IETF Logo Mail Archive

Re: [Teep] JSON/JOSE vs. CBOR/COSE

Hannes Tschofenig <Hannes.Tschofenig@arm.com> Mon, 24 February 2020 13:12 UTC

Return-Path: <Hannes.Tschofenig@arm.com>
X-Original-To: teep@ietfa.amsl.com
Delivered-To: teep@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AA3E83A0AAC for <teep@ietfa.amsl.com>; Mon, 24 Feb 2020 05:12:54 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.4
X-Spam-Level:
X-Spam-Status: No, score=-1.4 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, PDS_BTC_ID=0.499, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=armh.onmicrosoft.com header.b=IDtHt13C; dkim=pass (1024-bit key) header.d=armh.onmicrosoft.com header.b=IDtHt13C
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zE8Au2pAnKhJ for <teep@ietfa.amsl.com>; Mon, 24 Feb 2020 05:12:52 -0800 (PST)
Received: from EUR02-VE1-obe.outbound.protection.outlook.com (mail-eopbgr20076.outbound.protection.outlook.com [40.107.2.76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 83EB33A0AAA for <teep@ietf.org>; Mon, 24 Feb 2020 05:12:51 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=tt+TRMPr7aiiKAOdMov9My3KUv4N+1Gm6LvLEFLlmpk=; b=IDtHt13C0sbSnY4Xc/oikaK3GQU1aj377pOKftJWd4uk5X4LHD5lq84yLMIzpPeIfnEHy6ZNPN6imgF8Rlm7wxPbvK+A8YGI/7NrbmKDvra9o/VCA2HoG2s2PUrkezq/2O+4rMbOUcq4t1T3/49cG5yFVh/t6VNznhTCLZqMGnw=
Received: from VI1PR08CA0188.eurprd08.prod.outlook.com (2603:10a6:800:d2::18) by AM0PR08MB3330.eurprd08.prod.outlook.com (2603:10a6:208:5c::21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2750.21; Mon, 24 Feb 2020 13:12:48 +0000
Received: from VE1EUR03FT022.eop-EUR03.prod.protection.outlook.com (2a01:111:f400:7e09::201) by VI1PR08CA0188.outlook.office365.com (2603:10a6:800:d2::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2750.17 via Frontend Transport; Mon, 24 Feb 2020 13:12:47 +0000
Authentication-Results: spf=pass (sender IP is 63.35.35.123) smtp.mailfrom=arm.com; ietf.org; dkim=pass (signature was verified) header.d=armh.onmicrosoft.com;ietf.org; dmarc=bestguesspass action=none header.from=arm.com;
Received-SPF: Pass (protection.outlook.com: domain of arm.com designates 63.35.35.123 as permitted sender) receiver=protection.outlook.com; client-ip=63.35.35.123; helo=64aa7808-outbound-1.mta.getcheckrecipient.com;
Received: from 64aa7808-outbound-1.mta.getcheckrecipient.com (63.35.35.123) by VE1EUR03FT022.mail.protection.outlook.com (10.152.18.64) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2750.17 via Frontend Transport; Mon, 24 Feb 2020 13:12:47 +0000
Received: ("Tessian outbound 1f9bda537fdc:v42"); Mon, 24 Feb 2020 13:12:46 +0000
X-CR-MTA-TID: 64aa7808
Received: from 6e37aec1b21f.1 by 64aa7808-outbound-1.mta.getcheckrecipient.com id 90E285FA-FC5A-4363-AAFC-39D84E3E0282.1; Mon, 24 Feb 2020 13:12:41 +0000
Received: from EUR01-VE1-obe.outbound.protection.outlook.com by 64aa7808-outbound-1.mta.getcheckrecipient.com with ESMTPS id 6e37aec1b21f.1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384); Mon, 24 Feb 2020 13:12:41 +0000
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=ilsJ9dcMD5MD/gDsy5DrJY8sVuTfHbj4jf6S66+B+h5p5/062K/0UK7xWXJacbHMc1W7sBdlK4PRpHjo22hA8Gtpdgcz172FqSa/06UVjlHd2bKFJq32TT/uKrR9xFiiw5tdhDhyYfJNuX5UdmAh7337fW/Pig5jMi8GyB6T5PrSPNSVISV+QXOqSPcSxFG1bPdoJdFDC6m1NMWpVMU7Sa8lbDNy4wGteo/4OSLbqVrwumNsh7oN2uzUPhO7j3IwxZh29dEVfBcapzbbgim1apykvlpKCZUse8UwISO9oBg1G08STZ/Z5p6tdbVJEarL/P4fSq6+LZCMoLH58KPjhw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=tt+TRMPr7aiiKAOdMov9My3KUv4N+1Gm6LvLEFLlmpk=; b=PS5jjgSuGkbTzgA4go0umgcctEEjTXJMowE+xQ4ZkmoDpEMXFo3hbW5lIU5TuOwxpASX1rXrflcDPTinF73fwlQK0I9KV5E0F9DhfmDeDPV8dMPpZH3aOGBFwXQ5U/x7F5B6XP9+2n9U23f6+EopCbbZrtS6jWQgV/pAvzd69RpJfhGmLo72h48ATpPiTa9ucfZVEOtj0VpApoK/yf9Fu169IiM1UyvDSbA9JXRC4kpCQL5P90gLiEUeZ0FV0X98IOrA2oO0D4cLLd9YKKev+QDipTV9PxHvinm/z/YJ6XAqAIYrCxndOBYg0hEqaJESejL44d4kfjOY98/omeyCxQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=arm.com; dmarc=pass action=none header.from=arm.com; dkim=pass header.d=arm.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=tt+TRMPr7aiiKAOdMov9My3KUv4N+1Gm6LvLEFLlmpk=; b=IDtHt13C0sbSnY4Xc/oikaK3GQU1aj377pOKftJWd4uk5X4LHD5lq84yLMIzpPeIfnEHy6ZNPN6imgF8Rlm7wxPbvK+A8YGI/7NrbmKDvra9o/VCA2HoG2s2PUrkezq/2O+4rMbOUcq4t1T3/49cG5yFVh/t6VNznhTCLZqMGnw=
Received: from AM0PR08MB3716.eurprd08.prod.outlook.com (20.178.23.205) by AM0PR08MB4082.eurprd08.prod.outlook.com (20.178.119.219) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2750.18; Mon, 24 Feb 2020 13:12:40 +0000
Received: from AM0PR08MB3716.eurprd08.prod.outlook.com ([fe80::2159:870b:25df:e612]) by AM0PR08MB3716.eurprd08.prod.outlook.com ([fe80::2159:870b:25df:e612%5]) with mapi id 15.20.2750.021; Mon, 24 Feb 2020 13:12:40 +0000
From: Hannes Tschofenig <Hannes.Tschofenig@arm.com>
To: Akira Tsukamoto <akira.tsukamoto@gmail.com>, Henk Birkholz <henk.birkholz@sit.fraunhofer.de>
CC: Konda Tirumaleswar Reddy <TirumaleswarReddy_Konda@mcafee.com>, Mingliang Pei <mingliang.pei=40broadcom.com@dmarc.ietf.org>, Nicolae Paladi <nicolae.paladi@ri.se>, teep <teep@ietf.org>
Thread-Topic: [Teep] JSON/JOSE vs. CBOR/COSE
Thread-Index: AdXn1SQGDdHEa7ViTNKpyKZllFqBSgAJI/6AAAYjxoAAIjYkoAAAP/GAAJ2ZMRUAABCIgA==
Date: Mon, 24 Feb 2020 13:12:39 +0000
Message-ID: <AM0PR08MB371658433A963F30E53D5B16FAEC0@AM0PR08MB3716.eurprd08.prod.outlook.com>
References: <AM6PR08MB37181998F4E68A7F6BCC8110FA130@AM6PR08MB3718.eurprd08.prod.outlook.com> <59627424-2BE9-4E52-8F57-B7853D71023C@ri.se> <CABDGos7T5rjN4qHUyg_ptC+uB4gEjY26pe3=Z+Kky-LG5gkHDQ@mail.gmail.com> <CY4PR1601MB125438E2058280B86B32F650EA120@CY4PR1601MB1254.namprd16.prod.outlook.com> <a16d028a-43cf-bb5f-f21c-e26315280a2c@sit.fraunhofer.de> <CACuRN0O44V6HCUoRMjYdiz+yU=TykR89Qxsy5BifPfES_wkxkQ@mail.gmail.com> <CACuRN0PDevvPt6AkwgtBu2LhHBDbCZT490jkyQ8CjUNHKutN3g@mail.gmail.com>
In-Reply-To: <CACuRN0PDevvPt6AkwgtBu2LhHBDbCZT490jkyQ8CjUNHKutN3g@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ts-tracking-id: 8a1d62d5-c2c1-46b7-accf-30e2c5f7dfc7.1
x-checkrecipientchecked: true
Authentication-Results-Original: spf=none (sender IP is ) smtp.mailfrom=Hannes.Tschofenig@arm.com;
x-originating-ip: [80.92.118.5]
x-ms-publictraffictype: Email
X-MS-Office365-Filtering-HT: Tenant
X-MS-Office365-Filtering-Correlation-Id: 15756104-fe42-442f-745d-08d7b92b3e35
X-MS-TrafficTypeDiagnostic: AM0PR08MB4082:|AM0PR08MB3330:
X-Microsoft-Antispam-PRVS: <AM0PR08MB3330345F8DB0A584521DCFE5FAEC0@AM0PR08MB3330.eurprd08.prod.outlook.com>
x-checkrecipientrouted: true
nodisclaimer: true
x-ms-oob-tlc-oobclassifiers: OLM:8273;OLM:8273;
x-forefront-prvs: 032334F434
X-Forefront-Antispam-Report-Untrusted: SFV:NSPM; SFS:(10009020)(4636009)(39860400002)(376002)(136003)(346002)(396003)(366004)(199004)(189003)(81156014)(71200400001)(966005)(8676002)(5660300002)(33656002)(86362001)(81166006)(110136005)(4326008)(8936002)(478600001)(54906003)(316002)(7696005)(52536014)(26005)(66476007)(55016002)(2906002)(6506007)(66446008)(66556008)(76116006)(66946007)(186003)(64756008)(53546011)(9686003); DIR:OUT; SFP:1101; SCL:1; SRVR:AM0PR08MB4082; H:AM0PR08MB3716.eurprd08.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: arm.com does not designate permitted sender hosts)
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam-Untrusted: BCL:0;
X-Microsoft-Antispam-Message-Info-Original: STC3DRBohBHGEkGZ6PEuvqW0zdeaUMCfr+cRKaLSQFrlUp3/X4IdbEwez47CArTfZtAv3Q/Y5obmFkYLRp+AqdeJJKSgKLX3E3Gi1QypgOQAz1T78KiFm7ET+gxchQaNrlCqMpbpCi1NBciVSOVLohxzsiYh534R9vNkwbJy8OJPERwGcY9tSUR1TDG9njrqtgDtk5zX4SS9q/WS4qlU+tSLxs9JXbkCCoZZRgXN1Xx4YX8VVjIvR1V0t8544pT1HSLl319G1o7nIAAxcMK/sSOv6zNQCV8uDOwo1OE5b5o3DqvYdWqMEnx3pWXsG96bPi/JyUlIh38q0DH52NNq2FCob8x3YU1LinoXLKqR8s44+qLWNvjgzG/I+5yDgJNF/NG/SvGGOez1Le+QSsOqYxtyBTeB83j+f2QyN7mlUhkgTKy/BD30M5S2Ndzsxgex+U7TTBW3Fi/Bbc/YHTc7Xoj4hhV0GgW1s2Bs0LX74DpJRPV3phqkTeOWEu+MLIP1AzDCqb+s10QolKXcI0yK/w==
x-ms-exchange-antispam-messagedata: o9Q45OQbHKy8YgnxtiGkMLmYtU3iUz6QEFX9isXT5PBqDx8gjG98I7wyg2nioM89IAPLP6R8BKi97QCUea61Sogq5E7V2GHRd7vednnoLNeKcZz/Hn0UU6hb5TglPZgmB3ri+Gl1nqteTxE9FCIozw==
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM0PR08MB4082
Original-Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=Hannes.Tschofenig@arm.com;
X-EOPAttributedMessage: 0
X-MS-Exchange-Transport-CrossTenantHeadersStripped: VE1EUR03FT022.eop-EUR03.prod.protection.outlook.com
X-Forefront-Antispam-Report: CIP:63.35.35.123; IPV:CAL; SCL:-1; CTRY:IE; EFV:NLI; SFV:NSPM; SFS:(10009020)(4636009)(346002)(376002)(136003)(39860400002)(396003)(199004)(189003)(8936002)(36906005)(336012)(9686003)(186003)(4326008)(55016002)(110136005)(7696005)(6506007)(53546011)(316002)(54906003)(26005)(81166006)(81156014)(26826003)(86362001)(356004)(70206006)(70586007)(966005)(478600001)(5660300002)(33656002)(52536014)(8676002)(2906002); DIR:OUT; SFP:1101; SCL:1; SRVR:AM0PR08MB3330; H:64aa7808-outbound-1.mta.getcheckrecipient.com; FPR:; SPF:Pass; LANG:en; PTR:ec2-63-35-35-123.eu-west-1.compute.amazonaws.com; A:1; MX:1;
X-MS-Office365-Filtering-Correlation-Id-Prvs: 4d77f5b5-93ca-49e4-59af-08d7b92b39d9
X-Forefront-PRVS: 032334F434
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: hlec3t9vPw2sI1sTxGJ/xZnGLU3NWuQYT5MseJNfXbm5AIii362UqzjsgHJsWsy06y9qlh8A/9TBDTROzor2xkgNh3cQyiZelbvqhR5qmfqefKYDDOJNQ9+lLIowrcI/L8aOXTc3blapcHryhW+GccbyVxzaq1CQufpkz6A43y4MxcdClx5PVfvuA+pPBFaz2sEmu3E+Ji/NCJf95rGsbxGQ7nq2mGQEsAgjyzbWZ8xTqGDndBape6PH+Fpw4uS8miU/Em7atpg7C+xegKFivhH3dT9duoG9w+xcED5BOUdogZeoeRjQBTRJy3Vju8X8GhPSpKO962v1XpDwHafz9TERIWEHl5lqySuV12bYdbpltXfJ9VlNa3zufrF6LhmIP+Oa1q3PoSp8SJmGAxqgUsMTLv/vDqrkVQBWK9WcNf2dSc8ePV0x50J8BKC60Ye71dRlDtyB9mb/5tewp08ORTTJS91icMGEcbZR1M+vr35nyn7ev4PAXnOzhAKE80fh38Av1FzGebNboimDWt+q+g==
X-OriginatorOrg: arm.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 24 Feb 2020 13:12:47.3296 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 15756104-fe42-442f-745d-08d7b92b3e35
X-MS-Exchange-CrossTenant-Id: f34e5979-57d9-4aaa-ad4d-b122a662184d
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=f34e5979-57d9-4aaa-ad4d-b122a662184d; Ip=[63.35.35.123]; Helo=[64aa7808-outbound-1.mta.getcheckrecipient.com]
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM0PR08MB3330
Archived-At: <https://mailarchive.ietf.org/arch/msg/teep/NL4Ycehz5H8pliqaYbSNYT3enQ8>
Subject: Re: [Teep] JSON/JOSE vs. CBOR/COSE
X-BeenThere: teep@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: A Protocol for Dynamic Trusted Execution Environment Enablement <teep.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/teep>, <mailto:teep-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/teep/>
List-Post: <mailto:teep@ietf.org>
List-Help: <mailto:teep-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/teep>, <mailto:teep-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 24 Feb 2020 13:12:55 -0000

Thanks, Akira.

If we decide to only use CBOR/COSE for the TEEP protocol then the draft becomes simpler. It still make sense to put examples with CBOR diagnostic format into the draft. That's something we should certainly do.

I am pushing for a decision about this topic because
* the draft needs to be updated in time for the IETF submission deadline,
* the reference implementations need to progress, and
* making a decision gives us clarity about the direction we are heading.

For the reference implementation I am wondering whether it makes sense to re-use QCBOR and an enhanced version* of t_cose. Hackathon participants were quite impressed with QCBOR and t_cose.

Ciao
Hannes

*: I am speaking about an enhanced version because t_cose implements only verifying digital signatures. The sign functionality is missing. (At least that's my understanding.)

-----Original Message-----
From: Akira Tsukamoto <akira.tsukamoto@gmail.com>
Sent: Monday, February 24, 2020 2:01 PM
To: Henk Birkholz <henk.birkholz@sit.fraunhofer.de>
Cc: Konda Tirumaleswar Reddy <TirumaleswarReddy_Konda@mcafee.com>; Mingliang Pei <mingliang.pei=40broadcom.com@dmarc.ietf.org>; Nicolae Paladi <nicolae.paladi@ri.se>; Hannes Tschofenig <Hannes.Tschofenig@arm.com>; teep <teep@ietf.org>
Subject: Fwd: [Teep] JSON/JOSE vs. CBOR/COSE

I mistakenly dropped many addresses when I pressed button gmail, this is resend which I sent to Henk only.

>         On 20 Feb 2020, at 11:16, Hannes Tschofenig
>         <Hannes.Tschofenig@arm.com <mailto:Hannes.Tschofenig@arm.com>>
>         wrote:
>
>         With the impression from the Hackathon in mind I am wondering
>         whether we should make a decision about the encoding of the TEEP
>         protocol messages. Today, the spec allows two types of
>         encodings, namely JSON and CBOR (with their security mechanisms).
>
>         It is obviously a pain to implement both encodings. The spec
>         supports two encodings because the OTrP design was based on JSON
>         / JOSE and it felt logical to “inherit” this encoding. Then, we
>         added CBOR and COSE for use with constrained devices.
>
>         I believe we should only have one encoding.
>
>         CBOR and COSE appear to be the better choice (although I have
>         been working on an implementation of JSON and JOSE at the
>         Hackathon). While JSON/JOSE is easier to debug the TEEP protocol
>         is actually quite simple. The use of CBOR/COSE will allow us to
>         keep the trusted computing base smaller considering that SUIT
>         manifests as well as EAT tokens are/can be encoded in CBOR and
>         protected by COSE.

The Hackathon at  Berlin was really productive and thanks.

I personally do not mind if the protocol spec becomes having only CBOR/COSE and drop JSON/JOSE.

I think we have two discussion on this topic, one is completing the draft and other is whether the TAM implementation must support support both CBOR and JSON.

It is very good to have some kind of reference implementation of TEEP along side with the spec draft, so I would prefer having the current implementation started on JSON to be finished and fill out the details in the spec for what we have discussed during the Hakathon.

The sequences of TEEP in JSON which I was wroking on at the Hackathon are still not mature.
https://github.com/ietf-teep/teep-protocol/issues/7
The suit representation is not there yet either.

These are the links I would like to reflect on the draft before the next IETF hackathon.
https://github.com/ietf-teep/architecture/issues/151
https://github.com/ietf-teep/teep-protocol/issues/6
https://github.com/ietf-teep/teep-protocol/issues/5
https://github.com/ietf-teep/teep-protocol/issues/4 <- we had conclusion at the Hakathon on this

Otherwise I am bit concerned many people having different interpretation from reading the draft and many implementation suffering interoperability.
Once the details is addressed in the JSON then having CBOR representation in the spec is fine.
The cbor-diag tool mentioned by Carsten at the other thread is great.
It is good if somebody starts CBOR implementation in the time being.

My thought was that switching to CBOR only and no JSON now for the Hackathon is that the TAM side is possible to talk CBOR relatively easy since there is "npm install cbor" to use cbor library with javascript, but for the implementation on TEEP device side, there are cn-cbor and tiny-cbor for c language which is not so easy for try and error and changing the message formats while the draft is also moving.

The other topic of requiring the TAM to support both JSON and CBOR in the draft, I do not feel that it should have to support both.
TAM talking otrp with json or/either teep with cbor is fine for me.

-Akira

On Fri, Feb 21, 2020 at 6:49 PM Henk Birkholz <henk.birkholz@sit.fraunhofer.de> wrote:
>
> Hi Tiru,
>
> I'd stay in the scope of CBOR and use cbor-diag. As cbor-diag can be
> directly translated into CBOR data items, that is the notation I am
> working with on a daily basis.
>
> If needed, a JSON data item can be derived from cbor-diag quite easily.
>
> Viele Grüße,
>
> Henk
>
> On 21.02.20 04:43, Konda, Tirumaleswar Reddy wrote:
> > The protocol draft can discuss either CBOR to JSON conversion or
> > diagnostic notation discussed in
> > https://tools.ietf.org/html/rfc7049#section-6 to ease debugging.
> >
> > -Tiru
> >
> > *From:* TEEP <teep-bounces@ietf.org> *On Behalf Of * Mingliang Pei
> > *Sent:* Thursday, February 20, 2020 10:52 PM
> > *To:* Nicolae Paladi <nicolae.paladi@ri.se>
> > *Cc:* Hannes Tschofenig <Hannes.Tschofenig@arm.com>; teep@ietf.org
> > *Subject:* Re: [Teep] JSON/JOSE vs. CBOR/COSE
> >
> > *CAUTION*:External email. Do not click links or open attachments
> > unless you recognize the sender and know the content is safe.
> >
> > --------------------------------------------------------------------
> > ----
> >
> > I agree we move forward TEEP protocol with one mandatory format:
> > CBOR / COSE, and focus on specifying only one for now. Thanks, Ming
> >
> > On Thu, Feb 20, 2020 at 6:26 AM Nicolae Paladi <nicolae.paladi@ri.se
> > <mailto:nicolae.paladi@ri.se>> wrote:
> >
> >
> >
> >         On 20 Feb 2020, at 11:16, Hannes Tschofenig
> >         <Hannes.Tschofenig@arm.com <mailto:Hannes.Tschofenig@arm.com>>
> >         wrote:
> >
> >         Hi all,
> >
> >         With the impression from the Hackathon in mind I am wondering
> >         whether we should make a decision about the encoding of the TEEP
> >         protocol messages. Today, the spec allows two types of
> >         encodings, namely JSON and CBOR (with their security mechanisms).
> >
> >         It is obviously a pain to implement both encodings. The spec
> >         supports two encodings because the OTrP design was based on JSON
> >         / JOSE and it felt logical to “inherit” this encoding. Then, we
> >         added CBOR and COSE for use with constrained devices.
> >
> >         I believe we should only have one encoding.
> >
> >         CBOR and COSE appear to be the better choice (although I have
> >         been working on an implementation of JSON and JOSE at the
> >         Hackathon). While JSON/JOSE is easier to debug the TEEP protocol
> >         is actually quite simple. The use of CBOR/COSE will allow us to
> >         keep the trusted computing base smaller considering that SUIT
> >         manifests as well as EAT tokens are/can be encoded in CBOR and
> >         protected by COSE.
> >
> >     I agree, better to focus on one format.
> >
> >     Best regards,
> >
> >     Nicolae
> >
> >
> >
> >         With this email I wanted to kick-off a discussion. What do you
> >         think?
> >
> >         Ciao
> >
> >         Hannes
> >
> >         IMPORTANT NOTICE: The contents of this email and any attachments
> >         are confidential and may also be privileged. If you are not the
> >         intended recipient, please notify the sender immediately and do
> >         not disclose the contents to any other person, use it for any
> >         purpose, or store or copy the information in any medium. Thank
> >         you. _______________________________________________
> >         TEEP mailing list
> >         TEEP@ietf.org <mailto:TEEP@ietf.org>
> >         https://www.ietf.org/mailman/listinfo/teep
> >
> > <https://clicktime.symantec.com/3MSsiXmEmb2Dwfb5s7ZBbYv7Vc?u=https%3
> > A%2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2Fteep>
> >
> >     _______________________________________________
> >     TEEP mailing list
> >     TEEP@ietf.org <mailto:TEEP@ietf.org>
> >
> > https://clicktime.symantec.com/3MSsiXmEmb2Dwfb5s7ZBbYv7Vc?u=https%3A
> > %2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2Fteep
> >
> >
> > _______________________________________________
> > TEEP mailing list
> > TEEP@ietf.org
> > https://www.ietf.org/mailman/listinfo/teep
> >
>
> _______________________________________________
> TEEP mailing list
> TEEP@ietf.org
> https://www.ietf.org/mailman/listinfo/teep
IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.

v2.23.0 | Report a Bug | By Email