IETF Logo Mail Archive

Re: [Teep] Fwd: Side-meeting: Canonical JSON, Signed REST

Anders Rundgren <anders.rundgren.net@gmail.com> Wed, 27 March 2019 09:10 UTC

Return-Path: <anders.rundgren.net@gmail.com>
X-Original-To: teep@ietfa.amsl.com
Delivered-To: teep@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 79F891204E9 for <teep@ietfa.amsl.com>; Wed, 27 Mar 2019 02:10:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DcdETUY4QkKw for <teep@ietfa.amsl.com>; Wed, 27 Mar 2019 02:10:51 -0700 (PDT)
Received: from mail-wm1-x334.google.com (mail-wm1-x334.google.com [IPv6:2a00:1450:4864:20::334]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 598CF12045F for <teep@ietf.org>; Wed, 27 Mar 2019 02:10:51 -0700 (PDT)
Received: by mail-wm1-x334.google.com with SMTP id t124so15784984wma.4 for <teep@ietf.org>; Wed, 27 Mar 2019 02:10:51 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=subject:from:to:cc:references:message-id:date:user-agent :mime-version:in-reply-to:content-language:content-transfer-encoding; bh=UHQ3EbvKDRRZDg/qd+yWhchfAW+LuA/E2X7PQUejBuU=; b=Xjgy4T4P6HyGz5ecTck3z7CVhr0F7BuFF85DH3cME2kWFCKzhcD6aWrv948tnegeam CB5bqMJupsyttTc7VpXCsZWeZlTqGQZX4wqho57i7BgR43FtuFNVhr0US+pmR4fPctvw MW+2nR4TF5j4SucYc8E0oKiKEu8LRf1Vgj5+VLuThGwd7jZlQRv4322qKKEvkuXOVwjK q6F5t1g3NYFGQVybTR8sEUtRTndsnnbBnNY+KARkzFYZhpFzJybYgNmxm3QKNj1ow3PG mIPMTnZ32Z5O105f4A9Loj1IP9+ajqvRpmjahL5eLDOjIt/L3SuFLtJG46i3l31BDJNf Ah4g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:from:to:cc:references:message-id:date :user-agent:mime-version:in-reply-to:content-language :content-transfer-encoding; bh=UHQ3EbvKDRRZDg/qd+yWhchfAW+LuA/E2X7PQUejBuU=; b=hlQss8EbTZfnlei97qAWofn8eLf6dI3Osqe22Up6+dsftOT2aKmnin0OGFOi1X3fiT x6G7DJAlxnh2iujH4mK7auFtSIfg/WRNdBTERF+UFHKBoSnn5AG+Lxl5PDpszGFDbUbN n23lO61uNa4Iq7E0MlACcE+y6b7vVddMqACn9BbX6J9QIg/AIB5gQoBNnsu6qFR+PNqe bRz10vAUTI7Wzt75F9oEw56szOecI0S975nXmxZCzmzgNvmsFg66K1ZBbRndxeXRCoa5 sZYIJxzmoISB5aVrS4romDgk7t9j/JJ+wKQPle0mCI1GdFe2wo3SpdjszhvC9gWNEWLk Y21Q==
X-Gm-Message-State: APjAAAUMAt6GAgOvUJJ60q53uAC9kUKlRZW9C0cboOrTjUtapSuHivpk oCU6XaXY8Q+/8sEnJ6U4Wa6Vx4Em1nU=
X-Google-Smtp-Source: APXvYqx10FeDrdr8lgJIhoExDIUFXZnOF+FDYDDfa9bNsZnwVQJCuYGq2aSPIKy/3vUPo0crLQZFwg==
X-Received: by 2002:a1c:751a:: with SMTP id o26mr11866192wmc.10.1553677849414; Wed, 27 Mar 2019 02:10:49 -0700 (PDT)
Received: from ?IPv6:2001:67c:1232:144:3836:b504:dead:944f? ([2001:67c:1232:144:3836:b504:dead:944f]) by smtp.googlemail.com with ESMTPSA id f20sm48023331wrg.91.2019.03.27.02.10.47 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 27 Mar 2019 02:10:47 -0700 (PDT)
From: Anders Rundgren <anders.rundgren.net@gmail.com>
To: Carsten Bormann <cabo@tzi.org>
Cc: "teep@ietf.org" <teep@ietf.org>
References: <4944d01f-4565-9688-8833-1c8b287c6ae0@gmail.com> <5e1c4ee8-0e8f-d1b7-2fca-759d2aaadb45@gmail.com> <991DA486-BE36-4325-8E2F-C841C3EE3BAD@tzi.org> <3449438a-aa07-864b-12e1-b77254417626@gmail.com>
Message-ID: <e3d04967-76a5-6bde-af2f-9453544a719f@gmail.com>
Date: Wed, 27 Mar 2019 10:10:46 +0100
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:60.0) Gecko/20100101 Thunderbird/60.6.0
MIME-Version: 1.0
In-Reply-To: <3449438a-aa07-864b-12e1-b77254417626@gmail.com>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Language: en-US
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/teep/2K4Tum_tcS05F1A1aGh_1z_bg1M>
Subject: Re: [Teep] Fwd: Side-meeting: Canonical JSON, Signed REST
X-BeenThere: teep@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: A Protocol for Dynamic Trusted Execution Environment Enablement <teep.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/teep>, <mailto:teep-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/teep/>
List-Post: <mailto:teep@ietf.org>
List-Help: <mailto:teep-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/teep>, <mailto:teep-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 27 Mar 2019 09:11:04 -0000

On 2019-03-27 09:57, Anders Rundgren wrote:
> On 2019-03-27 09:49, Carsten Bormann wrote:
>> On Mar 27, 2019, at 09:25, Anders Rundgren <anders.rundgren.net@gmail.com> wrote:
>>>
>>> I hope you didn't mind me mentioning TEEP/OTrP as a [partially] awkward solution...
>>
>> If base64-coding data seems awkward, don’t do that, and use CBOR.
>> No need to invent anything.  The rest stays exactly as it is.
> 
> In this particular case it was rather the need for introducing a redundant outer layer that caught my eye.
> 
> Personally, I would nuke JSON for TEEP since all data is either Base64-encoded or is encrypted (or both) making it a fairly poor candidate for a text based system.
> And yes, CBOR would be the natural answer to that of course!
> 
> If CBOR/COSE can fix this outer layer thing it would be perfect.  For this particular mission.

In KeyGen2 which has similarities to OTrP there is very little need for Base64 and encryption is only applied to a few things that actually needs encryption.

This is not only due to canonicalization but also because it builds on attested session keys which is a more powerful scheme than the static solution used in TEEP.

Anders

> 
> Cheers,
> Anders
> 
>>
>> Grüße, Carsten
>>
>

v2.23.0 | Report a Bug | By Email