IETF Logo Mail Archive

[Lake] Open source implementation of CBOR Encoded X.509 Certificates (C509 Certificates)

John Mattsson <john.mattsson@ericsson.com> Tue, 25 May 2021 16:26 UTC

Return-Path: <john.mattsson@ericsson.com>
X-Original-To: lake@ietfa.amsl.com
Delivered-To: lake@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8C79E3A13F1; Tue, 25 May 2021 09:26:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.798
X-Spam-Level:
X-Spam-Status: No, score=-2.798 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.698, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uLcOAbDemE6h; Tue, 25 May 2021 09:26:27 -0700 (PDT)
Received: from EUR01-DB5-obe.outbound.protection.outlook.com (mail-eopbgr150072.outbound.protection.outlook.com [40.107.15.72]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2D3143A13EF; Tue, 25 May 2021 09:26:27 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=V2KD4oZayGbNHYctvk0XsAVqdYSJJOW5kYiGnKJjcbKf3RWhsdPwHU72xDVXTuCap6EGRy4SCvNdgios1Q7/xhtc2G2bNFb4J4OGiXR8SP72kH9UurFfb8Ee6Ng7j5mmXQlq3QZe+3gBiwBKYUDZoKpJuPU5dX+g4u9+9QWxERq2QkNHpat3vjb+hMAfEYwK/Bcp2JaEpwsbkm0V+jB0bnDPVpAYsKOfhv52mz9W87oet7CsNDS8KVSd5lqgRm4mhAUjVcre17lTguC3jepUwEB6bvdHhGeuNiQCDnN+0uFmKx53cFSESvF0aUa6WOknHNe7i6KDynZbTAlpTd9WUA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=B39Q1DKqjdRlG0uANTFauz/LsM/cLVnDYPPybyk72t4=; b=RdLbOKdaedXD51J8PIFGInTWvCSDnpNWpGS51Q9GipE1WnUwRGux2y8qXLLYVJ8Sikrh3qpNxLEy1h04f7pe2YZKxvlkYshyEiFG1TSUAO5s0MKbAtTBz0dd74LPU8d7D7ZpzEsJptZUX/mDbnurOlyX1JHrzXaAYLs1KU93LWXYaHaViGS7zAzlsnxr1E5IIEXKHZei+4BytRuH+fjJzlkx/n1Cw3GwHAOT33eQNCouvF7RFRBWVCMdBAVPk5dYIJEqX5oPnoyMXEEa4x9WhFAWMTk3BJnaDKwmE4b7UEAhag/WfSCtdXaESDvY6M3f3DfeldyepCgcXrgGj3ts7A==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ericsson.com; dmarc=pass action=none header.from=ericsson.com; dkim=pass header.d=ericsson.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=B39Q1DKqjdRlG0uANTFauz/LsM/cLVnDYPPybyk72t4=; b=UFdpf2xQsT2CcrIPxElcgVov2tGg9+LDzPIXP7V8e5RD2ke03YYGI3/qK3b2NRGUjoToMbbqFnpDoOgKu2ZTKqMxTlxqOPJPH2aKaAP28yS2BylkSNGkPPRdW961ohfpCYweNMUkETltrdo6BC0l53SdfOnqpzB+x0O/5QeVV0I=
Received: from HE1PR0701MB3050.eurprd07.prod.outlook.com (2603:10a6:3:4b::8) by HE1PR0701MB2092.eurprd07.prod.outlook.com (2603:10a6:3:20::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4173.13; Tue, 25 May 2021 16:26:24 +0000
Received: from HE1PR0701MB3050.eurprd07.prod.outlook.com ([fe80::b071:a4a:817d:2d3]) by HE1PR0701MB3050.eurprd07.prod.outlook.com ([fe80::b071:a4a:817d:2d3%11]) with mapi id 15.20.4173.020; Tue, 25 May 2021 16:26:24 +0000
From: John Mattsson <john.mattsson@ericsson.com>
To: "core@ietf.org" <core@ietf.org>, "TLS@ietf.org" <TLS@ietf.org>, "lake@ietf.org" <lake@ietf.org>, "uta@ietf.org" <uta@ietf.org>, "spasm@ietf.org" <spasm@ietf.org>
Thread-Topic: Open source implementation of CBOR Encoded X.509 Certificates (C509 Certificates)
Thread-Index: AQHXUYGE5UKBeIolhE6yCsbfZoKwmA==
Date: Tue, 25 May 2021 16:26:24 +0000
Message-ID: <HE1PR0701MB3050A74FF321033B5EBBDDAE89259@HE1PR0701MB3050.eurprd07.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=none action=none header.from=ericsson.com;
x-originating-ip: [81.225.97.222]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 30a57282-f4ad-4b7b-56bd-08d91f99d70d
x-ms-traffictypediagnostic: HE1PR0701MB2092:
x-microsoft-antispam-prvs: <HE1PR0701MB20922FBCC3BCFBF9E43640BD89259@HE1PR0701MB2092.eurprd07.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:8882;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: JjM0lPoguN7bkkrC+G0PoIkTPX73Tkq7xlIkbdVCpIS3vLbWbrHdKAgncoD5yPZ9ZPXJikdTkPGEoDROPaSL+vOfECHR3rrV7Y8zeNZRD7IKhiRwPImeDFr8RApeojxsnsmLjbQ9Ry45N4WsGpzzHKHJ2E7LadaAvayzZcewVXJy8CJ7BnDkw0gk8vLgLkZQEW7dfWDPa7uBVXF4AK8n6GKgHrTcGD3kjWaDcjwO7CKTRj1zB3k56N3LtKucpd5VMnnA1oD6QDE6K1TiTa+TDHKb+tERcu5RbY0lvJueBzBe97IS5ct+bBAjWKoYvXUc8AX1tx3L4wVWS4SCWvxVMZjZ+kIyID8PqBr3N+SmswOYhcAlyejpiTkLQFMYN20e6XI0czKYTED87anRX0l4aX3uM6wrq7o7Ac61D3Zydyy1v+bQWv/GyPmkuFG4W0pKIER5okBwQRpCR9jjeqRvCqc8dHaskCzT7i7HiEUr1pgiRbKWCrGE+SRGF7VvzzGGp+Se16AWjqbKNTllLA9/sYZWxNOxo4uR3d3oXvukgXOHbr2jMvtb65eKBfNbdGlTgzECB2aq2cC7VbxE+d0vLoSuODH9d6Z9hmZsUv3zUZPnGc2sj62qlFJa6aVmVLN6sye8nBblFt8jIDKqNfKj8EGWSXtdtfV0xZrY+mByxoJpDDlGMFzf4KAP3pzUVvIe/RjUQWH4H2Fi7pO815eSMA==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:HE1PR0701MB3050.eurprd07.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(366004)(346002)(136003)(376002)(39860400002)(396003)(316002)(55016002)(9686003)(52536014)(110136005)(33656002)(122000001)(38100700002)(966005)(66476007)(6506007)(8676002)(66946007)(66556008)(64756008)(2906002)(76116006)(66446008)(7696005)(71200400001)(86362001)(26005)(450100002)(478600001)(186003)(8936002)(44832011)(83380400001)(5660300002); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata: fnqq0NvaJWq+Jp4HlQ+Mq7LIParj8PQqeKMgQdaY1jxl+caSktaNN0VU/tEeYnUlLYYLm1ZV+juDnw7iO6DrX8t59an7ZJ3OBshdpO7JFiyV8zUS38FLsVYUvWKqycjxD3HdjMYB9i+BW/tsPu4CYTnzPTcckhHSdQllX3PIvLOYO0hFBcJ6E23XeuyeDj+LwteEEISurvtRxzV6RADan1sop9VqOTLknKX9PtnESuShtQ/xWr2Ph7yhAqmAm9/43955QnrL2+/RrvV47VEhwF3cUrd6JoDvbPxWYPakr7KJBD89rfKzlTkBxl0wyb5E+QhDrPuXdi8Uq/f0hCUaeoohosgMFHbCX2zeuEf8aeSVAcFZNbGudXMPsoY6O3UIiJVxeoa1hNsukiOeFyLgOpdCr+NEp4s0gKjKTtTzBJHrPq2RZG9Nk6svsJRdjLcQDwfzGaR10EXQM+TZ0D98hP+XXYItMItCzbiVczBSiV1fFx+WizaBlqVCu9JbnPLJ3fgrm48qPHhTAOaB1oIKv8W7gNKvs3NHuC5hnapWwHuR+ozPGpRl2A/RMAvV/Xnxsfn1+ZzXZE6b3YpsJTl9pCxFJk4yDePwAgJRIzBIm3HuxjgonSsZSXWCE00OC76cUw9ovrQX9ThdZwgcb8W0YD1JBG3ULyQM+FoDrJ2t2leUe2psNeB+eSPMUqwk0AO9Kw/8HzyoH4t2FJRo6uK/G0qrbaohFlMDvMZYLSHEB5Ae8Ig5R3l1YZhN/SdCzv4GRNgzC/IDwsYmkgZJH+qjKHbF6cYM4NwIWLzlp8Rcqlofj2YDkM3quRQCb+xoNPcwsqEIdaVkdMh9Z63N4PksBB2vCRzijJtFCqeAJALh97tkP3RT0MMClRzJT6ApJ5hY+3IDYtfE46mLwO1MiMILp9AWULnLHdZhfZ/v+iPcyiosAq0jrdpRZVkzPOYo6wkHbTYRXp/9kdz4/2QXaPY6MzUXHDZ18UQceHnRCSuy+setR73dG4LSDpOZLKDaNQnuxdCDRso7fzgi5mc5L283Yq+XQiXenD3ugPSF1041p9EswkoOcmXFb1xfy2ArPkh9w8Dr2xBhs9cyxjdM3JDWIY9OvwsZm76xwoNrmcCayCbZmB3LYfZkEgMo3sYz2kkGTQFNRRFKyMmpta4dIMA9zdbwCMP4/HL2wERBLdZK4kyS4VJqv4bXJtSmndFf+rAVCSBvbOs+3EKacOPL1qFuOimYQos1GUG9DJHxFqeFk8XgGQW8h5Q6hW7Mp4vM96qXVPrufIV0mIA5czJ77VRP+Sch4j1axAgtEA2KtG4okKXEoY0RAuIe/df3i6yXuRMbzlazH7GdSSZpOKNSxrXDjQ==
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_HE1PR0701MB3050A74FF321033B5EBBDDAE89259HE1PR0701MB3050_"
MIME-Version: 1.0
X-OriginatorOrg: ericsson.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: HE1PR0701MB3050.eurprd07.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 30a57282-f4ad-4b7b-56bd-08d91f99d70d
X-MS-Exchange-CrossTenant-originalarrivaltime: 25 May 2021 16:26:24.7209 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: mANa+g+G7T4XX0fYMleHW388FK0newfLJUb6lBVbXt/faOJlwfl8o/+sGR8DkSDzfx1cTCYFRRA2C0hAUVAzdpQHVuaEVqZKKy9ClQy6lP0=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: HE1PR0701MB2092
Archived-At: <https://mailarchive.ietf.org/arch/msg/lake/R1-TjRwats_An6NwBUvca7odFQY>
Subject: [Lake] Open source implementation of CBOR Encoded X.509 Certificates (C509 Certificates)
X-BeenThere: lake@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Lightweight Authenticated Key Exchange <lake.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/lake>, <mailto:lake-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/lake/>
List-Post: <mailto:lake@ietf.org>
List-Help: <mailto:lake-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/lake>, <mailto:lake-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 25 May 2021 16:26:33 -0000

Hi,

There has been a lot requests from people in different working groups for souce code to try out C509 certificates. I just released my example implementation of a DER X509 to CBOR C509 encoder written in Rust.

CBOR encoded X509 (RFC 5280) is one of the main future work item for the COSE WG. C509 is specified as a CBOR encoding of the DER TBSCertificate sequence, which is then combined with a signature over the DER or CBOR encoding. C509 can be used as a compression mechanism complementing RFC 8879, or as a "natively signed" CBOR certificatice encoding still following RFC 5280.

The Rust implementation supports reading a certificate from file or downloading a certificate chain from a HTTPS server. The certificate chain is encoded to COSE_X509, COSE_C509, as well as TLS Certificate and CompressedCertificate messages with X509 and C509. Size comparisions can be found in the draft.

The Rust implementation can be found here:
https://github.com/cose-wg/CBOR-certificates/tree/master/c509

The latest version of the draft:
https://datatracker.ietf.org/doc/draft-ietf-cose-cbor-encoded-cert/

Please send comments and suggestions to core@ietf.org only, which is where discussion should take place.

Cheers,
John

v2.23.0 | Report a Bug | By Email