Re: [COSE] Carrying certificate chains in COSE signed messages
"Lundblade, Laurence" <llundbla@qti.qualcomm.com> Mon, 07 November 2016 16:46 UTC
Return-Path: <llundbla@qti.qualcomm.com>
X-Original-To: cose@ietfa.amsl.com
Delivered-To: cose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7ED9A1299AC for <cose@ietfa.amsl.com>; Mon, 7 Nov 2016 08:46:25 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -8.517
X-Spam-Level:
X-Spam-Status: No, score=-8.517 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-1.497, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=qti.qualcomm.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XuX5uwnramQe for <cose@ietfa.amsl.com>; Mon, 7 Nov 2016 08:46:23 -0800 (PST)
Received: from wolverine01.qualcomm.com (wolverine01.qualcomm.com [199.106.114.254]) (using TLSv1.2 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E648D12973D for <cose@ietf.org>; Mon, 7 Nov 2016 08:46:22 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=qti.qualcomm.com; i=@qti.qualcomm.com; q=dns/txt; s=qcdkim; t=1478537182; x=1510073182; h=from:to:cc:subject:date:message-id:references: in-reply-to:mime-version; bh=ncHsh/NngBVRqWhBtMro8hc/jUbauLbQwWlnYJ5Fi3s=; b=qGIc3ccwTQeWuWnUWfV4anvdtUhNSYpqP+++lfxrf5sYYV0SN492Vcjk xvCUpvUo2ytPs9ZswiRZnYOFDK5pPAavBA8GZGD0BEI70eELhnFgP9QYf wT+3xYTq6GDzvkMwsSnYIeLcnv3hieB3393Fo4ToXpKNfjQ3vKeVaWkT/ c=;
X-IronPort-AV: E=Sophos;i="5.31,606,1473145200"; d="scan'208,217";a="238113213"
Received: from unknown (HELO Ironmsg03-L.qualcomm.com) ([10.53.140.110]) by wolverine01.qualcomm.com with ESMTP; 07 Nov 2016 08:46:21 -0800
X-IronPort-AV: E=McAfee;i="5700,7163,8342"; a="1256568483"
Received: from nasanexm01c.na.qualcomm.com ([10.85.0.83]) by Ironmsg03-L.qualcomm.com with ESMTP/TLS/RC4-SHA; 07 Nov 2016 08:46:20 -0800
Received: from NASANEXM01B.na.qualcomm.com (10.85.0.82) by NASANEXM01C.na.qualcomm.com (10.85.0.83) with Microsoft SMTP Server (TLS) id 15.0.1178.4; Mon, 7 Nov 2016 08:46:20 -0800
Received: from NASANEXM01B.na.qualcomm.com ([10.85.0.82]) by NASANEXM01B.na.qualcomm.com ([10.85.0.82]) with mapi id 15.00.1178.000; Mon, 7 Nov 2016 08:46:19 -0800
From: "Lundblade, Laurence" <llundbla@qti.qualcomm.com>
To: Samuel Erdtman <samuel@erdtman.se>
Thread-Topic: [COSE] Carrying certificate chains in COSE signed messages
Thread-Index: AQHSNgoMAz08VncnwkqYjLhXMFKbJqDIJ1GA///KYOSAAPBxf4AAjJ+A//+YU7aAAIm+gIAAEJ4AgASjEwCAAAJxAA==
Date: Mon, 07 Nov 2016 16:46:18 +0000
Message-ID: <61986FD2-41A9-46FA-8FF4-1D12543ECDDC@qti.qualcomm.com>
References: <82DC355C-868C-4B6D-91E7-D10CF8046C93@qti.qualcomm.com> <09e901d2360f$08791cd0$196b5670$@augustcellars.com> <1478218124368.37864@qti.qualcomm.com> <sjmzilf8gst.fsf@securerf.ihtfp.org> <E31A3F4F-C647-4007-A78E-E3B80602B897@qti.qualcomm.com> <sjmk2cjw6br.fsf@securerf.ihtfp.org> <CAF2hCba-kmXp5RXQdf2D3Y+oAYk1XsvHETyoWCtB-LeL_PUJaw@mail.gmail.com> <0b3201d236cc$180959e0$481c0da0$@augustcellars.com> <CAF2hCbZ_wKicaSYNrVfybgg6DHRBT1pb_QL6jsCzSD+C2foqqw@mail.gmail.com>
In-Reply-To: <CAF2hCbZ_wKicaSYNrVfybgg6DHRBT1pb_QL6jsCzSD+C2foqqw@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-mailer: Apple Mail (2.1878.6)
x-ms-exchange-messagesentrepresentingtype: 1
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [199.106.107.6]
Content-Type: multipart/alternative; boundary="_000_61986FD241A946FA8FF41D12543ECDDCqtiqualcommcom_"
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/cose/tuD1Dj0GV6GSxHg706Fnrz64lh8>
Cc: Jim Schaad <ietf@augustcellars.com>, cose <cose@ietf.org>
Subject: Re: [COSE] Carrying certificate chains in COSE signed messages
X-BeenThere: cose@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: CBOR Object Signing and Encryption <cose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/cose>, <mailto:cose-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cose/>
List-Post: <mailto:cose@ietf.org>
List-Help: <mailto:cose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/cose>, <mailto:cose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 07 Nov 2016 16:46:25 -0000
I assume the actual solution here would just be an extension to and not any revision of the current COSE spec, but it would be nice to see a straw man proposal to know for sure that assumption holds.
If so, an extension doc seems just fine.
LL
On Nov 7, 2016, at 8:37 AM, Samuel Erdtman <samuel@erdtman.se<mailto:samuel@erdtman.se>> wrote:
Maybe the most reasonable solution would be to write a complementary/extension doc for the COSE specification. Similar to what is done with RSA so that this work can finish.
Jim, is that possible?
Laurence, do you think that would be an okay way forward?
//Samuel
On Fri, Nov 4, 2016 at 7:48 PM, Jim Schaad <ietf@augustcellars.com<mailto:ietf@augustcellars.com>> wrote:
During the development of the COSE document, the creation of attributes to carry X.509 items was discussed. Given the set of use cases that we had on our radar at the time it was decided that we did not need this at the time. These were all cases where we were looking at constrained devices where the addition of the certificate to many messages was going to be a problem. In this environment, if you were using X.509 then you would pre-distribute the certificates rather than carrying them in a message.
If we can identify a number of cases where we would be using X.509 certificates then I would be willing to create a document which would define the fields and how to use them. It would appear that we might have one case, do people know of more?
I don’t think we have a strong case for doing a new certificate format at this time, however if people think there is enough of a need then the next step would be for them to organize a BOF to see if they can attract enough attention.
Jim
From: Samuel Erdtman [mailto:samuel@erdtman.se<mailto:samuel@erdtman.se>]
Sent: Friday, November 04, 2016 10:49 AM
To: Derek Atkins <derek@ihtfp.com<mailto:derek@ihtfp.com>>
Cc: Lundblade, Laurence <llundbla@qti.qualcomm.com<mailto:llundbla@qti.qualcomm.com>>; Jim Schaad <ietf@augustcellars.com<mailto:ietf@augustcellars.com>>; cose@ietf.org<mailto:cose@ietf.org>
Subject: Re: [COSE] Carrying certificate chains in COSE signed messages
It might absolutely feel strange to have certificate chains in COSE since that would become the larger part of the message.
However I think Laurence has a point in the fact that It is more convenient to use CBOR then ASN1 even if you formally have the bandwidth and capacity to process ASN1.
Then there is the connection to existing trust infrastructure many organizations have well functioning PKIs setups and wants to use them.
Are you saying that we should only use COSE when building completely new systems with no interaction with existing infrastructure?
I think it would be good for adoption if we could support this use-case.
I could also imagine CAs adopting new certificate formats based on CBOR and COSE in the future and if that happens a transition would be much easier if they had the option to start using COSE today.
If this is a big no-no I guess JOSE would be the option.
//Samuel
On Fri, Nov 4, 2016 at 5:36 PM, Derek Atkins <derek@ihtfp.com<mailto:derek@ihtfp.com>> wrote:
Hi,
"Lundblade, Laurence" <llundbla@qti.qualcomm.com<mailto:llundbla@qti.qualcomm.com>> writes:
> 1) A CBOR/COSE implementation is much cleaner and nicer than a
> ASN.1/CMS implementation. It is less work to implement, easier to
> maintain, test and so on.
Yes... This is part of my point.
> Also it’s not just about the data size.
> Would guess that the code size difference between implementations of
> CBOR/COSE and ASN.1/CMS is larger than a cert. Also you can add the
> X.509 cert to the protocol messages outside the constrained
> environment.
Sure, it's not just about data size, it's also about code size. But if
you're using COSE then presumably size matters.
> Personally, I was hoping CBOR/COSE would replace ASN.1/CMS in the very
> long term. :-)
Why wait?
> 2) Same question as before. If not cert chains, then what? Pretty
> sure the 3-party trust introduction with a well-known root cert is a
> fundamental model that COSE should support.
There is nothing wrong with cert chains per-se, but I would argue X.509
is the wrong solution for COSE.
> LL
-derek
>
>
> On Nov 4, 2016, at 7:23 AM, Derek Atkins <derek@ihtfp.com<mailto:derek@ihtfp.com>> wrote:
>
>> If your environment is so constrained that you want to use COSE, why
>> would you decide on X.509 as your certificate format?? Your cert chain
>> would likely be larger than your data payload!!
>>
>> -derek
>>
>> "Lundblade, Laurence" <llundbla@qti.qualcomm.com<mailto:llundbla@qti.qualcomm.com>> writes:
>>
>>> Yes, have a use case where I *think* I need to carry cert chains with
>>> a signed message. I want to sign something in one place and I want
>>> someone far away to be able to verify it based on a trusted a root
>>> key. Compatibility with extant and various cert management SW and
>>> services is also desirable.
>>>
>>> If not cert chains, then what?
>>>
>>> LL
>>>
>>>
>>> ________________________________________
>>> From: Jim Schaad <ietf@augustcellars.com<mailto:ietf@augustcellars.com>>
>>> Sent: Thursday, November 3, 2016 1:15 PM
>>> To: Lundblade, Laurence; cose@ietf.org<mailto:cose@ietf.org>
>>> Subject: RE: [COSE] Carrying certificate chains in COSE signed messages
>>>
>>> Do you have a use case where you are planning to use COSE and need to carry
>>> cert chains or is this just speculative?
>>>
>>> Jim
>>>
>>>
>>>> -----Original Message-----
>>>> From: COSE [mailto:cose-bounces@ietf.org<mailto:cose-bounces@ietf.org>] On Behalf Of Lundblade, Laurence
>>>> Sent: Thursday, November 03, 2016 12:40 PM
>>>> To: cose@ietf.org<mailto:cose@ietf.org>
>>>> Subject: [COSE] Carrying certificate chains in COSE signed messages
>>>>
>>>> For many use cases it is a requirement that a signed message carry leaf
>>> and
>>>> intermediate (X.509) certs that would be used to verify against a trusted
>>> root.
>>>>
>>>> It seems like the way to do this is with a COSE_Key, but there aren't any
>>>> examples or details. Is this right?
>>>>
>>>> Thx
>>>>
>>>> LL
>>>>
--
Derek Atkins 617-623-3745<tel:617-623-3745>
derek@ihtfp.com<mailto:derek@ihtfp.com> www.ihtfp.com<http://www.ihtfp.com/>
Computer and Internet Security Consultant
_______________________________________________
COSE mailing list
COSE@ietf.org<mailto:COSE@ietf.org>
https://www.ietf.org/mailman/listinfo/cose
- [COSE] Carrying certificate chains in COSE signed… Lundblade, Laurence
- Re: [COSE] Carrying certificate chains in COSE si… Jim Schaad
- Re: [COSE] Carrying certificate chains in COSE si… Lundblade, Laurence
- Re: [COSE] Carrying certificate chains in COSE si… Derek Atkins
- Re: [COSE] Carrying certificate chains in COSE si… Lundblade, Laurence
- Re: [COSE] Carrying certificate chains in COSE si… Derek Atkins
- Re: [COSE] Carrying certificate chains in COSE si… Samuel Erdtman
- Re: [COSE] Carrying certificate chains in COSE si… Jim Schaad
- Re: [COSE] Carrying certificate chains in COSE si… Samuel Erdtman
- Re: [COSE] Carrying certificate chains in COSE si… Lundblade, Laurence
- Re: [COSE] Carrying certificate chains in COSE si… Göran Selander
- Re: [COSE] Carrying certificate chains in COSE si… Jim Schaad
- Re: [COSE] Carrying certificate chains in COSE si… Lundblade, Laurence