: <82992675-FEB2-43B8-8DA4-C0B2915AB2C1@mit.edu>
References: <001601d1203e$2a919460$7fb4bd20$@augustcellars.com>
To: Jim Schaad <ietf@augustcellars.com>
X-Mailer: Apple Mail (2.2104)
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFvrDIsWRmVeSWpSXmKPExsUixCmqrFv+2TPM4NhMEYvv33qYLaZtncpq sXr6dzYHZo+Nc6azeSxZ8pMpgCmKyyYlNSezLLVI3y6BK2PmsX+sBfMFK771LGFuYLzD28XI ySEhYCLx6udBVghbTOLCvfVsXYxcHEICi5kk3v45xAzhbGSU6Nx2iBHCOcgk0fH6CgtIC7OA usSfeZeYQWxeAT2JV7cug40SFjCU2HfyARuIzSagKjF9TQsTiM0p4CCxvL2VvYuRg4MFKL7r vz6IySwgL3HkfyXERG2JZQtfQ020kjj2divYJiEBe4nDDefYQWwRoK1bV99kgjhaVmL370dM ExgFZyE5aBaSg2YhGbuAkXkVo2xKbpVubmJmTnFqsm5xcmJeXmqRrrlebmaJXmpK6SZGUCCz u6jsYGw+pHSIUYCDUYmH98QT9zAh1sSy4srcQ4ySHExKoryPP3mGCfEl5adUZiQWZ8QXleak Fh9ilOBgVhLh7ToNlONNSaysSi3Kh0lJc7AoifNu+sEXIiSQnliSmp2aWpBaBJOV4eBQkuDd BDJUsCg1PbUiLTOnBCHNxMEJMpwHaPhFkBre4oLE3OLMdIj8KUZFKXFeHpCEAEgiozQPrheU aC5+MNV4xSgO9Iow7/+PQFU8wCQF1/0KaDAT0OATDWCDSxIRUlINjH78Msprcj9s/rUs32L2 gm/Ne/8tcdlcsGOvvcu/ZkUbGeY5H4NvvnlxxTdAbMOXDRV7PX8ysgn5rv8+0/31478Vp51D 5Z3eiRRMvcHtMb+c03zvvhl7uL6y/ur/u36Py+PDb+9v2Lu+2P1KxfUmyYOsyp9SVl4/kmSg kreYQVDwXkVt6W3+dHslluKMREMt5qLiRADIdiq3DwMAAA==
Archived-At: <http://mailarchive.ietf.org/arch/msg/cose/muvD11CsUznqBtG9Hpjl4V_VQkE>
Cc: cose@ietf.org, Ace@ietf.org
Subject: Re: [COSE] How COSE items are identified
X-BeenThere: cose@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: CBOR Object Signing and Encryption <cose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/cose>, <mailto:cose-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cose/>
List-Post: <mailto:cose@ietf.org>
List-Help: <mailto:cose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/cose>, <mailto:cose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 16 Nov 2015 15:17:14 -0000
I think it’s premature to assume one structure is used “most of the time” as opposed to other structures and to optimize COSE for that case. Though if we take a cue from JOSE, it’s asymmetric signing, then MAC. Those might be reversed as I don’t have concrete numbers on this. Public keys are probably next. Encryption is far behind in my experience with JOSE. My point is that I don’t think we can pick any one structure as “most common” yet as we’re extrapolating from exactly zero real-world examples. — Justin (as non-chair) > On Nov 16, 2015, at 1:12 AM, Jim Schaad <ietf@augustcellars.com> wrote: > > We seem to have a potential problem for how COSE items are identified. > > Initially, we used an integer inside of the structure to identify it. That > is how the current ACE documents are written. This uses a single byte. > > At the request of Carsten, we moved from doing this to using a tag at the > front of the structure. Carsten believes that this can be done with a tag > that is in the two byte range when encoded (tag, length=1, tag value). Part > of the reason that I agreed was that this was not really being used at the > time by the ACE documents. > > If one is almost always doing encrypted, then one could encode that > structure w/o the tag and do the other three structures with the tag. This > would probably be ok as it would mostly use the smallest tagging (none) when > needed the most and use larger tagging (2 bytes) for the rest of the > structures. > > Alternatively, we could modify the document to request the assignment of > tags in the one byte range for the most common structures and two bytes for > the less common structures (and have arguments about which is which). > > Alternatively, we could revert back to putting an integer tag inside of the > array structure. > > Comments on this are requested. > > Jim > > > _______________________________________________ > COSE mailing list > COSE@ietf.org > https://www.ietf.org/mailman/listinfo/cose
- [COSE] How COSE items are identified Jim Schaad
- Re: [COSE] How COSE items are identified Justin Richer