IETF Logo Mail Archive

[Teep] Fwd: JSON/JOSE vs. CBOR/COSE

Akira Tsukamoto <akira.tsukamoto@gmail.com> Mon, 24 February 2020 13:01 UTC

Return-Path: <akira.tsukamoto@gmail.com>
X-Original-To: teep@ietfa.amsl.com
Delivered-To: teep@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DA0263A0A72 for <teep@ietfa.amsl.com>; Mon, 24 Feb 2020 05:01:18 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.599
X-Spam-Level:
X-Spam-Status: No, score=-1.599 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, PDS_BTC_ID=0.499, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mbbIRsXn4QfB for <teep@ietfa.amsl.com>; Mon, 24 Feb 2020 05:01:16 -0800 (PST)
Received: from mail-wm1-x32c.google.com (mail-wm1-x32c.google.com [IPv6:2a00:1450:4864:20::32c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1DF3D3A0A70 for <teep@ietf.org>; Mon, 24 Feb 2020 05:01:16 -0800 (PST)
Received: by mail-wm1-x32c.google.com with SMTP id a6so9296575wme.2 for <teep@ietf.org>; Mon, 24 Feb 2020 05:01:16 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=aB6po7uEvx5hUbQjuyW+yk19H5QmdHRyckCjehPgYSE=; b=kl/51u76vjSexbNcKdHnHlUh1VgpIDCTQSAvTl7lZIaXY3En5wHaDe3dz0CCVa3pW6 BjiRSm20I6UL7Pwf/krXLrsos7vlbKZ0/cXpxptJs+S2lR8pSci237p8/yVxiv7BE8s+ U/v0etBZVbGxeUe7YaDZrWvqhJ5znL8iV/pNpJK+wymKr91hx6GNYiJwcRyrYXIMcmFf fbt/uBSwY+jigQTx0pCqGEmGc+KIfBfkyQY5hrFMHKYCexqfKMb61lu6AlTrc8QKIoKy tI88ndkkxaOVRxZ2traGauaAuU4BY3+MO/W3HvZgdu+QROaO3dTZTP+nRWnPxoNUhHtN JKcg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=aB6po7uEvx5hUbQjuyW+yk19H5QmdHRyckCjehPgYSE=; b=qYHOJlVVgl1DpmUHYJTfVIpf3UNGIdeL3+mOo8UY3Fd/RuMDXUyWrYBSmNSsK7OrK1 i25LFaUEMhW43kQcMK6f4BsZPL5S5iY73wi/RDJF1Q0Bae8DR1tFmkzvO6c2xSykF4pd F1w82eJqy3MRpRfIPqzR3JigWEEAvO1WJs18ztCsU98Koh5warPYXWVhaILMSMG7R2Za xYttqgQ2mmdsbePI7p1FHZ2oDmYBMyYa34zpHro2yO2soIzh0U/4E936jbguchzHxcXr yrjaHbsW1T9cWJC81xsbHu88s3U9MszOOB5Z2/g5jiFpFxIDPRG3zw/C6ypOBfPICEmA FxRQ==
X-Gm-Message-State: APjAAAURZIpqdSLLF+38Mkx8IfCP7p5ANUWV5Ibj80MWeHbjwtfTaNal xU2C0BThl5dgIkgzGwuYTvZKlM9kc4RhMAvg9ws=
X-Google-Smtp-Source: APXvYqyFhds/ZUyCaTUzR9fuQUXSqcsq2oRMlq2A3b06dBCWj/C9uMBvrQKIl5nL0+UeIAP4DIOUmfwWDj9Beofx7LI=
X-Received: by 2002:a1c:b457:: with SMTP id d84mr15318774wmf.172.1582549274382; Mon, 24 Feb 2020 05:01:14 -0800 (PST)
MIME-Version: 1.0
References: <AM6PR08MB37181998F4E68A7F6BCC8110FA130@AM6PR08MB3718.eurprd08.prod.outlook.com> <59627424-2BE9-4E52-8F57-B7853D71023C@ri.se> <CABDGos7T5rjN4qHUyg_ptC+uB4gEjY26pe3=Z+Kky-LG5gkHDQ@mail.gmail.com> <CY4PR1601MB125438E2058280B86B32F650EA120@CY4PR1601MB1254.namprd16.prod.outlook.com> <a16d028a-43cf-bb5f-f21c-e26315280a2c@sit.fraunhofer.de> <CACuRN0O44V6HCUoRMjYdiz+yU=TykR89Qxsy5BifPfES_wkxkQ@mail.gmail.com>
In-Reply-To: <CACuRN0O44V6HCUoRMjYdiz+yU=TykR89Qxsy5BifPfES_wkxkQ@mail.gmail.com>
From: Akira Tsukamoto <akira.tsukamoto@gmail.com>
Date: Mon, 24 Feb 2020 22:01:02 +0900
Message-ID: <CACuRN0PDevvPt6AkwgtBu2LhHBDbCZT490jkyQ8CjUNHKutN3g@mail.gmail.com>
To: Henk Birkholz <henk.birkholz@sit.fraunhofer.de>
Cc: Konda Tirumaleswar Reddy <TirumaleswarReddy_Konda@mcafee.com>, Mingliang Pei <mingliang.pei=40broadcom.com@dmarc.ietf.org>, Nicolae Paladi <nicolae.paladi@ri.se>, Hannes Tschofenig <Hannes.Tschofenig@arm.com>, teep <teep@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/teep/1rpcDoc4szg52pfF7-3malIK5wg>
Subject: [Teep] Fwd: JSON/JOSE vs. CBOR/COSE
X-BeenThere: teep@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: A Protocol for Dynamic Trusted Execution Environment Enablement <teep.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/teep>, <mailto:teep-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/teep/>
List-Post: <mailto:teep@ietf.org>
List-Help: <mailto:teep-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/teep>, <mailto:teep-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 24 Feb 2020 13:01:19 -0000

I mistakenly dropped many addresses when I pressed button gmail, this
is resend which I sent to Henk only.

>         On 20 Feb 2020, at 11:16, Hannes Tschofenig
>         <Hannes.Tschofenig@arm.com <mailto:Hannes.Tschofenig@arm.com>>
>         wrote:
>
>         With the impression from the Hackathon in mind I am wondering
>         whether we should make a decision about the encoding of the TEEP
>         protocol messages. Today, the spec allows two types of
>         encodings, namely JSON and CBOR (with their security mechanisms).
>
>         It is obviously a pain to implement both encodings. The spec
>         supports two encodings because the OTrP design was based on JSON
>         / JOSE and it felt logical to “inherit” this encoding. Then, we
>         added CBOR and COSE for use with constrained devices.
>
>         I believe we should only have one encoding.
>
>         CBOR and COSE appear to be the better choice (although I have
>         been working on an implementation of JSON and JOSE at the
>         Hackathon). While JSON/JOSE is easier to debug the TEEP protocol
>         is actually quite simple. The use of CBOR/COSE will allow us to
>         keep the trusted computing base smaller considering that SUIT
>         manifests as well as EAT tokens are/can be encoded in CBOR and
>         protected by COSE.

The Hackathon at  Berlin was really productive and thanks.

I personally do not mind if the protocol spec becomes having only
CBOR/COSE and drop JSON/JOSE.

I think we have two discussion on this topic, one is completing the
draft and other is whether the TAM
implementation must support support both CBOR and JSON.

It is very good to have some kind of reference implementation of TEEP
along side with the spec draft,
so I would prefer having the current implementation started on JSON to
be finished and fill out the
details in the spec for what we have discussed during the Hakathon.

The sequences of TEEP in JSON which I was wroking on at the Hackathon
are still not mature.
https://github.com/ietf-teep/teep-protocol/issues/7
The suit representation is not there yet either.

These are the links I would like to reflect on the draft before the
next IETF hackathon.
https://github.com/ietf-teep/architecture/issues/151
https://github.com/ietf-teep/teep-protocol/issues/6
https://github.com/ietf-teep/teep-protocol/issues/5
https://github.com/ietf-teep/teep-protocol/issues/4 <- we had
conclusion at the Hakathon on this

Otherwise I am bit concerned many people having different
interpretation from reading the draft and
many implementation suffering interoperability.
Once the details is addressed in the JSON then having CBOR
representation in the spec is fine.
The cbor-diag tool mentioned by Carsten at the other thread is great.
It is good if somebody starts CBOR implementation in the time being.

My thought was that switching to CBOR only and no JSON now for the
Hackathon is that the
TAM side is possible to talk CBOR relatively easy since there is "npm
install cbor" to use cbor
library with javascript, but for the implementation on TEEP device
side, there are cn-cbor and
tiny-cbor for c language which is not so easy for try and error and
changing the message
formats while the draft is also moving.

The other topic of requiring the TAM to support both JSON and CBOR in the draft,
I do not feel that it should have to support both.
TAM talking otrp with json or/either teep with cbor is fine for me.

-Akira

On Fri, Feb 21, 2020 at 6:49 PM Henk Birkholz
<henk.birkholz@sit.fraunhofer.de> wrote:
>
> Hi Tiru,
>
> I'd stay in the scope of CBOR and use cbor-diag. As cbor-diag can be
> directly translated into CBOR data items, that is the notation I am
> working with on a daily basis.
>
> If needed, a JSON data item can be derived from cbor-diag quite easily.
>
> Viele Grüße,
>
> Henk
>
> On 21.02.20 04:43, Konda, Tirumaleswar Reddy wrote:
> > The protocol draft can discuss either CBOR to JSON conversion or
> > diagnostic notation discussed in
> > https://tools.ietf.org/html/rfc7049#section-6 to ease debugging.
> >
> > -Tiru
> >
> > *From:* TEEP <teep-bounces@ietf.org> *On Behalf Of * Mingliang Pei
> > *Sent:* Thursday, February 20, 2020 10:52 PM
> > *To:* Nicolae Paladi <nicolae.paladi@ri.se>
> > *Cc:* Hannes Tschofenig <Hannes.Tschofenig@arm.com>; teep@ietf.org
> > *Subject:* Re: [Teep] JSON/JOSE vs. CBOR/COSE
> >
> > *CAUTION*:External email. Do not click links or open attachments unless
> > you recognize the sender and know the content is safe.
> >
> > ------------------------------------------------------------------------
> >
> > I agree we move forward TEEP protocol with one mandatory format: CBOR /
> > COSE, and focus on specifying only one for now. Thanks, Ming
> >
> > On Thu, Feb 20, 2020 at 6:26 AM Nicolae Paladi <nicolae.paladi@ri.se
> > <mailto:nicolae.paladi@ri.se>> wrote:
> >
> >
> >
> >         On 20 Feb 2020, at 11:16, Hannes Tschofenig
> >         <Hannes.Tschofenig@arm.com <mailto:Hannes.Tschofenig@arm.com>>
> >         wrote:
> >
> >         Hi all,
> >
> >         With the impression from the Hackathon in mind I am wondering
> >         whether we should make a decision about the encoding of the TEEP
> >         protocol messages. Today, the spec allows two types of
> >         encodings, namely JSON and CBOR (with their security mechanisms).
> >
> >         It is obviously a pain to implement both encodings. The spec
> >         supports two encodings because the OTrP design was based on JSON
> >         / JOSE and it felt logical to “inherit” this encoding. Then, we
> >         added CBOR and COSE for use with constrained devices.
> >
> >         I believe we should only have one encoding.
> >
> >         CBOR and COSE appear to be the better choice (although I have
> >         been working on an implementation of JSON and JOSE at the
> >         Hackathon). While JSON/JOSE is easier to debug the TEEP protocol
> >         is actually quite simple. The use of CBOR/COSE will allow us to
> >         keep the trusted computing base smaller considering that SUIT
> >         manifests as well as EAT tokens are/can be encoded in CBOR and
> >         protected by COSE.
> >
> >     I agree, better to focus on one format.
> >
> >     Best regards,
> >
> >     Nicolae
> >
> >
> >
> >         With this email I wanted to kick-off a discussion. What do you
> >         think?
> >
> >         Ciao
> >
> >         Hannes
> >
> >         IMPORTANT NOTICE: The contents of this email and any attachments
> >         are confidential and may also be privileged. If you are not the
> >         intended recipient, please notify the sender immediately and do
> >         not disclose the contents to any other person, use it for any
> >         purpose, or store or copy the information in any medium. Thank
> >         you. _______________________________________________
> >         TEEP mailing list
> >         TEEP@ietf.org <mailto:TEEP@ietf.org>
> >         https://www.ietf.org/mailman/listinfo/teep
> >         <https://clicktime.symantec.com/3MSsiXmEmb2Dwfb5s7ZBbYv7Vc?u=https%3A%2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2Fteep>
> >
> >     _______________________________________________
> >     TEEP mailing list
> >     TEEP@ietf.org <mailto:TEEP@ietf.org>
> >     https://clicktime.symantec.com/3MSsiXmEmb2Dwfb5s7ZBbYv7Vc?u=https%3A%2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2Fteep
> >
> >
> > _______________________________________________
> > TEEP mailing list
> > TEEP@ietf.org
> > https://www.ietf.org/mailman/listinfo/teep
> >
>
> _______________________________________________
> TEEP mailing list
> TEEP@ietf.org
> https://www.ietf.org/mailman/listinfo/teep

v2.23.0 | Report a Bug | By Email