draft-ietf-cbor-tags-oid-02.txt   draft-ietf-cbor-tags-oid-03.txt 
Network Working Group C. Bormann Network Working Group C. Bormann
Internet-Draft Universität Bremen TZI Internet-Draft Universität Bremen TZI
Intended status: Standards Track S. Leonard Intended status: Standards Track S. Leonard
Expires: 1 May 2021 Penango, Inc. Expires: 21 May 2021 Penango, Inc.
28 October 2020 17 November 2020
Concise Binary Object Representation (CBOR) Tags for Object Identifiers Concise Binary Object Representation (CBOR) Tags for Object Identifiers
draft-ietf-cbor-tags-oid-02 draft-ietf-cbor-tags-oid-03
Abstract Abstract
The Concise Binary Object Representation (CBOR, draft-ietf-cbor- The Concise Binary Object Representation (CBOR, draft-ietf-cbor-
7049bis) is a data format whose design goals include the possibility 7049bis) is a data format whose design goals include the possibility
of extremely small code size, fairly small message size, and of extremely small code size, fairly small message size, and
extensibility without the need for version negotiation. extensibility without the need for version negotiation.
The present document defines CBOR tags for object identifiers (OIDs). The present document defines CBOR tags for object identifiers (OIDs).
It is intended as the reference document for the IANA registration of It is intended as the reference document for the IANA registration of
skipping to change at page 1, line 38 skipping to change at page 1, line 38
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/. Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on 1 May 2021. This Internet-Draft will expire on 21 May 2021.
Copyright Notice Copyright Notice
Copyright (c) 2020 IETF Trust and the persons identified as the Copyright (c) 2020 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents (https://trustee.ietf.org/ Provisions Relating to IETF Documents (https://trustee.ietf.org/
license-info) in effect on the date of publication of this document. license-info) in effect on the date of publication of this document.
Please review these documents carefully, as they describe your rights Please review these documents carefully, as they describe your rights
skipping to change at page 2, line 17 skipping to change at page 2, line 17
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2
2. Object Identifiers . . . . . . . . . . . . . . . . . . . . . 3 2. Object Identifiers . . . . . . . . . . . . . . . . . . . . . 3
3. Examples . . . . . . . . . . . . . . . . . . . . . . . . . . 5 3. Examples . . . . . . . . . . . . . . . . . . . . . . . . . . 5
4. Discussion . . . . . . . . . . . . . . . . . . . . . . . . . 6 4. Discussion . . . . . . . . . . . . . . . . . . . . . . . . . 6
5. Tag Factoring with OID Arrays and Maps . . . . . . . . . . . 6 5. Tag Factoring with OID Arrays and Maps . . . . . . . . . . . 6
6. Applications and Examples of OIDs . . . . . . . . . . . . . . 7 6. Applications and Examples of OIDs . . . . . . . . . . . . . . 7
7. CDDL Control Operators . . . . . . . . . . . . . . . . . . . 9 7. CDDL Control Operators . . . . . . . . . . . . . . . . . . . 9
8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 9 8. CDDL typenames . . . . . . . . . . . . . . . . . . . . . . . 9
9. Security Considerations . . . . . . . . . . . . . . . . . . . 10 9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 10
10. References . . . . . . . . . . . . . . . . . . . . . . . . . 11 10. Security Considerations . . . . . . . . . . . . . . . . . . . 10
10.1. Normative References . . . . . . . . . . . . . . . . . . 11 11. References . . . . . . . . . . . . . . . . . . . . . . . . . 11
10.2. Informative References . . . . . . . . . . . . . . . . . 11 11.1. Normative References . . . . . . . . . . . . . . . . . . 11
11.2. Informative References . . . . . . . . . . . . . . . . . 12
Appendix A. Change Log . . . . . . . . . . . . . . . . . . . . . 12 Appendix A. Change Log . . . . . . . . . . . . . . . . . . . . . 12
Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . . . 13 Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . . . 14
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 13 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 14
1. Introduction 1. Introduction
The Concise Binary Object Representation (CBOR, The Concise Binary Object Representation (CBOR,
[I-D.ietf-cbor-7049bis]) provides for the interchange of structured [I-D.ietf-cbor-7049bis]) provides for the interchange of structured
data without a requirement for a pre-agreed schema. data without a requirement for a pre-agreed schema.
[I-D.ietf-cbor-7049bis] defines a basic set of data types, as well as [I-D.ietf-cbor-7049bis] defines a basic set of data types, as well as
a tagging mechanism that enables extending the set of data types a tagging mechanism that enables extending the set of data types
supported via an IANA registry. supported via an IANA registry.
skipping to change at page 4, line 21 skipping to change at page 4, line 21
Tag TBD111: tags a byte string as the [X.690] encoding of an absolute Tag TBD111: tags a byte string as the [X.690] encoding of an absolute
object identifier (simply "object identifier" or "OID"). object identifier (simply "object identifier" or "OID").
Tag TBD110: tags a byte string as the [X.690] encoding of a relative Tag TBD110: tags a byte string as the [X.690] encoding of a relative
object identifier (also "relative OID"). Since the encoding of each object identifier (also "relative OID"). Since the encoding of each
number is the same as for [RFC6256] Self-Delimiting Numeric Values number is the same as for [RFC6256] Self-Delimiting Numeric Values
(SDNVs), this tag can also be used for tagging a byte string that (SDNVs), this tag can also be used for tagging a byte string that
contains a sequence of zero or more SDNVs. contains a sequence of zero or more SDNVs.
Tag TBD112: structurally like TBD110, but understood to be relative
to "1.3.6.1.4.1" (IANA Private Enterprise Number OID). Hence, the
semantics of the result are that of an absolute object identifier.
2.1. Requirements on the byte string being tagged 2.1. Requirements on the byte string being tagged
To form a valid tag, a byte string tagged by TBD111 or TBD110 MUST be To form a valid tag, a byte string tagged by TBD111, TBD110, or
a syntactically valid BER representation of an object identifier: A TBD112 MUST be a syntactically valid BER representation of an object
concatenation of zero or more SDNV values, where each SDNV value is a identifier: A concatenation of zero or more SDNV values, where each
sequence of one or more bytes that all have their most significant SDNV value is a sequence of one or more bytes that all have their
bit set, except for the last byte, where it must be unset; the first most significant bit set, except for the last byte, where it must be
byte of each SDNV cannot be 0x80 (which would be a leading zero in unset; the first byte of each SDNV cannot be 0x80 (which would be a
SDNV's base-128 arithmetic). leading zero in SDNV's base-128 arithmetic).
In other words: In other words:
* its first byte, and any byte that follows a byte that has the most * its first byte, and any byte that follows a byte that has the most
significant bit unset, MUST NOT be 0x80 (this requirement requires significant bit unset, MUST NOT be 0x80 (this requirement requires
expressing the integer values in their shortest form, with no expressing the integer values in their shortest form, with no
leading zeroes) leading zeroes)
* its last byte MUST NOT have the most significant bit set (this * its last byte MUST NOT have the most significant bit set (this
requirement excludes an incomplete final integer value) requirement excludes an incomplete final integer value)
skipping to change at page 5, line 15 skipping to change at page 5, line 20
The valid set of byte strings can also be expressed using regular The valid set of byte strings can also be expressed using regular
expressions on bytes, using no specific notation but resembling expressions on bytes, using no specific notation but resembling
[PCRE]. Unlike typical regular expressions that operate on character [PCRE]. Unlike typical regular expressions that operate on character
sequences, the following regular expressions take bytes as their sequences, the following regular expressions take bytes as their
domain, so they can be applied directly to CBOR byte strings. domain, so they can be applied directly to CBOR byte strings.
For byte strings with tag TBD111: For byte strings with tag TBD111:
"/^(([\x81-\xFF][\x80-\xFF]*)?[\x00-\x7F])+$/" "/^(([\x81-\xFF][\x80-\xFF]*)?[\x00-\x7F])+$/"
For byte strings with tag TBD110: For byte strings with tag TBD110 or TBD112:
"/^(([\x81-\xFF][\x80-\xFF]*)?[\x00-\x7F])*$/" "/^(([\x81-\xFF][\x80-\xFF]*)?[\x00-\x7F])*$/"
A tag with tagged content that does not conform to the applicable A tag with tagged content that does not conform to the applicable
regexp is invalid. regexp is invalid.
3. Examples 3. Examples
3.1. Encoding of the SHA-256 OID 3.1. Encoding of the SHA-256 OID
skipping to change at page 9, line 44 skipping to change at page 9, line 44
country-rdn = {country-oid => country-value} country-rdn = {country-oid => country-value}
country-oid = bytes .oid [2, 5, 4, 6] country-oid = bytes .oid [2, 5, 4, 6]
country-value = text .size 2 country-value = text .size 2
Figure 8: Using .oid Figure 8: Using .oid
Note that the control type need not be a literal; e.g., "bytes .oid Note that the control type need not be a literal; e.g., "bytes .oid
[2, 5, 4, *uint]" matches all OIDs inside OID arc 2.5.4, [2, 5, 4, *uint]" matches all OIDs inside OID arc 2.5.4,
"attributeType". "attributeType".
8. IANA Considerations 8. CDDL typenames
8.1. CBOR Tags For the use with CDDL [RFC8610], the typenames defined in Figure 9
are recommended:
oid = #6.111(bstr)
roid = #6.110(bstr)
pen = #6.112(bstr)
Figure 9: Recommended typenames for CDDL
9. IANA Considerations
9.1. CBOR Tags
IANA is requested to assign the CBOR tags in Table 2, with the IANA is requested to assign the CBOR tags in Table 2, with the
present document as the specification reference. present document as the specification reference.
+========+================+============================+ +========+================+============================+
| Tag | Data Item | Semantics | | Tag | Data Item | Semantics |
+========+================+============================+ +========+================+============================+
| TBD111 | byte string or | object identifier (BER | | TBD111 | byte string or | object identifier (BER |
| | array or map | encoding) | | | array or map | encoding) |
+--------+----------------+----------------------------+ +--------+----------------+----------------------------+
| TBD110 | byte string or | relative object identifier | | TBD110 | byte string or | relative object identifier |
| | array or map | (BER encoding); | | | array or map | (BER encoding); |
| | | SDNV [RFC6256] sequence | | | | SDNV [RFC6256] sequence |
+--------+----------------+----------------------------+ +--------+----------------+----------------------------+
| TBD112 | byte string or | object identifier (BER |
| | array or map | encoding), relative to |
| | | 1.3.6.1.4.1 |
+--------+----------------+----------------------------+
Table 2: Values for New Tags Table 2: Values for New Tags
8.2. CDDL Control Operators 9.2. CDDL Control Operators
IANA is requested to assign the CDDL Control Operators in Table 3, IANA is requested to assign the CDDL Control Operators in Table 3,
with the present document as the specification reference. with the present document as the specification reference.
+==========+============================+ +==========+============================+
| Name | Reference | | Name | Reference |
+==========+============================+ +==========+============================+
| .sdnv | [this document, Section 7] | | .sdnv | [this document, Section 7] |
+----------+----------------------------+ +----------+----------------------------+
| .sdnvseq | [this document, Section 7] | | .sdnvseq | [this document, Section 7] |
+----------+----------------------------+ +----------+----------------------------+
| .oid | [this document, Section 7] | | .oid | [this document, Section 7] |
+----------+----------------------------+ +----------+----------------------------+
Table 3: New CDDL Operators Table 3: New CDDL Operators
9. Security Considerations 10. Security Considerations
The security considerations of [I-D.ietf-cbor-7049bis] apply. The security considerations of [I-D.ietf-cbor-7049bis] apply.
The encodings in Clauses 8.19 and 8.20 of [X.690] are quite compact The encodings in Clauses 8.19 and 8.20 of [X.690] are quite compact
and unambiguous, but MUST be followed precisely to avoid security and unambiguous, but MUST be followed precisely to avoid security
pitfalls. In particular, the requirements set out in Section 2.1 of pitfalls. In particular, the requirements set out in Section 2.1 of
this document need to be followed; otherwise, an attacker may be able this document need to be followed; otherwise, an attacker may be able
to subvert a checking process by submitting alternative to subvert a checking process by submitting alternative
representations that are later taken as the original (or even representations that are later taken as the original (or even
something else entirely) by another decoder supposed to be protected something else entirely) by another decoder supposed to be protected
skipping to change at page 11, line 9 skipping to change at page 11, line 24
OIDs and relative OIDs can always be treated as opaque byte strings. OIDs and relative OIDs can always be treated as opaque byte strings.
Actually understanding the structure that was used for generating Actually understanding the structure that was used for generating
them is not necessary, and, except for checking the structure them is not necessary, and, except for checking the structure
requirements, it is strongly NOT RECOMMENDED to perform any requirements, it is strongly NOT RECOMMENDED to perform any
processing of this kind (e.g., converting into dotted notation and processing of this kind (e.g., converting into dotted notation and
back) unless absolutely necessary. If the OIDs are translated into back) unless absolutely necessary. If the OIDs are translated into
other representations, the usual security considerations for non- other representations, the usual security considerations for non-
trivial representation conversions apply; the integer values are trivial representation conversions apply; the integer values are
unlimited in range. unlimited in range.
10. References 11. References
10.1. Normative References 11.1. Normative References
[I-D.ietf-cbor-7049bis] [I-D.ietf-cbor-7049bis]
Bormann, C. and P. Hoffman, "Concise Binary Object Bormann, C. and P. Hoffman, "Concise Binary Object
Representation (CBOR)", Work in Progress, Internet-Draft, Representation (CBOR)", Work in Progress, Internet-Draft,
draft-ietf-cbor-7049bis-16, 30 September 2020, draft-ietf-cbor-7049bis-16, 30 September 2020,
<http://www.ietf.org/internet-drafts/draft-ietf-cbor- <http://www.ietf.org/internet-drafts/draft-ietf-cbor-
7049bis-16.txt>. 7049bis-16.txt>.
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, Requirement Levels", BCP 14, RFC 2119,
skipping to change at page 11, line 33 skipping to change at page 11, line 48
<https://www.rfc-editor.org/info/rfc2119>. <https://www.rfc-editor.org/info/rfc2119>.
[RFC6256] Eddy, W. and E. Davies, "Using Self-Delimiting Numeric [RFC6256] Eddy, W. and E. Davies, "Using Self-Delimiting Numeric
Values in Protocols", RFC 6256, DOI 10.17487/RFC6256, May Values in Protocols", RFC 6256, DOI 10.17487/RFC6256, May
2011, <https://www.rfc-editor.org/info/rfc6256>. 2011, <https://www.rfc-editor.org/info/rfc6256>.
[RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC
2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174,
May 2017, <https://www.rfc-editor.org/info/rfc8174>. May 2017, <https://www.rfc-editor.org/info/rfc8174>.
[RFC8610] Birkholz, H., Vigano, C., and C. Bormann, "Concise Data
Definition Language (CDDL): A Notational Convention to
Express Concise Binary Object Representation (CBOR) and
JSON Data Structures", RFC 8610, DOI 10.17487/RFC8610,
June 2019, <https://www.rfc-editor.org/info/rfc8610>.
[X.660] International Telecommunications Union, "Information [X.660] International Telecommunications Union, "Information
technology — Procedures for the operation of object technology — Procedures for the operation of object
identifier registration authorities: General procedures identifier registration authorities: General procedures
and top arcs of the international object identifier tree", and top arcs of the international object identifier tree",
ITU-T Recommendation X.660, July 2011. ITU-T Recommendation X.660, July 2011.
[X.680] International Telecommunications Union, "Information [X.680] International Telecommunications Union, "Information
technology — Abstract Syntax Notation One (ASN.1): technology — Abstract Syntax Notation One (ASN.1):
Specification of basic notation", ITU-T Recommendation Specification of basic notation", ITU-T Recommendation
X.680, August 2015. X.680, August 2015.
[X.690] International Telecommunications Union, "Information [X.690] International Telecommunications Union, "Information
technology — ASN.1 encoding rules: Specification of Basic technology — ASN.1 encoding rules: Specification of Basic
Encoding Rules (BER), Canonical Encoding Rules (CER) and Encoding Rules (BER), Canonical Encoding Rules (CER) and
Distinguished Encoding Rules (DER)", ITU-T Recommendation Distinguished Encoding Rules (DER)", ITU-T Recommendation
X.690, August 2015. X.690, August 2015.
10.2. Informative References 11.2. Informative References
[OID-INFO] Orange SA, "OID Repository", 2016, [OID-INFO] Orange SA, "OID Repository", 2016,
<http://www.oid-info.com/>. <http://www.oid-info.com/>.
[PCRE] Ho, A., "PCRE - Perl Compatible Regular Expressions", [PCRE] Ho, A., "PCRE - Perl Compatible Regular Expressions",
2018, <http://www.pcre.org/>. 2018, <http://www.pcre.org/>.
[RFC7388] Schoenwaelder, J., Sehgal, A., Tsou, T., and C. Zhou, [RFC7388] Schoenwaelder, J., Sehgal, A., Tsou, T., and C. Zhou,
"Definition of Managed Objects for IPv6 over Low-Power "Definition of Managed Objects for IPv6 over Low-Power
Wireless Personal Area Networks (6LoWPANs)", RFC 7388, Wireless Personal Area Networks (6LoWPANs)", RFC 7388,
 End of changes. 17 change blocks. 
26 lines changed or deleted 51 lines changed or added

This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/