draft-ietf-cbor-tags-oid-00.txt   draft-ietf-cbor-tags-oid-01.txt 
Network Working Group C. Bormann Network Working Group C. Bormann
Internet-Draft Universität Bremen TZI Internet-Draft Universität Bremen TZI
Intended status: Standards Track S. Leonard Intended status: Standards Track S. Leonard
Expires: 1 February 2021 Penango, Inc. Expires: 3 April 2021 Penango, Inc.
31 July 2020 30 September 2020
Concise Binary Object Representation (CBOR) Tags for Object Identifiers Concise Binary Object Representation (CBOR) Tags for Object Identifiers
draft-ietf-cbor-tags-oid-00 draft-ietf-cbor-tags-oid-01
Abstract Abstract
The Concise Binary Object Representation (CBOR, draft-ietf-cbor- The Concise Binary Object Representation (CBOR, draft-ietf-cbor-
7049bis) is a data format whose design goals include the possibility 7049bis) is a data format whose design goals include the possibility
of extremely small code size, fairly small message size, and of extremely small code size, fairly small message size, and
extensibility without the need for version negotiation. extensibility without the need for version negotiation.
The present document defines CBOR tags for object identifiers (OIDs). The present document defines CBOR tags for object identifiers (OIDs).
It is intended as the reference document for the IANA registration of It is intended as the reference document for the IANA registration of
skipping to change at page 1, line 38 skipping to change at page 1, line 38
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/. Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on 1 February 2021. This Internet-Draft will expire on 3 April 2021.
Copyright Notice Copyright Notice
Copyright (c) 2020 IETF Trust and the persons identified as the Copyright (c) 2020 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents (https://trustee.ietf.org/ Provisions Relating to IETF Documents (https://trustee.ietf.org/
license-info) in effect on the date of publication of this document. license-info) in effect on the date of publication of this document.
Please review these documents carefully, as they describe your rights Please review these documents carefully, as they describe your rights
skipping to change at page 2, line 22 skipping to change at page 2, line 22
3. Examples . . . . . . . . . . . . . . . . . . . . . . . . . . 5 3. Examples . . . . . . . . . . . . . . . . . . . . . . . . . . 5
4. Discussion . . . . . . . . . . . . . . . . . . . . . . . . . 6 4. Discussion . . . . . . . . . . . . . . . . . . . . . . . . . 6
5. Tag Factoring with OID Arrays and Maps . . . . . . . . . . . 6 5. Tag Factoring with OID Arrays and Maps . . . . . . . . . . . 6
6. Applications and Examples of OIDs . . . . . . . . . . . . . . 7 6. Applications and Examples of OIDs . . . . . . . . . . . . . . 7
7. CDDL Control Operators . . . . . . . . . . . . . . . . . . . 9 7. CDDL Control Operators . . . . . . . . . . . . . . . . . . . 9
8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 9 8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 9
9. Security Considerations . . . . . . . . . . . . . . . . . . . 10 9. Security Considerations . . . . . . . . . . . . . . . . . . . 10
10. References . . . . . . . . . . . . . . . . . . . . . . . . . 11 10. References . . . . . . . . . . . . . . . . . . . . . . . . . 11
10.1. Normative References . . . . . . . . . . . . . . . . . . 11 10.1. Normative References . . . . . . . . . . . . . . . . . . 11
10.2. Informative References . . . . . . . . . . . . . . . . . 12 10.2. Informative References . . . . . . . . . . . . . . . . . 12
Appendix A. Change Log . . . . . . . . . . . . . . . . . . . . . 13 Appendix A. Change Log . . . . . . . . . . . . . . . . . . . . . 12
Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . . . 14 Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . . . 14
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 14 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 14
1. Introduction 1. Introduction
The Concise Binary Object Representation (CBOR, The Concise Binary Object Representation (CBOR,
[I-D.ietf-cbor-7049bis]) provides for the interchange of structured [I-D.ietf-cbor-7049bis]) provides for the interchange of structured
data without a requirement for a pre-agreed schema. data without a requirement for a pre-agreed schema.
[I-D.ietf-cbor-7049bis] defines a basic set of data types, as well as [I-D.ietf-cbor-7049bis] defines a basic set of data types, as well as
a tagging mechanism that enables extending the set of data types a tagging mechanism that enables extending the set of data types
skipping to change at page 4, line 9 skipping to change at page 4, line 9
arc "joint-iso-itu-t(2)" has no such limitations on its second arc.) arc "joint-iso-itu-t(2)" has no such limitations on its second arc.)
If X and Y are the first two integers, the single integer actually If X and Y are the first two integers, the single integer actually
encoded is computed as: encoded is computed as:
X * 40 + Y X * 40 + Y
The inverse transformation (again making use of the known ranges of X The inverse transformation (again making use of the known ranges of X
and Y) is applied when decoding the object identifier. and Y) is applied when decoding the object identifier.
Since the semantics of absolute and relative object identifiers Since the semantics of absolute and relative object identifiers
differ, this specification defines two tags: differ, this specification defines two tags, collectively called the
"OID tags" here:
Tag TBD111: tags a byte string as the [X.690] encoding of an absolute Tag TBD111: tags a byte string as the [X.690] encoding of an absolute
object identifier (simply "object identifier" or "OID"). object identifier (simply "object identifier" or "OID").
Tag TBD110: tags a byte string as the [X.690] encoding of a relative Tag TBD110: tags a byte string as the [X.690] encoding of a relative
object identifier (also "relative OID"). Since the encoding of each object identifier (also "relative OID"). Since the encoding of each
number is the same as for [RFC6256] Self-Delimiting Numeric Values number is the same as for [RFC6256] Self-Delimiting Numeric Values
(SDNVs), this tag can also be used for tagging a byte string that (SDNVs), this tag can also be used for tagging a byte string that
contains a sequence of zero or more SDNVs. contains a sequence of zero or more SDNVs.
skipping to change at page 6, line 38 skipping to change at page 6, line 38
serialized in dotted decimal form or BER form, so there is an serialized in dotted decimal form or BER form, so there is an
advantage in not inventing a third form. Also, expectations of the advantage in not inventing a third form. Also, expectations of the
cost of encoding object identifiers are based on BER; using a cost of encoding object identifiers are based on BER; using a
different encoding might not be aligned with these expectations. If different encoding might not be aligned with these expectations. If
additional information about an OID is desired, lookup services such additional information about an OID is desired, lookup services such
as the OID Resolution Service (ORS) [X.672] and the OID Repository as the OID Resolution Service (ORS) [X.672] and the OID Repository
[OID-INFO] are available. [OID-INFO] are available.
5. Tag Factoring with OID Arrays and Maps 5. Tag Factoring with OID Arrays and Maps
TBD111 and TBD110 can tag CBOR arrays and maps. The idea is that the OID tags can tag byte strings (as discussed above), but also CBOR
tag is factored out from each individual byte string; the tag is arrays and maps. The idea in the latter case is that the tag is
placed in front of the array or map instead. The tags TBD111 and factored out from each individual item in the container; the tag is
TBD110 are left-distributive. placed on the array or map instead.
When the TBD111 or TBD110 tag is applied to an array, it means that When an OID tag is applied to an array, it means that the respective
the respective tag is imputed to all items in the array that are byte tag is imputed to all elements of the array that are byte strings,
strings. For example, when the array is tagged with TBD111, every arrays, or maps. (There is no effect on other elements, including
array item that is a binary string is an OID. text strings or tags.) For example, when an array is tagged with
TBD111, every array element that is a byte string is an OID, and
every element that is an array or map is in turn treated as discussed
here.
When the TBD111 or TBD110 tag is applied to a map, it means that the When an OID tag is applied to a map, it means that the respective tag
respective tag is imputed to all keys in the map that are byte is imputed to all keys in the map that are byte strings, arrays, or
strings. The values in the map are not considered specially tagged. maps; again, there is no effect on keys of other major types. Note
that there is also no effect on the values in the map.
Array and map nesting is permitted. For example, a 3-dimensional As a result of these rules, tag factoring in nested arrays and maps
array of OIDs can be composed by using a single TBD111 tag, followed is supported. For example, a 3-dimensional array of OIDs can be
by an array of arrays of arrays of binary strings. All such binary composed by using a single TBD111 tag containing an array of arrays
strings are considered OIDs. of arrays of byte strings. All such byte strings are then considered
// That was part of the original proposal. I find it hard to imagine OIDs.
// how to stop the influence of the tag deep into a nested structure. // Now what may be needed is a tag that can stop the recursive
// That's why I would rather limit this to one level (no nesting). // application. I'm not sure that level complexity is really useful,
// But see the Figure below, which needs a nesting of two. Please // instead, simply don't tag-factor arrays with elements or maps with
// discuss. // keys where you are not sure you really want recursive application.
6. Applications and Examples of OIDs 6. Applications and Examples of OIDs
6.1. X.500 Distinguished Name 6.1. X.500 Distinguished Name
Consider the X.500 distinguished name: Consider the X.500 distinguished name:
+==============================+=============+ +==============================+=============+
| Attribute Types | Attribute | | Attribute Types | Attribute |
| | Values | | | Values |
skipping to change at page 10, line 5 skipping to change at page 10, line 5
[2, 5, 4, *uint]" matches all OIDs inside OID arc 2.5.4, [2, 5, 4, *uint]" matches all OIDs inside OID arc 2.5.4,
"attributeType".) "attributeType".)
8. IANA Considerations 8. IANA Considerations
8.1. CBOR Tags 8.1. CBOR Tags
IANA is requested to assign the CBOR tags in Table 2, with the IANA is requested to assign the CBOR tags in Table 2, with the
present document as the specification reference. present document as the specification reference.
+========+===========+============================================+ +========+================+============================+
| Tag | Data Item | Semantics | | Tag | Data Item | Semantics |
+========+===========+============================================+ +========+================+============================+
| TBD111 | multiple | object identifier (BER encoding) | | TBD111 | byte string or | object identifier (BER |
+--------+-----------+--------------------------------------------+ | | array or map | encoding) |
| TBD110 | multiple | relative object identifier (BER encoding); | +--------+----------------+----------------------------+
| | | SDNV [RFC6256] sequence | | TBD110 | byte string or | relative object identifier |
+--------+-----------+--------------------------------------------+ | | array or map | (BER encoding); |
| | | SDNV [RFC6256] sequence |
+--------+----------------+----------------------------+
Table 2: Values for New Tags Table 2: Values for New Tags
8.2. CDDL Control Operators 8.2. CDDL Control Operators
IANA is requested to assign the CDDL Control Operators in Table 3, IANA is requested to assign the CDDL Control Operators in Table 3,
with the present document as the specification reference. with the present document as the specification reference.
+==========+============================+ +==========+============================+
| Name | Reference | | Name | Reference |
+==========+============================+ +==========+============================+
| .sdnv | [this document, Section 7] | | .sdnv | [this document, Section 7] |
skipping to change at page 11, line 35 skipping to change at page 11, line 29
algorithm [DOUBLEDABBLE] are well-known in the art; their application algorithm [DOUBLEDABBLE] are well-known in the art; their application
to this field is left as an exercise to the reader. to this field is left as an exercise to the reader.
10. References 10. References
10.1. Normative References 10.1. Normative References
[I-D.ietf-cbor-7049bis] [I-D.ietf-cbor-7049bis]
Bormann, C. and P. Hoffman, "Concise Binary Object Bormann, C. and P. Hoffman, "Concise Binary Object
Representation (CBOR)", Work in Progress, Internet-Draft, Representation (CBOR)", Work in Progress, Internet-Draft,
draft-ietf-cbor-7049bis-14, 16 June 2020, draft-ietf-cbor-7049bis-15, 24 September 2020,
<http://www.ietf.org/internet-drafts/draft-ietf-cbor- <http://www.ietf.org/internet-drafts/draft-ietf-cbor-
7049bis-14.txt>. 7049bis-15.txt>.
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, Requirement Levels", BCP 14, RFC 2119,
DOI 10.17487/RFC2119, March 1997, DOI 10.17487/RFC2119, March 1997,
<https://www.rfc-editor.org/info/rfc2119>. <https://www.rfc-editor.org/info/rfc2119>.
[RFC6256] Eddy, W. and E. Davies, "Using Self-Delimiting Numeric [RFC6256] Eddy, W. and E. Davies, "Using Self-Delimiting Numeric
Values in Protocols", RFC 6256, DOI 10.17487/RFC6256, May Values in Protocols", RFC 6256, DOI 10.17487/RFC6256, May
2011, <https://www.rfc-editor.org/info/rfc6256>. 2011, <https://www.rfc-editor.org/info/rfc6256>.
[RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC
2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174,
May 2017, <https://www.rfc-editor.org/info/rfc8174>. May 2017, <https://www.rfc-editor.org/info/rfc8174>.
[X.660] International Telecommunications Union, "Information [X.660] International Telecommunications Union, "Information
technology -- Procedures for the operation of object technology Procedures for the operation of object
identifier registration authorities: General procedures identifier registration authorities: General procedures
and top arcs of the international object identifier tree", and top arcs of the international object identifier tree",
ITU-T Recommendation X.660, July 2011. ITU-T Recommendation X.660, July 2011.
[X.680] International Telecommunications Union, "Information [X.680] International Telecommunications Union, "Information
technology -- Abstract Syntax Notation One (ASN.1): technology Abstract Syntax Notation One (ASN.1):
Specification of basic notation", ITU-T Recommendation Specification of basic notation", ITU-T Recommendation
X.680, August 2015. X.680, August 2015.
[X.690] International Telecommunications Union, "Information [X.690] International Telecommunications Union, "Information
technology -- ASN.1 encoding rules: Specification of Basic technology ASN.1 encoding rules: Specification of Basic
Encoding Rules (BER), Canonical Encoding Rules (CER) and Encoding Rules (BER), Canonical Encoding Rules (CER) and
Distinguished Encoding Rules (DER)", ITU-T Recommendation Distinguished Encoding Rules (DER)", ITU-T Recommendation
X.690, August 2015. X.690, August 2015.
10.2. Informative References 10.2. Informative References
[DOUBLEDABBLE] [DOUBLEDABBLE]
Gao, S., Al-Khalili, D., and N. Chabini, "An improved BCD Gao, S., Al-Khalili, D., and N. Chabini, "An improved BCD
adder using 6-LUT FPGAs", DOI 10.1109/newcas.2012.6328944, adder using 6-LUT FPGAs", 10th IEEE International
10th IEEE International NEWCAS Conference, June 2012, NEWCAS Conference, DOI 10.1109/newcas.2012.6328944, June
<https://doi.org/10.1109/newcas.2012.6328944>. 2012, <https://doi.org/10.1109/newcas.2012.6328944>.
[OID-INFO] Orange SA, "OID Repository", 2016, [OID-INFO] Orange SA, "OID Repository", 2016,
<http://www.oid-info.com/>. <http://www.oid-info.com/>.
[PCRE] Ho, A., "PCRE - Perl Compatible Regular Expressions", [PCRE] Ho, A., "PCRE - Perl Compatible Regular Expressions",
2018, <http://www.pcre.org/>. 2018, <http://www.pcre.org/>.
[PKILCAKE] Kaminsky, D., Patterson, M., and L. Sassaman, "PKI Layer [PKILCAKE] Kaminsky, D., Patterson, M., and L. Sassaman, "PKI Layer
Cake: New Collision Attacks against the Global X.509 Cake: New Collision Attacks against the Global X.509
Infrastructure", DOI 10.1007/978-3-642-14577-3_22, Infrastructure", Financial Cryptography and Data
Financial Cryptography and Data Security pp. 289-303, Security pp. 289-303, DOI 10.1007/978-3-642-14577-3_22,
2010, <https://doi.org/10.1007/978-3-642-14577-3_22>. 2010, <https://doi.org/10.1007/978-3-642-14577-3_22>.
[RFC7388] Schoenwaelder, J., Sehgal, A., Tsou, T., and C. Zhou, [RFC7388] Schoenwaelder, J., Sehgal, A., Tsou, T., and C. Zhou,
"Definition of Managed Objects for IPv6 over Low-Power "Definition of Managed Objects for IPv6 over Low-Power
Wireless Personal Area Networks (6LoWPANs)", RFC 7388, Wireless Personal Area Networks (6LoWPANs)", RFC 7388,
DOI 10.17487/RFC7388, October 2014, DOI 10.17487/RFC7388, October 2014,
<https://www.rfc-editor.org/info/rfc7388>. <https://www.rfc-editor.org/info/rfc7388>.
[X.672] International Telecommunications Union, "Information [X.672] International Telecommunications Union, "Information
technology -- Open systems interconnection -- Object technology — Open systems interconnection — Object
identifier resolution system", ITU-T Recommendation X.672, identifier resolution system", ITU-T Recommendation X.672,
August 2010. August 2010.
Appendix A. Change Log Appendix A. Change Log
This section is to be removed before publishing as an RFC. This section is to be removed before publishing as an RFC.
A.1. Changes from -07 (bormann) to -00 (ietf) A.1. Changes from -07 (bormann) to -00 (ietf)
Resubmitted as WG draft after adoption. Resubmitted as WG draft after adoption.
 End of changes. 19 change blocks. 
46 lines changed or deleted 53 lines changed or added

This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/