WG Action: Formed CBOR Object Signing and Encryption (cose)
The IESG <iesg-secretary@ietf.org> Wed, 03 June 2015 17:37 UTC
Return-Path: <iesg-secretary@ietf.org>
X-Original-To: ietf-announce@ietfa.amsl.com
Delivered-To: ietf-announce@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0C2331A8A3A; Wed, 3 Jun 2015 10:37:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -101.9
X-Spam-Level:
X-Spam-Status: No, score=-101.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, USER_IN_WHITELIST=-100] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0u1ty-H1lqos; Wed, 3 Jun 2015 10:36:59 -0700 (PDT)
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 9A2301A9073; Wed, 3 Jun 2015 10:36:58 -0700 (PDT)
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Subject: WG Action: Formed CBOR Object Signing and Encryption (cose)
X-Test-IDTracker: no
X-IETF-IDTracker: 6.0.3.p2
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <20150603173658.17642.80056.idtracker@ietfa.amsl.com>
Date: Wed, 03 Jun 2015 10:36:58 -0700
Archived-At: <http://mailarchive.ietf.org/arch/msg/ietf-announce/Ax-XIc8WTlEGeHsNdg_eAvtajTs>
Cc: cose WG <cose@ietf.org>
X-BeenThere: ietf-announce@ietf.org
X-Mailman-Version: 2.1.15
Reply-To: ietf@ietf.org
List-Id: "IETF announcement list. No discussions." <ietf-announce.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf-announce/>
List-Post: <mailto:ietf-announce@ietf.org>
List-Help: <mailto:ietf-announce-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 03 Jun 2015 17:37:01 -0000
A new IETF working group has been formed in the Security Area. For additional information please contact the Area Directors or the WG Chairs. CBOR Object Signing and Encryption (cose) ------------------------------------------------ Current Status: Proposed WG Chairs: Justin Richer <jricher@mit.edu> Kepeng Li <kepeng.lkp@alibaba-inc.com> Assigned Area Director: Kathleen Moriarty <Kathleen.Moriarty.ietf@gmail.com> Mailing list Address: cose@ietf.org To Subscribe: https://www.ietf.org/mailman/listinfo/cose Archive: http://www.ietf.org/mail-archive/web/cose/ Charter: Concise Binary Object Representation (CBOR, RFC 7049) is a concise binary format for the serialization of data structured to an extended version of the JSON data model. COSE seeks to create CBOR-based object signing and encryption formats. One motivation for COSE was to reuse functionality from the JOSE working group using the CBOR data representation as it is more amenable to constrained nodes and constrained node networks (RFC 7228). The JOSE working group recently completed producing representations for cryptographic keys, message authentication (MACs), encryption, and digital signatures, using JSON representation. The resulting formats will not be cryptographically convertible from or to JOSE formats. This lack of a need for bit-for-bit compatibility will enable some simplification in the adaptation process. Criteria that should be considered in the decision making process, changing from JSON to CBOR encoding include: o Maintain the current JOSE paradigms and formatting where feasible. o Minimize message size, code size, and computational complexity to suit constrained environments, where this is expected to be used. o Improve security o Provide new functionality for additional use cases that were not required for JOSE. Key management and binding of keys to identities are out of scope for the working group. The COSE WG will not innovate in terms of cryptography. The specification of algorithms in COSE is limited to those in RFCs or active IETF WG documents. The working group will coordinate its progress with the ACE, DICE and CORE working groups to ensure that we are fulfilling the needs of these constituencies to the extent relevant to their work. Other groups may be added to this list as the set of use cases is expanded. The WG will have two deliverables: 1. A standards-track specification covering the same cryptographic formats from JOSE, with optimizations for constrained device processing, expressed in CBOR; 2. Registration for algorithms (such as AES-CCM-8) that are appropriate for constrained environments. The Working Group will use a wiki to track desired use cases for its work, but does not intend to publish this as an RFC. Milestones: Jun 2015 - Submit COSE specification as a WG item Jun 2015 - Submit COSE constrained-appropriate algorithms as a WG item Jan 2016 - Submit COSE specification to the IESG, for publication as a Proposed Standard Jan 2016 - Submit COSE constrained-appropriate algorithms to the IESG, for publication as a Proposed Standard