[COSE] π Call for Consensus: CounterSignature Discussion π
"Matthew A. Miller" <linuxwolf+ietf@outer-planes.net> Tue, 04 August 2020 15:29 UTC
Return-Path: <linuxwolf+ietf@outer-planes.net>
X-Original-To: cose@ietfa.amsl.com
Delivered-To: cose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1])
by ietfa.amsl.com (Postfix) with ESMTP id B6E693A0A39
for <cose@ietfa.amsl.com>; Tue, 4 Aug 2020 08:29:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5
tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1,
SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001]
autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key)
header.d=outer-planes-net.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44])
by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id qUOe4EYI6BQm for <cose@ietfa.amsl.com>;
Tue, 4 Aug 2020 08:29:01 -0700 (PDT)
Received: from mail-oi1-x234.google.com (mail-oi1-x234.google.com
[IPv6:2607:f8b0:4864:20::234])
(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
(No client certificate requested)
by ietfa.amsl.com (Postfix) with ESMTPS id EF5D63A0A4E
for <cose@ietf.org>; Tue, 4 Aug 2020 08:29:00 -0700 (PDT)
Received: by mail-oi1-x234.google.com with SMTP id v13so20050112oiv.13
for <cose@ietf.org>; Tue, 04 Aug 2020 08:29:00 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=outer-planes-net.20150623.gappssmtp.com; s=20150623;
h=from:subject:autocrypt:to:message-id:date:user-agent:mime-version
:content-language:content-transfer-encoding;
bh=FtC2zIoAWyuFO+WZa2aOjw/RMwtRRZ11us2YddsLN3g=;
b=xav/XD2TZzhyEDgUKBUQrl5BBfMJhQwstDKUqRY3Ccuafhh72+yOQyXjQ7b+wQijfn
zO4gGJaXqt/Kd30QankdibSIcgm6MKCI/B6MhJwfq/bvU2PZMTI4Dpn11irqbQWLdf1I
CoHSEnI/8W1+NPK3CnUQnkqeLgAqoutzntlS718FEDukVG2xocBdCs6cg/EiFQL2cAfA
+lBQTKSiqnRuziKOZpAQcs7dz9hrUaad8SL9fNQMMapNf/W0weC/jIFW5f+F0oWFnW72
f/EfDic+twpl1S+AMyqhhzzdz+EpnDm12LSF038sU4MNkxyb3ENcVSXw7RwJ+8lXW5qE
AZOw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20161025;
h=x-gm-message-state:from:subject:autocrypt:to:message-id:date
:user-agent:mime-version:content-language:content-transfer-encoding;
bh=FtC2zIoAWyuFO+WZa2aOjw/RMwtRRZ11us2YddsLN3g=;
b=TMJsEK9V2k+0Ti7lsWZ7QMbCONyXkhtehmxlmQUALLL5jYubTZEEUj47Lft8WyBBXa
cBRWa2lBtiqzXlDnrMZAZHAu8KOimIWxLN3v6UZVA2JV0nHjTddb22reFkfefMGPhlJ5
8cM3ispvAcfZi4ZfbhP+sd8xpWkC1/U4N2M8QmMWpB4LNYSqmxDERjAmfZA5XvU5LDKH
jMGnVFEqQ4Kc525mxrbfjRQLTT9KV54OpChOeI17/v/LZOnF5u575fYyA68F+J2ya/Mo
qIDEKp/JtONz+NGY0hO2Fh1+HSO1QFs2Te/fYLre4bx6i3eSX/kaM0iYG4BhwOxbPWGe
Izkw==
X-Gm-Message-State: AOAM531SlCVTt6D47wn6qBf0TWI1ZjX8LQLZGYln8LlhZfJ40y/PiRAz
b5nb+RyWmf0RxZDgrtObVfFArpm5yas=
X-Google-Smtp-Source: ABdhPJwAmPKgY4I/JhGsWd8udrEqDoo1tbBraSiUX/2ecInyaggOnbjvfQNZXSE/5ufM/tcNZme0fA==
X-Received: by 2002:aca:4710:: with SMTP id u16mr3882040oia.158.1596554939597;
Tue, 04 Aug 2020 08:28:59 -0700 (PDT)
Received: from mmiller-44677.local ([2601:280:4f00:14a:e901:14bc:65c4:39e5])
by smtp.gmail.com with ESMTPSA id l23sm2518817oti.18.2020.08.04.08.28.58
for <cose@ietf.org>
(version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128);
Tue, 04 Aug 2020 08:28:58 -0700 (PDT)
From: "Matthew A. Miller" <linuxwolf+ietf@outer-planes.net>
Autocrypt: addr=linuxwolf+ietf@outer-planes.net; prefer-encrypt=mutual;
keydata=
mQENBFJoAooBCADQmEtpbpY/4wTeKgZIuyG7HkxIFgiUeqOvtiBKj/pCA73d7Q5hCvQdGcKJ
6uZsYz3Il9oKoKFxVt90iEXspbE39g6ek19e6RsB4j0Q10l4QvH+EqeD760gs0H2yf/eYj9i
uk9/VY6axdQlPsmid1zoQgCNjSM7X4/K26WGMs03sbXJpKdoonelzIlJSNfzi0q546iplo72
D2cCm9BriMkQvcGnsm4B9eBIBn3GKmVx1tsmPNeNTyun2DvaLnrYxbA0Ivo1DzZReds9NZ25
uROI/+b+lcg9/kmHzhK+q8NMQCFWmqpS/lZRKxVBSijKGpGr5h8VLVf5iURHtwG+B/QxABEB
AAG0M01hdHRoZXcgQS4gTWlsbGVyIDxsaW51eHdvbGYraWV0ZkBvdXRlci1wbGFuZXMubmV0
PokBVAQTAQoAPgIbAwULCQgHAwUVCgkICwUWAgMBAAIeAQIXgBYhBDHXWI3skGkNa8yY4Oz0
ck4QngW7BQJeDg4fBQkVMJSlAAoJEOz0ck4QngW7XCcH/RBVW3Nd0ezXtL9XSn5DHJxRTb5q
6ZVIBQgVIMcH2DVzO/aCs3o1ECONHAazVGQ9b6cwHCtPWJpM0ENGx7DERa/Ay4vDeKXc1TEX
VuukdGrX2zWOaFHDT/oU1SEg0C+f3JGnaTwYQ7i2KXkFuYNmqROkB+Z0PDaLu4biCYdjhkIm
Yu3frzySHhEX2VVMcJA6lcqdBTE3j2+ywQ7icpiWUcvLuhCeuFER1JjTRchcXwtuiOAKPQCZ
BM9B70Q73hiKKK4ylNjhLFKGomkWDqsQ6sAENn6YkWyBuXNr5Y66uFxFS0VY938o/ZoXw4tb
qUIdBzMnHkHxxiNUUBb6dPkaEGO5AQ0EUmgCigEIAMD+u4fBiVDul2Mljq3CRlwyZ52RA0vq
vm00F5CTBWu+K1SMdMoqKmPEHaQSRRmjE+AwjWHv96cOtWUwwyqrpEgnzof7LHXfM0hk0GUl
+ZUeAePtNPyylroD+ohxx2IhE2wVW+W8XGkfyxONVsd89h7Ft05HmQellZPNjE3JUtcwrmN6
fQHgr6+NuAUkC+ygt/MtnkHPeRvp2m7FQ3OqEPKGTn9Q9oIgW9lYG2JEqaSo/ASrwbZowmrl
nhKvwJGSmgwHbmvEI9LxH4HKIfGmr5TyYq6o9WDUsnNwDuEeaazxoE3qXFKVvIqfMSDwBaCV
37r7GUle7lT9+oMAKVOPmZ8AEQEAAYkBPAQYAQoAJgIbDBYhBDHXWI3skGkNa8yY4Oz0ck4Q
ngW7BQJeM+W5BQkPjlg/AAoJEOz0ck4QngW7a+IIANBU7R3t17LKflQo3nSUoqMBLkjxo9/e
yzKAb3u0Fjb5md+9ESrFb03w1ZUkKLh/b6leTFq50IJbfxgDlVgkTn/j0XPOmIHpfDtVYPnA
/rI5sqMzjb3qFOPFZFX9Til360uv9Zc5mlkJcM57X4aLRl7wSGRXPqh7v356s+JlvLF8rBtZ
7LU5SrCWeoWZu/7NvqW+UNEOOP2xAlOId4BeYWflkpzNcSPkhAkD2Xvw/GmyOm24Im7Ef2O5
scQhEO/dG+3jU4QnSGFtLXHndHpNM20vD6T+uWUpyp5g27KrIHApWq9M3o6KR68pTOLJrMxc
th8xmHLOpuWVAKEABNQRDfE=
To: cose <cose@ietf.org>
Message-ID: <186022c9-6586-fd48-0c08-ba2535724018@outer-planes.net>
Date: Tue, 4 Aug 2020 09:28:55 -0600
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:68.0)
Gecko/20100101 Thunderbird/68.11.0
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/cose/wNvQP3icGYMShhkOO4VwiJB6634>
Subject: [COSE] =?utf-8?q?=F0=9F=9B=8E_Call_for_Consensus=3A_CounterSigna?=
=?utf-8?q?ture_Discussion_=F0=9F=9B=8E?=
X-BeenThere: cose@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: CBOR Object Signing and Encryption <cose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/cose>,
<mailto:cose-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cose/>
List-Post: <mailto:cose@ietf.org>
List-Help: <mailto:cose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/cose>,
<mailto:cose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 04 Aug 2020 15:29:03 -0000
This message is to confirm consensus to deprecate the current CounterSignature feature and replace it with one that best accounts for all COSE message types. At the synchronous WG meeting on July 29, the issue with countersignatures was heavily discussed. In summary, the currently-defined CounterSignature mechanism is not processed with the cryptographic content for certain COSE message types. The consensus from the meeting is to mark the current CounterSignature process and structure deprecated in rfc8152bis and define a new one that properly accounts for the cryptographic. Further consensus leaned toward an aggressive approach, incorporating all bstr elements in the target structure when computing the signature. To complete the new CounterSignature method, the sense in the meeting is to have a series of virtual interims. The details of the new method and where it fits as working group items is still to be determined. Jim Schaad posted a starting proposal for a method[1], and an initial discussion on how to approach this as a working group item[2]. Given the participation in the meeting is very close to the participation on the list, we are only seeking objections. If you have objections, please inform the list and why you object. A following message will propose times for interims, ideally starting this month (August). Thank you, - Ivaylo and Matthew COSE WG Chairs -- [1]: < https://mailarchive.ietf.org/arch/msg/cose/6-vyoetZboIdrwwEYoYlj9QY_3Q/ > [2]: < https://mailarchive.ietf.org/arch/msg/cose/8Mxcnsq9sm_pXQAm-2bexKxpaMU/ >
- [COSE] π Call for Consensus: CounterSignature Disβ¦ Matthew A. Miller