draft-ietf-cose-rfc8152bis-algs-11.txt   draft-ietf-cose-rfc8152bis-algs-12.txt 
COSE Working Group J. Schaad COSE Working Group J. Schaad
Internet-Draft August Cellars Internet-Draft August Cellars
Obsoletes: 8152 (if approved) 1 July 2020 Obsoletes: 8152 (if approved) 24 September 2020
Intended status: Informational Intended status: Informational
Expires: 2 January 2021 Expires: 28 March 2021
CBOR Object Signing and Encryption (COSE): Initial Algorithms CBOR Object Signing and Encryption (COSE): Initial Algorithms
draft-ietf-cose-rfc8152bis-algs-11 draft-ietf-cose-rfc8152bis-algs-12
Abstract Abstract
Concise Binary Object Representation (CBOR) is a data format designed Concise Binary Object Representation (CBOR) is a data format designed
for small code size and small message size. There is a need for the for small code size and small message size. There is a need for the
ability to have basic security services defined for this data format. ability to have basic security services defined for this data format.
THis document defines a set of algorithms that can be used with the THis document defines a set of algorithms that can be used with the
CBOR Object Signing and Encryption (COSE) protocol RFC XXXX. CBOR Object Signing and Encryption (COSE) protocol RFC XXXX.
Contributing to this document Contributing to this document
skipping to change at page 1, line 45 skipping to change at page 1, line 45
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/. Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on 2 January 2021. This Internet-Draft will expire on 28 March 2021.
Copyright Notice Copyright Notice
Copyright (c) 2020 IETF Trust and the persons identified as the Copyright (c) 2020 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents (https://trustee.ietf.org/ Provisions Relating to IETF Documents (https://trustee.ietf.org/
license-info) in effect on the date of publication of this document. license-info) in effect on the date of publication of this document.
Please review these documents carefully, as they describe your rights Please review these documents carefully, as they describe your rights
skipping to change at page 3, line 23 skipping to change at page 3, line 23
7.3. Symmetric Keys . . . . . . . . . . . . . . . . . . . . . 40 7.3. Symmetric Keys . . . . . . . . . . . . . . . . . . . . . 40
8. COSE Capabilities . . . . . . . . . . . . . . . . . . . . . . 41 8. COSE Capabilities . . . . . . . . . . . . . . . . . . . . . . 41
8.1. Assignments for Existing Algorithms . . . . . . . . . . . 42 8.1. Assignments for Existing Algorithms . . . . . . . . . . . 42
8.2. Assignments for Existing Key Types . . . . . . . . . . . 42 8.2. Assignments for Existing Key Types . . . . . . . . . . . 42
8.3. Examples . . . . . . . . . . . . . . . . . . . . . . . . 42 8.3. Examples . . . . . . . . . . . . . . . . . . . . . . . . 42
9. CBOR Encoding Restrictions . . . . . . . . . . . . . . . . . 45 9. CBOR Encoding Restrictions . . . . . . . . . . . . . . . . . 45
10. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 45 10. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 45
10.1. Changes to "COSE Key Types" registry. . . . . . . . . . 45 10.1. Changes to "COSE Key Types" registry. . . . . . . . . . 45
10.2. Changes to "COSE Algorithms" registry . . . . . . . . . 46 10.2. Changes to "COSE Algorithms" registry . . . . . . . . . 46
10.3. Changes to the "COSE Key Type Parameters" registry . . . 46 10.3. Changes to the "COSE Key Type Parameters" registry . . . 46
10.4. COSE Header Algorithm Parameters Registry . . . . . . . 47 10.4. Expert Review Instructions . . . . . . . . . . . . . . . 46
10.5. Expert Review Instructions . . . . . . . . . . . . . . . 47 11. Security Considerations . . . . . . . . . . . . . . . . . . . 47
11. Security Considerations . . . . . . . . . . . . . . . . . . . 48 12. References . . . . . . . . . . . . . . . . . . . . . . . . . 49
12. References . . . . . . . . . . . . . . . . . . . . . . . . . 50 12.1. Normative References . . . . . . . . . . . . . . . . . . 49
12.1. Normative References . . . . . . . . . . . . . . . . . . 50 12.2. Informative References . . . . . . . . . . . . . . . . . 51
12.2. Informative References . . . . . . . . . . . . . . . . . 52
Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . . . 54 Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . . . 54
Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 55 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 54
1. Introduction 1. Introduction
There has been an increased focus on small, constrained devices that There has been an increased focus on small, constrained devices that
make up the Internet of Things (IoT). One of the standards that has make up the Internet of Things (IoT). One of the standards that has
come out of this process is "Concise Binary Object Representation come out of this process is "Concise Binary Object Representation
(CBOR)" [RFC7049]. CBOR extended the data model of JavaScript Object (CBOR)" [RFC7049]. CBOR extended the data model of JavaScript Object
Notation (JSON) [STD90] by allowing for binary data, among other Notation (JSON) [STD90] by allowing for binary data, among other
changes. CBOR is being adopted by several of the IETF working groups changes. CBOR is being adopted by several of the IETF working groups
dealing with the IoT world as their encoding of data structures. dealing with the IoT world as their encoding of data structures.
skipping to change at page 45, line 27 skipping to change at page 45, line 27
* Applications MUST NOT generate messages with the same label used * Applications MUST NOT generate messages with the same label used
twice as a key in a single map. Applications MUST NOT parse and twice as a key in a single map. Applications MUST NOT parse and
process messages with the same label used twice as a key in a process messages with the same label used twice as a key in a
single map. Applications can enforce the parse and process single map. Applications can enforce the parse and process
requirement by using parsers that will fail the parse step or by requirement by using parsers that will fail the parse step or by
using parsers that will pass all keys to the application, and the using parsers that will pass all keys to the application, and the
application can perform the check for duplicate keys. application can perform the check for duplicate keys.
10. IANA Considerations 10. IANA Considerations
IANA is requested to updte ll COSE registeries except for "COSE
Header Parmeters" and "COSE Key Common Parameters" from [RFC8152] to
[[This document]].
10.1. Changes to "COSE Key Types" registry. 10.1. Changes to "COSE Key Types" registry.
IANA is requested to create a new column in the "COSE Key Types" IANA is requested to create a new column in the "COSE Key Types"
registry. The new column is to be labeled "Capabilities". The new registry. The new column is to be labeled "Capabilities". The new
column is to be populated according the entries in Table 22. column is to be populated according the entries in Table 22.
+=======+===========+==========================+ +=======+===========+==========================+
| Value | Name | Capabilities | | Value | Name | Capabilities |
+=======+===========+==========================+ +=======+===========+==========================+
| 1 | OKP | [kty(1), crv] | | 1 | OKP | [kty(1), crv] |
skipping to change at page 45, line 49 skipping to change at page 46, line 5
+-------+-----------+--------------------------+ +-------+-----------+--------------------------+
| 3 | RSA | [kty(3)] | | 3 | RSA | [kty(3)] |
+-------+-----------+--------------------------+ +-------+-----------+--------------------------+
| 4 | Symmetric | [kty(4)] | | 4 | Symmetric | [kty(4)] |
+-------+-----------+--------------------------+ +-------+-----------+--------------------------+
| 5 | HSS-LMS | [kty(5), hash algorithm] | | 5 | HSS-LMS | [kty(5), hash algorithm] |
+-------+-----------+--------------------------+ +-------+-----------+--------------------------+
Table 22: Key Type Capabilities Table 22: Key Type Capabilities
IANA is requested to update the pointer for expert review to [[this
document]].
10.2. Changes to "COSE Algorithms" registry 10.2. Changes to "COSE Algorithms" registry
IANA is requested to create a new column in the "COSE Algorithms" IANA is requested to create a new column in the "COSE Algorithms"
registry. The new column is to be labeled "Capabilities". The new registry. The new column is to be labeled "Capabilities". The new
column is populated with "[kty]" for all current, non-provisional, column is populated with "[kty]" for all current, non-provisional,
registrations. It is expected that the documents which define those registrations. It is expected that the documents which define those
algorithms will be expanded to include this registration. If this is algorithms will be expanded to include this registration. If this is
not done then the Designated Expert should be consulted before final not done then the Designated Expert should be consulted before final
registration for this document is done. registration for this document is done.
IANA is requested to update all references from RFC 8152 to [[This
Document]].
IANA is requested to update the pointer for expert rview to [[this
document]].
IANA is requested to update the reference column in the "COSE IANA is requested to update the reference column in the "COSE
Algorithms" registry to include [[This Document]] as a reference for Algorithms" registry to include [[This Document]] as a reference for
all rows where it is not already present. all rows where it is not already present.
IANA is requested to add a new row to the "COSE Algorithms" registry. IANA is requested to add a new row to the "COSE Algorithms" registry.
+==========+===============+=============+============+=============+ +==========+===============+=============+============+=============+
| Name | Value | Description | Reference | Recommended | |Name | Value |Description | Reference | Recommended |
+==========+===============+=============+============+=============+ +==========+===============+=============+============+=============+
| IV | IV-GENERATION |For doing IV | [[THIS | No | |IV | IV-GENERATION |For doing IV | [[THIS | No |
|Generation| | generation | DOCUMENT]] | | |Generation| |generation | DOCUMENT]] | |
| | |for symmetric| | | | | |for symmetric| | |
| | | algorithms. | | | | | |algorithms. | | |
+----------+---------------+-------------+------------+-------------+ +----------+---------------+-------------+------------+-------------+
Table 23 Table 23
The capabilities column for this registration is to be empty. The capabilities column for this registration is to be empty.
10.3. Changes to the "COSE Key Type Parameters" registry 10.3. Changes to the "COSE Key Type Parameters" registry
IANA is requested to modify the description to "Public Key" for the IANA is requested to modify the description to "Public Key" for the
line with "Key Type" of 2 and the "Name" of "x". See Table 20 which line with "Key Type" of 2 and the "Name" of "x". See Table 20 which
has been modified with this change. has been modified with this change.
IANA is requested to update the references in the table from RFC8152 10.4. Expert Review Instructions
to [[This Document]].
IANA is requested to update the pointer for expert rview to [[this
document]].
10.4. COSE Header Algorithm Parameters Registry
IANA created a registry titled "COSE Header Algorithm Parameters" as
part of processing [RFC8152]. The registry has been created to use
the "Expert Review Required" registration procedure [RFC8126].
IANA is requested to update the references from [RFC8152] to this
document.
IANA is requested to update the pointer for expert rview to [[this
document]].
10.5. Expert Review Instructions
All of the IANA registries established by [RFC8152] are, at least in All of the IANA registries established by [RFC8152] are, at least in
part, defined as expert review. This section gives some general part, defined as expert review. This section gives some general
guidelines for what the experts should be looking for, but they are guidelines for what the experts should be looking for, but they are
being designated as experts for a reason, so they should be given being designated as experts for a reason, so they should be given
substantial latitude. substantial latitude.
Expert reviewers should take into consideration the following points: Expert reviewers should take into consideration the following points:
* Point squatting should be discouraged. Reviewers are encouraged * Point squatting should be discouraged. Reviewers are encouraged
skipping to change at page 50, line 28 skipping to change at page 50, line 4
see all of the messages that are encrypted an therefore no single see all of the messages that are encrypted an therefore no single
entity can trigger the rekey operation. entity can trigger the rekey operation.
12. References 12. References
12.1. Normative References 12.1. Normative References
[I-D.ietf-cose-rfc8152bis-struct] [I-D.ietf-cose-rfc8152bis-struct]
Schaad, J., "CBOR Object Signing and Encryption (COSE): Schaad, J., "CBOR Object Signing and Encryption (COSE):
Structures and Process", Work in Progress, Internet-Draft, Structures and Process", Work in Progress, Internet-Draft,
draft-ietf-cose-rfc8152bis-struct-10, 2 June 2020, draft-ietf-cose-rfc8152bis-struct-13, 4 September 2020,
<https://tools.ietf.org/html/draft-ietf-cose-rfc8152bis- <https://tools.ietf.org/html/draft-ietf-cose-rfc8152bis-
struct-10>. struct-13>.
[RFC2104] Krawczyk, H., Bellare, M., and R. Canetti, "HMAC: Keyed- [RFC2104] Krawczyk, H., Bellare, M., and R. Canetti, "HMAC: Keyed-
Hashing for Message Authentication", RFC 2104, Hashing for Message Authentication", RFC 2104,
DOI 10.17487/RFC2104, February 1997, DOI 10.17487/RFC2104, February 1997,
<https://www.rfc-editor.org/info/rfc2104>. <https://www.rfc-editor.org/info/rfc2104>.
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, Requirement Levels", BCP 14, RFC 2119,
DOI 10.17487/RFC2119, March 1997, DOI 10.17487/RFC2119, March 1997,
<https://www.rfc-editor.org/info/rfc2119>. <https://www.rfc-editor.org/info/rfc2119>.
skipping to change at page 54, line 38 skipping to change at page 54, line 17
<https://eprint.iacr.org/2010/264.pdf>. <https://eprint.iacr.org/2010/264.pdf>.
[ROBUST] Fischlin, M., Günther, F., and C. Janson, "Robust [ROBUST] Fischlin, M., Günther, F., and C. Janson, "Robust
Channels: Handling Unreliable Networks in the Record Channels: Handling Unreliable Networks in the Record
Layers of QUIC and DTLS", February 2020, Layers of QUIC and DTLS", February 2020,
<https://www.felixguenther.info/docs/ <https://www.felixguenther.info/docs/
QUIP2020_RobustChannels.pdf>. QUIP2020_RobustChannels.pdf>.
[I-D.ietf-quic-tls] [I-D.ietf-quic-tls]
Thomson, M. and S. Turner, "Using TLS to Secure QUIC", Thomson, M. and S. Turner, "Using TLS to Secure QUIC",
Work in Progress, Internet-Draft, draft-ietf-quic-tls-29, Work in Progress, Internet-Draft, draft-ietf-quic-tls-30,
9 June 2020, 9 September 2020,
<https://tools.ietf.org/html/draft-ietf-quic-tls-29>. <https://tools.ietf.org/html/draft-ietf-quic-tls-30>.
Acknowledgments Acknowledgments
This document is a product of the COSE working group of the IETF. This document is a product of the COSE working group of the IETF.
The following individuals are to blame for getting me started on this The following individuals are to blame for getting me started on this
project in the first place: Richard Barnes, Matt Miller, and Martin project in the first place: Richard Barnes, Matt Miller, and Martin
Thomson. Thomson.
The initial version of the specification was based to some degree on The initial version of the specification was based to some degree on
 End of changes. 16 change blocks. 
48 lines changed or deleted 24 lines changed or added

This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/