Re: [Suit] Packed CBOR
Jim Schaad <ietf@augustcellars.com> Thu, 30 July 2020 17:51 UTC
Return-Path: <ietf@augustcellars.com>
X-Original-To: suit@ietfa.amsl.com
Delivered-To: suit@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 044473A0BD4 for <suit@ietfa.amsl.com>; Thu, 30 Jul 2020 10:51:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id v3wUsLs-wZnL for <suit@ietfa.amsl.com>; Thu, 30 Jul 2020 10:51:33 -0700 (PDT)
Received: from mail2.augustcellars.com (augustcellars.com [50.45.239.150]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9613F3A044A for <suit@ietf.org>; Thu, 30 Jul 2020 10:51:32 -0700 (PDT)
Received: from Jude (73.180.8.170) by mail2.augustcellars.com (192.168.0.56) with Microsoft SMTP Server (TLS) id 15.0.1395.4; Thu, 30 Jul 2020 10:51:26 -0700
From: Jim Schaad <ietf@augustcellars.com>
To: 'Brendan Moran' <Brendan.Moran@arm.com>, 'Russ Housley' <housley@vigilsec.com>
CC: 'suit' <suit@ietf.org>
References: <7C066E44-8C55-4229-993A-28FD0572992B@arm.com> <7A2CA643-5784-428A-8771-08BAC9CA7D0E@vigilsec.com> <8F44F248-5181-487F-85BF-A1DCB5037428@arm.com>
In-Reply-To: <8F44F248-5181-487F-85BF-A1DCB5037428@arm.com>
Date: Thu, 30 Jul 2020 10:51:25 -0700
Message-ID: <03b101d6669a$0d2c1d80$27845880$@augustcellars.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
X-Mailer: Microsoft Outlook 16.0
Content-Language: en-us
Thread-Index: AQJbZSkIedDi4IWS0ULilo/ytCnCHQDv0vFyAiRcnFen/cSK8A==
X-Originating-IP: [73.180.8.170]
Archived-At: <https://mailarchive.ietf.org/arch/msg/suit/zNWyB-xwaGO7lf-Jw_Jm1iQ1PlQ>
Subject: Re: [Suit] Packed CBOR
X-BeenThere: suit@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Software Updates for Internet of Things <suit.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/suit>, <mailto:suit-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/suit/>
List-Post: <mailto:suit@ietf.org>
List-Help: <mailto:suit-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/suit>, <mailto:suit-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 30 Jul 2020 17:51:35 -0000
Two things: 1. The CBOR working group has agreed to discuss the packed CBOR, but it has not yet been adopted and would, at a minimum still need to go through an adoption call. 2. I cannot answer about all CBOR implementations, but I would expect that the ones that I regularly work with are very likely to adopt it. There are some ideas around things like dictionaries which have not been thought through with any degree of completeness. My personal expectation is that 18 months would be an earliest possible date but others may disagree with that. Jim -----Original Message----- From: Suit <suit-bounces@ietf.org> On Behalf Of Brendan Moran Sent: Thursday, July 30, 2020 9:23 AM To: Russ Housley <housley@vigilsec.com> Cc: suit <suit@ietf.org> Subject: Re: [Suit] Packed CBOR Hi Russ, I really don’t know. I’m not sure if Carsten would have input on that point yet. Of course, if we adopt it, it will force me to support it in my pull parser! Brendan > On 30 Jul 2020, at 17:02, Russ Housley <housley@vigilsec.com> wrote: > > Brendan: > > Perhaps it is too early to say, but is this CBOR-based dictionary compression scheme likely to be widely supported in CBOR libraries? To me, the answer to that question weighs heavily on the preferred way forward. > > Russ > >> On Jul 30, 2020, at 11:46 AM, Brendan Moran <Brendan.Moran@arm.com> wrote: >> >> On Monday, Carsten presented Packed CBOR (draft-bormann-cbor-packed-00) at the CBOR working group, which adopted it. This is an extension to the CBOR standard (RFC7049) that enables “packing” of CBOR objects using a CBOR-based dictionary compression scheme. >> >> If this had been in draft 18 months ago, the SUIT manifest would have used it instead of the “common” block. The common block is a de-facto packing mechanism that would be largely supplanted by packed CBOR. It simplifies many of the schemes that SUIT already uses and makes the manifest more compact besides. >> >> If we were to adopt it now, this would cause two substantial changes in SUIT: >> >> 1. Removing several existing SUIT deduplication mechanisms. >> 2. Placing a dependency on draft-ietf-cbor-packed-00. >> >> Both of these would delay SUIT. >> >> It would have benefits: >> >> 1. Simplify the manifest structure (complexity moved to packed cbor) >> 2. Make the manifest smaller >> >> >> I see several options ahead of us: >> 1. Make no change, apply packed CBOR as and when it makes sense. >> 2. Make no change now, but plan for a v2 SUIT manifest draft 3. Adopt >> packed CBOR & simplify manifest now. >> >> Option 1 is somewhat problematic in that it splits the ecosystem we’re trying to create. Option 2 does the same, but provides more benefits. 2 is arguably more detectable, since it’s easier to report manifest v2 support, than to report support for a specific CBOR tag within the SUIT Manifest Processor. >> >> Option 3 delays SUIT both for updates to SUIT itself, and for the dependency on draft-ietf-cbor-packed-00. >> >> If it weren’t for the delays, I’d go for Option 3. With the delays, I’m not sure what the right answer is. 1 & 2 fracture the ecosystem of updatable devices into “haves” and “have nots.” >> >> I plan to discuss this tomorrow at the SUIT meeting. >> >> >> Best Regards, >> Brendan >> IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you. >> _______________________________________________ >> Suit mailing list >> Suit@ietf.org >> https://www.ietf.org/mailman/listinfo/suit > IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you. _______________________________________________ Suit mailing list Suit@ietf.org https://www.ietf.org/mailman/listinfo/suit
- [Suit] Packed CBOR Brendan Moran
- Re: [Suit] Packed CBOR Russ Housley
- Re: [Suit] Packed CBOR Brendan Moran
- Re: [Suit] Packed CBOR Jim Schaad
- Re: [Suit] Packed CBOR Carsten Bormann
- Re: [Suit] Packed CBOR Michael Richardson
- Re: [Suit] Packed CBOR Brendan Moran
- Re: [Suit] Packed CBOR Carsten Bormann