< draft-bormann-cbor-sequence-00.txt   draft-bormann-cbor-sequence-01.txt >
Network Working Group C. Bormann Network Working Group C. Bormann
Internet-Draft Universitaet Bremen TZI Internet-Draft Universitaet Bremen TZI
Intended status: Standards Track February 24, 2019 Intended status: Standards Track June 23, 2019
Expires: August 28, 2019 Expires: December 25, 2019
Concise Binary Object Representation (CBOR) Sequences Concise Binary Object Representation (CBOR) Sequences
draft-bormann-cbor-sequence-00 draft-bormann-cbor-sequence-01
Abstract Abstract
This document describes the Concise Binary Object Representation This document describes the Concise Binary Object Representation
(CBOR) Sequence format and associated media type "application/cbor- (CBOR) Sequence format and associated media type "application/cbor-
seq". A CBOR Sequence consists of any number of encoded CBOR data seq". A CBOR Sequence consists of any number of encoded CBOR data
items, simply concatenated in sequence. items, simply concatenated in sequence.
Structured syntax suffixes for media types allow other media types to Structured syntax suffixes for media types allow other media types to
build on them and make it explicit that they are built on an existing build on them and make it explicit that they are built on an existing
skipping to change at page 1, line 39 skipping to change at page 1, line 39
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/. Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on August 28, 2019. This Internet-Draft will expire on December 25, 2019.
Copyright Notice Copyright Notice
Copyright (c) 2019 IETF Trust and the persons identified as the Copyright (c) 2019 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(https://trustee.ietf.org/license-info) in effect on the date of (https://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 2, line 16 skipping to change at page 2, line 16
include Simplified BSD License text as described in Section 4.e of include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License. described in the Simplified BSD License.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2
1.1. Conventions Used in This Document . . . . . . . . . . . . 3 1.1. Conventions Used in This Document . . . . . . . . . . . . 3
2. CBOR Sequence Format . . . . . . . . . . . . . . . . . . . . 3 2. CBOR Sequence Format . . . . . . . . . . . . . . . . . . . . 3
3. The "+cbor-seq" Structured Syntax Suffix . . . . . . . . . . 4 3. The "+cbor-seq" Structured Syntax Suffix . . . . . . . . . . 4
4. Security Considerations . . . . . . . . . . . . . . . . . . . 4 4. Practical Considerations . . . . . . . . . . . . . . . . . . 4
5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 4 4.1. Specifying CBOR Sequences in CDDL . . . . . . . . . . . . 4
5.1. Media Type . . . . . . . . . . . . . . . . . . . . . . . 4 4.2. Optimizing CBOR Sequences for Skipping Elements . . . . . 5
5.2. CoAP Content-Format Registration . . . . . . . . . . . . 5 5. Security Considerations . . . . . . . . . . . . . . . . . . . 5
5.3. Structured Syntax Suffix . . . . . . . . . . . . . . . . 6 6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 5
6. References . . . . . . . . . . . . . . . . . . . . . . . . . 7 6.1. Media Type . . . . . . . . . . . . . . . . . . . . . . . 5
6.1. Normative References . . . . . . . . . . . . . . . . . . 7 6.2. CoAP Content-Format Registration . . . . . . . . . . . . 6
6.2. Informative References . . . . . . . . . . . . . . . . . 7 6.3. Structured Syntax Suffix . . . . . . . . . . . . . . . . 7
Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . 8 7. References . . . . . . . . . . . . . . . . . . . . . . . . . 8
Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 8 7.1. Normative References . . . . . . . . . . . . . . . . . . 8
7.2. Informative References . . . . . . . . . . . . . . . . . 9
Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . 9
Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 9
1. Introduction 1. Introduction
The Concise Binary Object Representation (CBOR) [RFC7049] can be used The Concise Binary Object Representation (CBOR) [RFC7049] can be used
for serialization of data in the JSON [RFC8259] data model or its for serialization of data in the JSON [RFC8259] data model or in its
own, somewhat expanded data model. When serializing a sequence of own, somewhat expanded data model. When serializing a sequence of
such values, it is sometimes convenient to have a format where these such values, it is sometimes convenient to have a format where these
sequences can simply be concatenated to obtain a serialization of the sequences can simply be concatenated to obtain a serialization of the
concatenated sequence of values, or to encode a sequence of values concatenated sequence of values, or to encode a sequence of values
that might grow at the end by just appending further CBOR data items. that might grow at the end by just appending further CBOR data items.
This document describes the concept and format of "CBOR Sequences", This document describes the concept and format of "CBOR Sequences",
which are composed of zero or more encoded CBOR data items. CBOR which are composed of zero or more encoded CBOR data items. CBOR
Sequences can be consumed (and produced) incrementally without a Sequences can be consumed (and produced) incrementally without
streaming parser (or streaming encoder). requiring a streaming CBOR parser that is able to deliver
substructures of a data item incrementally (or a streaming encoder
able to encode from substructures incrementally).
This document defines and registers the "application/cbor-seq" media This document defines and registers the "application/cbor-seq" media
type in the media type registry. Media type structured syntax type in the media type registry. Media type structured syntax
suffixes [RFC6838] were introduced as a way for a media type to suffixes [RFC6838] were introduced as a way for a media type to
signal that it is based on another media type as its foundation. signal that it is based on another media type as its foundation.
CBOR [RFC7049] defines the "+cbor" structured syntax suffix. This CBOR [RFC7049] defines the "+cbor" structured syntax suffix. This
document defines and registers the "+cbor-seq" structured syntax document defines and registers the "+cbor-seq" structured syntax
suffix in the "Structured Syntax Suffix Registry". suffix in the "Structured Syntax Suffix Registry".
1.1. Conventions Used in This Document 1.1. Conventions Used in This Document
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
"OPTIONAL" in this document are to be interpreted as described in "OPTIONAL" in this document are to be interpreted as described in
BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all
capitals, as shown here. capitals, as shown here.
In this specification, the term "byte" is used in its now-customary
sense as a synonym for "octet".
2. CBOR Sequence Format 2. CBOR Sequence Format
Formally, a CBOR Sequence is a sequence of bytes that is either Formally, a CBOR Sequence is a sequence of bytes that is recursively
defined as either
o an empty (zero-length) sequence of bytes o an empty (zero-length) sequence of bytes
o the sequence of bytes making up an encoded CBOR data item o the sequence of bytes making up an encoded CBOR data item
[RFC7049], followed by a CBOR Sequence. [RFC7049], followed by a CBOR Sequence.
In short, concatenating zero or more encoded CBOR data items In short, concatenating zero or more encoded CBOR data items
generates a CBOR Sequence. generates a CBOR Sequence.
There is no end of sequence indicator. (If one is desired, CBOR- There is no end of sequence indicator. (If one is desired, CBOR-
encoding an array of the CBOR data model values being encoded -- encoding an array of the CBOR data model values being encoded --
employing either a definite or an indefinite length encoding -- as a employing either a definite or an indefinite length encoding -- as a
single CBOR data item may actually be the more appropriate single CBOR data item may actually be the more appropriate
representation.) representation.)
This specification makes use of the fact that CBOR data items are This specification makes use of the fact that CBOR data items are
self-delimiting. Decoding a CBOR Sequence works as follows: self-delimiting (there is no delimiter used between items, as there
is in JSON Text Sequences [RFC7464]).
Decoding a CBOR Sequence works as follows:
o If the CBOR Sequence is an empty sequence of bytes, the result is o If the CBOR Sequence is an empty sequence of bytes, the result is
an empty sequence of CBOR data model values. an empty sequence of CBOR data model values.
o Otherwise, decode a single CBOR data item from the bytes of the o Otherwise, decode a single CBOR data item from the bytes of the
CBOR sequence, and insert the resulting CBOR data model value at CBOR sequence, and insert the resulting CBOR data model value at
the start of the result of decoding the rest of the bytes as a the start of the result of decoding the rest of the bytes as a
CBOR sequence. CBOR sequence. (A streaming decoder would therefore simply
deliver a sequence of CBOR data model values, each of which as
soon as the bytes making it up are available.)
This means that if any data item in the sequence is not well-formed, This means that if any data item in the sequence is not well-formed,
it is not possible to reliably decode the rest of the sequence. (An it is not possible to reliably decode the rest of the sequence. (An
implementation may be able to recover from some errors in a sequence implementation may be able to recover from some errors in a sequence
of bytes that is almost, but not entirely a well-formed encoded CBOR of bytes that is almost, but not entirely a well-formed encoded CBOR
data item. Handling malformed data is outside the scope of this data item. Handling malformed data is outside the scope of this
specification.) specification.)
This also means that the CBOR Sequence format can reliably detect This also means that the CBOR Sequence format can reliably detect
truncation of the last CBOR data item in the sequence, but not truncation of the bytes making up the last CBOR data item in the
entirely missing CBOR data items at the end. A CBOR Sequence decoder sequence, but not entirely missing CBOR data items at the end. A
that is used for consuming streaming CBOR Sequence data may simply CBOR Sequence decoder that is used for consuming streaming CBOR
pause for more data (e.g., by suspending and later resuming decoding) Sequence data may simply pause for more data (e.g., by suspending and
in case a truncated final item is being received. later resuming decoding) in case a truncated final item is being
received.
3. The "+cbor-seq" Structured Syntax Suffix 3. The "+cbor-seq" Structured Syntax Suffix
The use case for the "+cbor-seq" structured syntax suffix is the same The use case for the "+cbor-seq" structured syntax suffix is the same
as for "+cbor": It SHOULD be used by a media type when parsing the as for "+cbor": It SHOULD be used by a media type when parsing the
CBOR Sequence of the object of the media type leads to a meaningful bytes of the media type object as a CBOR Sequence leads to a
result, by simply using the generic CBOR Sequence processing. meaningful result that is at least sometimes not just a single CBOR
data item. (Without the qualification at the end, this sentence is
trivially true for any +cbor media type, which of course should
continue to use the "+cbor" structured syntax suffix.)
Applications encountering such a media type can then either simply Applications encountering a "+cbor-seq" media type can then either
use generic processing if all they need is a generic view of the CBOR simply use generic processing if all they need is a generic view of
Sequence, or they can use generic CBOR Sequence tools for initial the CBOR Sequence, or they can use generic CBOR Sequence tools for
parsing and then implement their own specific processing on top of initial parsing and then implement their own specific processing on
that generic parsing tool. top of that generic parsing tool.
4. Security Considerations 4. Practical Considerations
4.1. Specifying CBOR Sequences in CDDL
In CDDL [RFC8610], CBOR sequences are already supported as contents
of byte strings using the ".cborseq" control operator (Section 3.8.4
of [RFC8610]), by employing an array as the controller type:
my-embedded-cbor-seq = bytes .cborseq my-array
my-array = [* my-element]
my-element = my-foo / my-bar
CDDL currently does not provide for unadorned CBOR sequences as a
top-level subject of a specification. For now, the suggestion is to
use an array, as for the ".cborseq" control operator, for the top-
level rule and add English text that explains that the specification
is really about a CBOR sequence with the elements of the array:
; This defines an array, the elements of which are to be used
; in a CBOR sequence:
my-sequence = [* my-element]
my-element = my-foo / my-bar
(Future versions of CDDL may provide a notation for top-level CBOR
sequences, e.g. by using a group as the top-level rule in a CDDL
specification.)
4.2. Optimizing CBOR Sequences for Skipping Elements
In certain applications, being able to efficiently skip an element
without the need for decoding its substructure, or efficiently
fanning out elements to multi-threaded decoding processes, is of the
utmost importance. For these applications, byte strings (which carry
length information in bytes) containing embedded CBOR can be used as
the elements of a CBOR sequence:
; This defines an array of CBOR byte strings, the elements of which
; are to be used in a CBOR sequence:
my-sequence = [* my-element]
my-element = bytes .cbor my-element-structure
my-element-structure = my-foo / my-bar
Within limits, this may also enable recovering from elements that
internally are not well-formed -- the limitation is that the sequence
of byte strings does need to be well-formed as such.
5. Security Considerations
The security considerations of CBOR [RFC7049] apply. This format The security considerations of CBOR [RFC7049] apply. This format
provides no cryptographic integrity protection of any kind, but can provides no cryptographic integrity protection of any kind, but can
be combined with security specifications such as COSE [RFC8152] to do be combined with security specifications such as COSE [RFC8152] to do
so. so.
As usual, decoders must operate on input that is assumed to be As usual, decoders must operate on input that is assumed to be
untrusted. This means that decoders must fail gracefully in the face untrusted. This means that decoders must fail gracefully in the face
of malicious inputs. of malicious inputs.
5. IANA Considerations 6. IANA Considerations
5.1. Media Type 6.1. Media Type
Media types are registered in the media types registry Media types are registered in the media types registry
[IANA.media-types]. IANA is requested to register the MIME media [IANA.media-types]. IANA is requested to register the MIME media
type for CBOR Sequence, application/cbor-seq, as follows: type for CBOR Sequence, application/cbor-seq, as follows:
Type name: application Type name: application
Subtype name: cbor-seq Subtype name: cbor-seq
Required parameters: N/A Required parameters: N/A
Optional parameters: N/A Optional parameters: N/A
Encoding considerations: binary Encoding considerations: binary
Security considerations: See RFCthis, Section 4. Security considerations: See RFCthis, Section 5.
Interoperability considerations: Described herein. Interoperability considerations: Described herein.
Published specification: RFCthis. Published specification: RFCthis.
Applications that use this media type: Data serialization and Applications that use this media type: Data serialization and
deserialization. deserialization.
Fragment identifier considerations: N/A Fragment identifier considerations: N/A
skipping to change at page 5, line 31 skipping to change at page 6, line 42
Person & email address to contact for further information: Person & email address to contact for further information:
cbor@ietf.org cbor@ietf.org
Intended usage: COMMON Intended usage: COMMON
Author: Carsten Bormann (cabo@tzi.org) Author: Carsten Bormann (cabo@tzi.org)
Change controller: IETF Change controller: IETF
5.2. CoAP Content-Format Registration 6.2. CoAP Content-Format Registration
IANA is requested to assign a CoAP Content-Format ID for the media IANA is requested to assign a CoAP Content-Format ID for the media
type "application/cbor-seq", in the CoAP Content-Formats subregistry type "application/cbor-seq", in the CoAP Content-Formats subregistry
of the core-parameter registry [IANA.core-parameters], from the of the core-parameter registry [IANA.core-parameters], from the
"Expert Review" (0-255) range. The assigned ID is shown in Table 1. "Expert Review" (0-255) range. The assigned ID is shown in Table 1.
+----------------------+----------+-------+-----------+ +----------------------+----------+-------+-----------+
| Media type | Encoding | ID | Reference | | Media type | Encoding | ID | Reference |
+----------------------+----------+-------+-----------+ +----------------------+----------+-------+-----------+
| application/cbor-seq | - | TBD63 | RFCthis | | application/cbor-seq | - | TBD63 | RFCthis |
+----------------------+----------+-------+-----------+ +----------------------+----------+-------+-----------+
Table 1: CoAP Content-Format ID Table 1: CoAP Content-Format ID
RFC editor: Please replace TBD63 by the number actually assigned and RFC editor: Please replace TBD63 by the number actually assigned and
delete this paragraph. delete this paragraph.
5.3. Structured Syntax Suffix 6.3. Structured Syntax Suffix
Structured Syntax Suffixes are registered within the "Structured Structured Syntax Suffixes are registered within the "Structured
Syntax Suffix Registry" maintained at Syntax Suffix Registry" maintained at
[IANA.media-type-structured-suffix]. IANA is requested to register [IANA.media-type-structured-suffix]. IANA is requested to register
the "+cbor-seq" structured syntax suffix in accordance with the "+cbor-seq" structured syntax suffix in accordance with
[RFC6838], as follows: [RFC6838], as follows:
Name: CBOR Sequence Name: CBOR Sequence
+suffix: +cbor-seq +suffix: +cbor-seq
skipping to change at page 7, line 10 skipping to change at page 8, line 14
For cases defined in +cbor-seq, where the fragment For cases defined in +cbor-seq, where the fragment
identifier does not resolve per the +cbor-seq rules, then identifier does not resolve per the +cbor-seq rules, then
process as specified in "xxx/yyy+cbor-seq". process as specified in "xxx/yyy+cbor-seq".
For cases not defined in +cbor-seq, then process as For cases not defined in +cbor-seq, then process as
specified in "xxx/yyy+cbor-seq". specified in "xxx/yyy+cbor-seq".
Interoperability considerations: n/a Interoperability considerations: n/a
Security considerations: See RFCthis, Section 4 Security considerations: See RFCthis, Section 5
Contact: CBOR WG mailing list (cbor@ietf.org), or any IESG- Contact: CBOR WG mailing list (cbor@ietf.org), or any IESG-
designated successor. designated successor.
Author/Change controller: IETF Author/Change controller: IETF
6. References 7. References
6.1. Normative References 7.1. Normative References
[IANA.core-parameters] [IANA.core-parameters]
IANA, "Constrained RESTful Environments (CoRE) IANA, "Constrained RESTful Environments (CoRE)
Parameters", Parameters",
<http://www.iana.org/assignments/core-parameters>. <http://www.iana.org/assignments/core-parameters>.
[IANA.media-type-structured-suffix] [IANA.media-type-structured-suffix]
IANA, "Structured Syntax Suffix Registry", IANA, "Structured Syntax Suffix Registry",
<http://www.iana.org/assignments/ <http://www.iana.org/assignments/
media-type-structured-suffix>. media-type-structured-suffix>.
skipping to change at page 7, line 48 skipping to change at page 9, line 9
<https://www.rfc-editor.org/info/rfc2119>. <https://www.rfc-editor.org/info/rfc2119>.
[RFC7049] Bormann, C. and P. Hoffman, "Concise Binary Object [RFC7049] Bormann, C. and P. Hoffman, "Concise Binary Object
Representation (CBOR)", RFC 7049, DOI 10.17487/RFC7049, Representation (CBOR)", RFC 7049, DOI 10.17487/RFC7049,
October 2013, <https://www.rfc-editor.org/info/rfc7049>. October 2013, <https://www.rfc-editor.org/info/rfc7049>.
[RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC
2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174,
May 2017, <https://www.rfc-editor.org/info/rfc8174>. May 2017, <https://www.rfc-editor.org/info/rfc8174>.
6.2. Informative References 7.2. Informative References
[RFC6838] Freed, N., Klensin, J., and T. Hansen, "Media Type [RFC6838] Freed, N., Klensin, J., and T. Hansen, "Media Type
Specifications and Registration Procedures", BCP 13, Specifications and Registration Procedures", BCP 13,
RFC 6838, DOI 10.17487/RFC6838, January 2013, RFC 6838, DOI 10.17487/RFC6838, January 2013,
<https://www.rfc-editor.org/info/rfc6838>. <https://www.rfc-editor.org/info/rfc6838>.
[RFC7464] Williams, N., "JavaScript Object Notation (JSON) Text [RFC7464] Williams, N., "JavaScript Object Notation (JSON) Text
Sequences", RFC 7464, DOI 10.17487/RFC7464, February 2015, Sequences", RFC 7464, DOI 10.17487/RFC7464, February 2015,
<https://www.rfc-editor.org/info/rfc7464>. <https://www.rfc-editor.org/info/rfc7464>.
skipping to change at page 8, line 27 skipping to change at page 9, line 33
[RFC8152] Schaad, J., "CBOR Object Signing and Encryption (COSE)", [RFC8152] Schaad, J., "CBOR Object Signing and Encryption (COSE)",
RFC 8152, DOI 10.17487/RFC8152, July 2017, RFC 8152, DOI 10.17487/RFC8152, July 2017,
<https://www.rfc-editor.org/info/rfc8152>. <https://www.rfc-editor.org/info/rfc8152>.
[RFC8259] Bray, T., Ed., "The JavaScript Object Notation (JSON) Data [RFC8259] Bray, T., Ed., "The JavaScript Object Notation (JSON) Data
Interchange Format", STD 90, RFC 8259, Interchange Format", STD 90, RFC 8259,
DOI 10.17487/RFC8259, December 2017, DOI 10.17487/RFC8259, December 2017,
<https://www.rfc-editor.org/info/rfc8259>. <https://www.rfc-editor.org/info/rfc8259>.
[RFC8610] Birkholz, H., Vigano, C., and C. Bormann, "Concise Data
Definition Language (CDDL): A Notational Convention to
Express Concise Binary Object Representation (CBOR) and
JSON Data Structures", RFC 8610, DOI 10.17487/RFC8610,
June 2019, <https://www.rfc-editor.org/info/rfc8610>.
Acknowledgements Acknowledgements
This draft has mostly been generated from [RFC7464] by Nico Williams This draft has mostly been generated from [RFC7464] by Nico Williams
and [RFC8091] by Erik Wilde, which do a similar, but slightly more and [RFC8091] by Erik Wilde, which do a similar, but slightly more
complicated exercise for JSON [RFC8259]. Laurence Lundblade raised complicated exercise for JSON [RFC8259]. Laurence Lundblade raised
an issue on the CBOR mailing list that pointed out the need for this an issue on the CBOR mailing list that pointed out the need for this
document. document.
Author's Address Author's Address
Carsten Bormann Carsten Bormann
Universitaet Bremen TZI Universitaet Bremen TZI
Postfach 330440 Postfach 330440
Bremen D-28359 Bremen D-28359
Germany Germany
Phone: +49-421-218-63921 Phone: +49-421-218-63921
Email: cabo@tzi.org Email: cabo@tzi.org
 End of changes. 26 change blocks. 
44 lines changed or deleted 112 lines changed or added

This html diff was produced by rfcdiff 1.47. The latest version is available from http://tools.ietf.org/tools/rfcdiff/