Re: [jose] [EXT] Re: [COSE] Multiple Suffixes with JOSE and COSE media types
Orie Steele <orie@transmute.industries> Thu, 20 July 2023 23:41 UTC
Return-Path: <orie@transmute.industries>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 31EE9C14F74E for <jose@ietfa.amsl.com>; Thu, 20 Jul 2023 16:41:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.096
X-Spam-Level:
X-Spam-Status: No, score=-2.096 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=transmute.industries
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5oewX0psdFxf for <jose@ietfa.amsl.com>; Thu, 20 Jul 2023 16:41:46 -0700 (PDT)
Received: from mail-ed1-x535.google.com (mail-ed1-x535.google.com [IPv6:2a00:1450:4864:20::535]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CBF2DC14CF1E for <jose@ietf.org>; Thu, 20 Jul 2023 16:41:46 -0700 (PDT)
Received: by mail-ed1-x535.google.com with SMTP id 4fb4d7f45d1cf-5216f44d881so1749695a12.1 for <jose@ietf.org>; Thu, 20 Jul 2023 16:41:46 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=transmute.industries; s=google; t=1689896505; x=1690501305; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=q8/cA96zpT7keXB+cyvIdhbRkF7Q3utFfQUKNArKg7Q=; b=a2NXKna8O4wdQTbjePpmGJPOu8usC02naVg8NBPWqchpjWcxY1y9enbEZsCyg0l4b6 liijZHzlCVxMwqDvJ1U7Vc5F7SPA8yPkSeIvZXa7uV4NJAXJF/GHi1OoJXkIAcXL/PTf tLHpFnKZB4FWrGsyVZwJ7Nb9Wu7aCtK7lVkKUeGK9yZxwTPW6pBp5HPUGSDUZGE3oIgN EfwH2iF8qUPhPFdiS1o5g2Mkt1l2pvtWHVi0BgiQWxtEzUGZXyAeDSB0EpH3yAKNuJzj V3rrIRfWMqlh3KeaNyXNusjcmjBc7SRT2BQf5HipcNCMUr8EwjzT8tyZINCGhH7buQEw HJfA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1689896505; x=1690501305; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=q8/cA96zpT7keXB+cyvIdhbRkF7Q3utFfQUKNArKg7Q=; b=k2wgegOBf9fhige94pVHUJKxyAun2H5uhqoOJyF4ZnkM1rl8epsSjGz06/sT2KmEUi GxCwj8Stg6Yc0sUcvhGnX52hB5kOAvPPsSHSsQQkota47AN37zGEW8naojrcpAjm83X9 mgglddhB2MNKKVEe7EhBm8eT0X6EwRZRLHMc5daLKlaM1YXgvU8oF/WdS1G6Bqqb3T6G Mt26jKSl3mSr2xyu13nLRMjW0nNdt5xHT+CFjj7NnWVZRLvUyuc8HkS76AeDYDA3zL3Q ys0LMkyE9ZhRK/Zbx5wEBCwViF886+AeJHgHWpSG+L2ZcyovkI5ffO3TtYH6WJizDTdV DM6w==
X-Gm-Message-State: ABy/qLbKl5lN5NBJzvxHFaYcY0nBdcGd7eepiyo5Xkn3IKE4sF5rnICb Y6wss8/GbHaALSsCOlY1YTSEwPz26CHcb8PaBjbJXQ==
X-Google-Smtp-Source: APBJJlFg8mGSvTD7QrVv5+CBUrafHAv/YEv66hnv7Qk9vmjgOdUvvqrK4vWF+xrK8Nvs/nl6e080TutBhW2GNMZuR0k=
X-Received: by 2002:aa7:d34e:0:b0:51e:fa7:a292 with SMTP id m14-20020aa7d34e000000b0051e0fa7a292mr236894edr.12.1689896505149; Thu, 20 Jul 2023 16:41:45 -0700 (PDT)
MIME-Version: 1.0
References: <CAN8C-_JWY35sVKWH2Ly85c30_zHJuBLP9kO21MJfSFaMOv4PYQ@mail.gmail.com> <29331.1689803277@localhost> <CAN8C-_+_t-oLwFZf-X9jupwbmG_jMgiN54ToJ4PrG2bvZrUT=w@mail.gmail.com> <2381.1689809580@localhost> <CAN8C-_+baqRFa6vhQQ6mJbdwpQri6kNVOVOVJSyAHbRxpxNhUw@mail.gmail.com> <2228.1689815567@localhost> <CAN8C-_+_5KQPMRa11FTimVM7YD8TH7Mz6NjB1Lg9+iVOvjrDhA@mail.gmail.com> <30436.1689820710@localhost> <CAN8C-_LmdSF9T_UDPbTr1OLvBzd6AbSc_7PqhSVgJSUgJb4H6A@mail.gmail.com> <MN2PR13MB26083B8991A0AD480FCA37A8EE3EA@MN2PR13MB2608.namprd13.prod.outlook.com> <CAMBN2CT9Sps=K1zVQa7B=a_4oxktsmxjv0tWPuycmcs07HvhAA@mail.gmail.com> <CAN8C-_J_8Tinx5sqjN__Wnzz8WaCMvjViaLTjSuKL=wwySuagg@mail.gmail.com> <13376.1689893480@localhost>
In-Reply-To: <13376.1689893480@localhost>
From: Orie Steele <orie@transmute.industries>
Date: Thu, 20 Jul 2023 18:41:32 -0500
Message-ID: <CAN8C-_+KWkzk+fTbVi=1TfGhyuSWu9Go_JOT326ES2++bE+4FA@mail.gmail.com>
To: Michael Richardson <mcr+ietf@sandelman.ca>
Cc: media-types@ietf.org, JOSE WG <jose@ietf.org>, cose <cose@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000e59fa20600f3b0cf"
Archived-At: <https://mailarchive.ietf.org/arch/msg/jose/UkFdSglwaZGiI15YtwGItrutT-8>
Subject: Re: [jose] [EXT] Re: [COSE] Multiple Suffixes with JOSE and COSE media types
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/jose/>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 20 Jul 2023 23:41:51 -0000
Inline: On Thu, Jul 20, 2023, 5:51 PM Michael Richardson <mcr+ietf@sandelman.ca> wrote: > > Orie Steele <orie@transmute.industries> wrote: > > `+jwt` secures `application/json` (already a registered structured > > suffix) > > Yesish... but: > > > `+cwt` secures `application/cbor` ( registration requests exist... > > > https://www.ietf.org/archive/id/draft-ietf-rats-eat-media-type-02.html#section-6.1 > > ) > > > `+cose` secures an envelope that is `application/cbor` and a payload > of > > type `content_type` ( > > https://github.com/anima-wg/constrained-voucher/issues/264 ) > > Here I had a bit of pause. > Eventually I understood/remembered that +cwt isn't secure application/cbor. > Rather, it's securing application/cbor with a payload consisting of claims > from the CWT registry. So while the underlying serialization is CBOR, it's > not securing arbitrary CBOR. > > (And that's why constrained-voucher does not use +cwt, because our claims > come from YANG, not from COSE) > A similar statement applies to +jwt, I think. > There was discussion related to this recently on the COSE list, related to the cwt claims in header draft, and the typ COSE header parameters draft. Summarizing, payload is JSON for jwt, payload is CBOR for cwt. Afaik, all members are optional, but when present certain members have specific meaning. Using +jwt, and +cwt signals you want that meaning. This is relevant to W3C Verifiable Credentials, which... Which uses those meanings. > > `+jose` secures an envelope that is `application/json` and a payload > of > > type `cty` (AFAIK, nobody is planning to register this as of right > > now). > > https://datatracker.ietf.org/doc/draft-ietf-anima-jws-voucher/ maybe. > Thanks for pointing this out. > > You might consider these last 2 special cases of multipart content > > types... when their headers include `content_type` or `cty`. > > I kinda get why you are saying multipart, but I don't really like it that > way. > I want to suggest that there are very few cases of real processing chains > in > my opinion. Except for debuggers. > +gz -type suffixes are the small exception to this. > I agree with this. With the exception of polyglot formats in general... Which invite leveraging processing chains... This was the original reason for the multiple suffixes draft... +ld+json was rejected because there was no defined behavior for processing multiple suffixes... It's probably too late now, but this could easily have been solved by just doing +json-ld instead. A lot of people who have worked with +ld+json would probably agree that while it is json, you spend most of your time looking at the RDF it produces, and cursing about how hard it is to make both the json and the rdf look nice as the same time. > -- > ] Never tell me the odds! | ipv6 mesh > networks [ > ] Michael Richardson, Sandelman Software Works | IoT > architect [ > ] mcr@sandelman.ca http://www.sandelman.ca/ | ruby on > rails [ > > > > -- > Michael Richardson <mcr+IETF@sandelman.ca> . o O ( IPv6 IøT consulting ) > Sandelman Software Works Inc, Ottawa and Worldwide > > > > > _______________________________________________ > jose mailing list > jose@ietf.org > https://www.ietf.org/mailman/listinfo/jose >
- [jose] Multiple Suffixes with JOSE and COSE media… Orie Steele
- Re: [jose] [COSE] Multiple Suffixes with JOSE and… Michael Richardson
- Re: [jose] [COSE] Multiple Suffixes with JOSE and… Orie Steele
- Re: [jose] [COSE] Multiple Suffixes with JOSE and… Michael Richardson
- Re: [jose] [COSE] Multiple Suffixes with JOSE and… Orie Steele
- Re: [jose] [COSE] Multiple Suffixes with JOSE and… Michael Richardson
- Re: [jose] [COSE] Multiple Suffixes with JOSE and… Orie Steele
- Re: [jose] [COSE] Multiple Suffixes with JOSE and… Michael Richardson
- Re: [jose] [COSE] Multiple Suffixes with JOSE and… Orie Steele
- Re: [jose] [EXT] Re: [COSE] Multiple Suffixes wit… Brent Zundel
- Re: [jose] [EXT] Re: [COSE] Multiple Suffixes wit… Manu Sporny
- Re: [jose] [EXT] Re: [COSE] Multiple Suffixes wit… Orie Steele
- Re: [jose] [EXT] Re: [COSE] Multiple Suffixes wit… Michael Richardson
- Re: [jose] [EXT] Re: [COSE] Multiple Suffixes wit… Orie Steele
- Re: [jose] [COSE] [EXT] Re: Multiple Suffixes wit… Brendan Moran
- Re: [jose] [COSE] [EXT] Re: Multiple Suffixes wit… Carsten Bormann
- Re: [jose] [COSE] [EXT] Re: Multiple Suffixes wit… Orie Steele