IETF Logo Mail Archive

Re: [Teep] JSON/JOSE vs. CBOR/COSE

Brendan Moran <Brendan.Moran@arm.com> Mon, 24 February 2020 11:36 UTC

Return-Path: <Brendan.Moran@arm.com>
X-Original-To: teep@ietfa.amsl.com
Delivered-To: teep@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DD23B3A0845 for <teep@ietfa.amsl.com>; Mon, 24 Feb 2020 03:36:06 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=armh.onmicrosoft.com header.b=qPFcJLFM; dkim=pass (1024-bit key) header.d=armh.onmicrosoft.com header.b=qPFcJLFM
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sMvE4oYtuEom for <teep@ietfa.amsl.com>; Mon, 24 Feb 2020 03:36:03 -0800 (PST)
Received: from EUR05-DB8-obe.outbound.protection.outlook.com (mail-db8eur05on2056.outbound.protection.outlook.com [40.107.20.56]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 81CD53A0839 for <teep@ietf.org>; Mon, 24 Feb 2020 03:36:03 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=AoubbIILTn3JTkuTG7yEbT/4mwlgcdJ5rtTmXgTWCqs=; b=qPFcJLFMzbhfhjuTyx2feKjtpSD4zWB68HnHfmtan1hD2fFKtGtfpqPu0FAD+yCLFxOJWGwv8v/MzXRirNz4jLD4qZx4klMa8b3WwJUFzlstyiVSMeh4aCQOoHXzaKRtSW25orfK++Yk2hFrcVF1es7TeuRqwHsxiOqaxS2+8xI=
Received: from VI1PR08CA0187.eurprd08.prod.outlook.com (2603:10a6:800:d2::17) by DB8PR08MB5531.eurprd08.prod.outlook.com (2603:10a6:10:11e::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2750.21; Mon, 24 Feb 2020 11:36:01 +0000
Received: from DB5EUR03FT063.eop-EUR03.prod.protection.outlook.com (2a01:111:f400:7e0a::205) by VI1PR08CA0187.outlook.office365.com (2603:10a6:800:d2::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2750.17 via Frontend Transport; Mon, 24 Feb 2020 11:36:01 +0000
Authentication-Results: spf=pass (sender IP is 63.35.35.123) smtp.mailfrom=arm.com; ietf.org; dkim=pass (signature was verified) header.d=armh.onmicrosoft.com;ietf.org; dmarc=bestguesspass action=none header.from=arm.com;
Received-SPF: Pass (protection.outlook.com: domain of arm.com designates 63.35.35.123 as permitted sender) receiver=protection.outlook.com; client-ip=63.35.35.123; helo=64aa7808-outbound-1.mta.getcheckrecipient.com;
Received: from 64aa7808-outbound-1.mta.getcheckrecipient.com (63.35.35.123) by DB5EUR03FT063.mail.protection.outlook.com (10.152.20.209) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2750.17 via Frontend Transport; Mon, 24 Feb 2020 11:36:00 +0000
Received: ("Tessian outbound 3a0cbd311638:v42"); Mon, 24 Feb 2020 11:36:00 +0000
X-CheckRecipientChecked: true
X-CR-MTA-CID: fccf52d7c3acef63
X-CR-MTA-TID: 64aa7808
Received: from c91ebafae9cf.1 by 64aa7808-outbound-1.mta.getcheckrecipient.com id 938F867D-4B36-4F64-BA14-BBB1DB341687.1; Mon, 24 Feb 2020 11:35:55 +0000
Received: from EUR01-VE1-obe.outbound.protection.outlook.com by 64aa7808-outbound-1.mta.getcheckrecipient.com with ESMTPS id c91ebafae9cf.1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384); Mon, 24 Feb 2020 11:35:54 +0000
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=FoDNTRQ4cGzmbsbOguDbyfm28ij6BC5Ij/9id2hP6rlungJmKBTikUR6ZYVx1URvYbPf6GwA6Li7rJo7xSxq+EThEvX2Ye3KbZ7HDedheWUK+C9TcjmdxKeDLZLxbgqBs2TzTSi8vx2hi4V6qoUArEdoBd+Uag0gPUeS3CaB3Y/975ab3PkM4aDXGoyW6RyRqR9/eM/Vir2WwUmrlEswDsTaSiPx0mySBDFXNtEXykcB9ZcnCCKZ29FvLoN9EEQ91wKfbE3Yi7NTMcGnMN8C3GPy+io7EhEw1AWdabzySEtAPS7Q3RCW2rIp5sC0EU6WnGtCY6Zf1mIxWmDc1EtRyA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=AoubbIILTn3JTkuTG7yEbT/4mwlgcdJ5rtTmXgTWCqs=; b=l1L4GWIIU95PiHby4qmXXNlTCAGMfNEsOo8DiBLySIX22ygrPCQjGyP+AGXSrL4OrnXPBoLABDfWWmWfz8naT/WmFSklZBeZoKB/HNDGxr015Mk/aVbpIccAHXN3bohvctrlvBtuFDcdc2jbqTZLYGh24QNp9KUkrayJrEfGbtyH0Eva4KsMTB/nxJ5CBkPZt9ckANZfC1ndOXeV1HNfJhqTSAwrK5b5tuoq9JhOn0RYJN6xvRCtDsy7EOjjKnHj21NURMQ3wJ9b75qn92rEfQRcX5nnaAgqv6/iku/MpXl0FG/uwADaCxS1eZgbQW5kK+Sbai4H0Bb9bERlvCuWZQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=arm.com; dmarc=pass action=none header.from=arm.com; dkim=pass header.d=arm.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=AoubbIILTn3JTkuTG7yEbT/4mwlgcdJ5rtTmXgTWCqs=; b=qPFcJLFMzbhfhjuTyx2feKjtpSD4zWB68HnHfmtan1hD2fFKtGtfpqPu0FAD+yCLFxOJWGwv8v/MzXRirNz4jLD4qZx4klMa8b3WwJUFzlstyiVSMeh4aCQOoHXzaKRtSW25orfK++Yk2hFrcVF1es7TeuRqwHsxiOqaxS2+8xI=
Received: from AM6PR08MB4738.eurprd08.prod.outlook.com (10.255.99.138) by AM6PR08MB3782.eurprd08.prod.outlook.com (20.178.89.160) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2750.21; Mon, 24 Feb 2020 11:35:53 +0000
Received: from AM6PR08MB4738.eurprd08.prod.outlook.com ([fe80::7960:8949:a754:4288]) by AM6PR08MB4738.eurprd08.prod.outlook.com ([fe80::7960:8949:a754:4288%7]) with mapi id 15.20.2750.021; Mon, 24 Feb 2020 11:35:53 +0000
From: Brendan Moran <Brendan.Moran@arm.com>
To: "teep@ietf.org" <teep@ietf.org>
Thread-Topic: [Teep] JSON/JOSE vs. CBOR/COSE
Thread-Index: AQHV6waSKM8STg6jJEi5RXh6Z1NFkA==
Date: Mon, 24 Feb 2020 11:35:53 +0000
Message-ID: <9802731C-231B-4010-BE53-AD35D33EC25F@arm.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-mailer: Apple Mail (2.3608.60.0.2.5)
Authentication-Results-Original: spf=none (sender IP is ) smtp.mailfrom=Brendan.Moran@arm.com;
x-originating-ip: [217.140.106.52]
x-ms-publictraffictype: Email
X-MS-Office365-Filtering-HT: Tenant
X-MS-Office365-Filtering-Correlation-Id: 82a33315-179c-4e1c-b3cf-08d7b91db939
X-MS-TrafficTypeDiagnostic: AM6PR08MB3782:|DB8PR08MB5531:
X-Microsoft-Antispam-PRVS: <DB8PR08MB553181BBCF755DCFCBD82A9EEAEC0@DB8PR08MB5531.eurprd08.prod.outlook.com>
x-checkrecipientrouted: true
nodisclaimer: true
x-ms-oob-tlc-oobclassifiers: OLM:8273;OLM:10000;
x-forefront-prvs: 032334F434
X-Forefront-Antispam-Report-Untrusted: SFV:NSPM; SFS:(10009020)(4636009)(136003)(376002)(396003)(366004)(346002)(39860400002)(199004)(189003)(2616005)(5660300002)(2906002)(71200400001)(81156014)(6506007)(81166006)(316002)(36756003)(478600001)(66946007)(66476007)(91956017)(6916009)(64756008)(33656002)(66446008)(26005)(8936002)(8676002)(186003)(6512007)(66556008)(86362001)(6486002)(76116006); DIR:OUT; SFP:1101; SCL:1; SRVR:AM6PR08MB3782; H:AM6PR08MB4738.eurprd08.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: arm.com does not designate permitted sender hosts)
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam-Untrusted: BCL:0;
X-Microsoft-Antispam-Message-Info-Original: lBhfPfYc7uqIB1z/omzSisls9FLwGFULoqsR7eGbQGhvOCU5IVqcU80AkAFyiDe/oxtz37syVLDky4gkUUyPlDfN91M9meRCYCSe4PLDPIZ/DtXinUxxFc0ipIWyJNtKSv5k7asm+a9vWR5RzBDVTDy+c5RTAoeOnPU/a1zji1axyhPmHCDBX81FHztvPecXAsJvdqVOtpM03C4ceh1gQYxEbrKnQVYAWuL7ODsywjZcUXAg0UAWr+n5PjdzEaZ/HxcaBx+nm8c8la3+oYGqglyE+3gMtGouiQa9WKNk2fgzESzZqtLUQRbLGJ8jJPwgH6fOT8x4hF1T6SzTQs0/XaEnp3O6RHkSpnu2OCUMp/u1Y/iFAurCca9kA3gGdN9cz6BV8mzx/U3jgRKniPJcGIsk0P5GU9qgAjTiafZlOGR6sD6MYh97Rf7YW4BnXYE4
x-ms-exchange-antispam-messagedata: YBqYMeF8YdST5Iu6JRu8N83UEab1SN/KhLgTMiZEpmcWT/bcnOgJlZ1J8yCGJJBiY8w4JKIxaz30RL1o1TFGCgAGcsTN33lLTh/zTYcFAwEZgQHDdfKh8ihZusVhTqLeUrkjsnA1IxJqxKrJvY/ZEA==
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_9802731C231B4010BE53AD35D33EC25Farmcom_"
MIME-Version: 1.0
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM6PR08MB3782
Original-Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=Brendan.Moran@arm.com;
X-EOPAttributedMessage: 0
X-MS-Exchange-Transport-CrossTenantHeadersStripped: DB5EUR03FT063.eop-EUR03.prod.protection.outlook.com
X-Forefront-Antispam-Report: CIP:63.35.35.123; IPV:CAL; SCL:-1; CTRY:IE; EFV:NLI; SFV:NSPM; SFS:(10009020)(4636009)(39860400002)(346002)(396003)(376002)(136003)(199004)(189003)(8676002)(478600001)(26826003)(33656002)(81156014)(81166006)(356004)(186003)(26005)(33964004)(336012)(6916009)(45080400002)(8936002)(2616005)(6506007)(2906002)(70586007)(86362001)(70206006)(6486002)(6512007)(36756003)(316002)(5660300002); DIR:OUT; SFP:1101; SCL:1; SRVR:DB8PR08MB5531; H:64aa7808-outbound-1.mta.getcheckrecipient.com; FPR:; SPF:Pass; LANG:en; PTR:ec2-63-35-35-123.eu-west-1.compute.amazonaws.com; A:1; MX:1;
X-MS-Office365-Filtering-Correlation-Id-Prvs: 7e0a89cc-3286-430b-8a02-08d7b91db4f7
X-Forefront-PRVS: 032334F434
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: 8eMsPp+12YXQLyxpuSdKs9M1J+fiUs9tXHGlp5UMuLHyve6wcu4FBcBdy9xSBjUk3NzhpR0xd7NTJfMWp8mTrMerHVBgyIiaDSZeosiy9psvltXJGQWBOJPKjcYx0gZ+DR5z3dtX6pi8BVhs61vUyVFsIQ02fCypr63mmAVNv8abhoMLfxpvrubbr1khJhdS0mwHM6yuRKm98VzFsKFFwhpes1JVoWjVnQMRAHGounRy0TzqN7xkb6Gmmmn8HaIEcjtomWEtR7YbcmDPZkxPQtvUVnF44RBdd0vsBl5d9mhPcJYwPVbqEkoUPxQxuQsyfI+xOxiH4dFLPEjXOgjhwlTFuZnwk8pMIS+6sOhwAMEn/tP9zp6D0tiTEoGETyZ4ngnCIBJmrh3DdCDLlTchQV6oz7tmimK8ZYpWnBYU1M/iA9/70nOKgJ8TyyP2sHf1
X-OriginatorOrg: arm.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 24 Feb 2020 11:36:00.8901 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 82a33315-179c-4e1c-b3cf-08d7b91db939
X-MS-Exchange-CrossTenant-Id: f34e5979-57d9-4aaa-ad4d-b122a662184d
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=f34e5979-57d9-4aaa-ad4d-b122a662184d; Ip=[63.35.35.123]; Helo=[64aa7808-outbound-1.mta.getcheckrecipient.com]
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB8PR08MB5531
Archived-At: <https://mailarchive.ietf.org/arch/msg/teep/3cpH75HRz0Udk3e00CDA_QkMrrk>
Subject: Re: [Teep] JSON/JOSE vs. CBOR/COSE
X-BeenThere: teep@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: A Protocol for Dynamic Trusted Execution Environment Enablement <teep.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/teep>, <mailto:teep-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/teep/>
List-Post: <mailto:teep@ietf.org>
List-Help: <mailto:teep-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/teep>, <mailto:teep-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 24 Feb 2020 11:36:07 -0000

I also support using only one encoding, and I second keeping the TCB as small as possible, so I support using CBOR/COSE as the only encoding. In particular, if TEEP is going to keep a dependency on SUIT, this means that using JSON/JOSE for TEEP requires supporting both JSON/JOSE and CBOR/COSE, since SUIT already has a single encoding: CBOR/COSE. As such, using JSON/JSOE for TEEP dramatically increases the TCB from a single parser & cryptographic wrapper to two of each.


Personally, I don’t find CBOR/COSE significantly harder to debug than JSON. I find JSON unreadable unless it’s been formatted. I find CBOR unreadable unless it’s been decoded into diagnostic notation. I don’t find a substantial difference in overhead between these two.

Best Regards,
Brendan
IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.

v2.23.0 | Report a Bug | By Email