draft-ietf-cbor-sequence-01.txt   draft-ietf-cbor-sequence-02.txt 
Network Working Group C. Bormann Network Working Group C. Bormann
Internet-Draft Universitaet Bremen TZI Internet-Draft Universitaet Bremen TZI
Intended status: Standards Track August 31, 2019 Intended status: Standards Track September 25, 2019
Expires: March 3, 2020 Expires: March 28, 2020
Concise Binary Object Representation (CBOR) Sequences Concise Binary Object Representation (CBOR) Sequences
draft-ietf-cbor-sequence-01 draft-ietf-cbor-sequence-02
Abstract Abstract
This document describes the Concise Binary Object Representation This document describes the Concise Binary Object Representation
(CBOR) Sequence format and associated media type "application/cbor- (CBOR) Sequence format and associated media type "application/cbor-
seq". A CBOR Sequence consists of any number of encoded CBOR data seq". A CBOR Sequence consists of any number of encoded CBOR data
items, simply concatenated in sequence. items, simply concatenated in sequence.
Structured syntax suffixes for media types allow other media types to Structured syntax suffixes for media types allow other media types to
build on them and make it explicit that they are built on an existing build on them and make it explicit that they are built on an existing
skipping to change at page 1, line 39 skipping to change at page 1, line 39
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/. Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on March 3, 2020. This Internet-Draft will expire on March 28, 2020.
Copyright Notice Copyright Notice
Copyright (c) 2019 IETF Trust and the persons identified as the Copyright (c) 2019 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(https://trustee.ietf.org/license-info) in effect on the date of (https://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 4, line 7 skipping to change at page 4, line 7
delimiting as well, this stopped being the case when simple values delimiting as well, this stopped being the case when simple values
such as single numbers were made valid JSON documents.) such as single numbers were made valid JSON documents.)
Decoding a CBOR Sequence works as follows: Decoding a CBOR Sequence works as follows:
o If the CBOR Sequence is an empty sequence of bytes, the result is o If the CBOR Sequence is an empty sequence of bytes, the result is
an empty sequence of CBOR data model values. an empty sequence of CBOR data model values.
o Otherwise, decode a single CBOR data item from the bytes of the o Otherwise, decode a single CBOR data item from the bytes of the
CBOR sequence, and insert the resulting CBOR data model value at CBOR sequence, and insert the resulting CBOR data model value at
the start of the result of decoding the rest of the bytes as a the start of the result of repeating this decoding process
CBOR sequence. (A streaming decoder would therefore simply recursively with the remaining bytes. (A streaming decoder would
deliver zero or more CBOR data model values, each of which as soon therefore simply deliver zero or more CBOR data model values, each
as the bytes making it up are available.) as soon as the bytes making it up are available.)
This means that if any data item in the sequence is not well-formed, This means that if any data item in the sequence is not well-formed,
it is not possible to reliably decode the rest of the sequence. (An it is not possible to reliably decode the rest of the sequence. (An
implementation may be able to recover from some errors in a sequence implementation may be able to recover from some errors in a sequence
of bytes that is almost, but not entirely a well-formed encoded CBOR of bytes that is almost, but not entirely a well-formed encoded CBOR
data item. Handling malformed data is outside the scope of this data item. Handling malformed data is outside the scope of this
specification.) specification.)
This also means that the CBOR Sequence format can reliably detect This also means that the CBOR Sequence format can reliably detect
truncation of the bytes making up the last CBOR data item in the truncation of the bytes making up the last CBOR data item in the
sequence, but not entirely missing CBOR data items at the end. A sequence, but not entirely missing CBOR data items at the end. A
CBOR Sequence decoder that is used for consuming streaming CBOR CBOR Sequence decoder that is used for consuming streaming CBOR
Sequence data may simply pause for more data (e.g., by suspending and Sequence data may simply pause for more data (e.g., by suspending and
later resuming decoding) in case a truncated final item is being later resuming decoding) in case a truncated final item is being
received. received.
3. The "+cbor-seq" Structured Syntax Suffix 3. The "+cbor-seq" Structured Syntax Suffix
The use case for the "+cbor-seq" structured syntax suffix is the same The use case for the "+cbor-seq" structured syntax suffix is
as for "+cbor": It SHOULD be used by a media type when parsing the analogous to that for "+cbor": It SHOULD be used by a media type when
bytes of the media type object as a CBOR Sequence leads to a parsing the bytes of the media type object as a CBOR Sequence leads
meaningful result that is at least sometimes not just a single CBOR to a meaningful result that is at least sometimes not just a single
data item. (Without the qualification at the end, this sentence is CBOR data item. (Without the qualification at the end, this sentence
trivially true for any +cbor media type, which of course should is trivially true for any +cbor media type, which of course should
continue to use the "+cbor" structured syntax suffix.) continue to use the "+cbor" structured syntax suffix.)
Applications encountering a "+cbor-seq" media type can then either Applications encountering a "+cbor-seq" media type can then either
simply use generic processing if all they need is a generic view of simply use generic processing if all they need is a generic view of
the CBOR Sequence, or they can use generic CBOR Sequence tools for the CBOR Sequence, or they can use generic CBOR Sequence tools for
initial parsing and then implement their own specific processing on initial parsing and then implement their own specific processing on
top of that generic parsing tool. top of that generic parsing tool.
4. Practical Considerations 4. Practical Considerations
skipping to change at page 6, line 20 skipping to change at page 6, line 20
Within limits, this may also enable recovering from elements that Within limits, this may also enable recovering from elements that
internally are not well-formed -- the limitation is that the sequence internally are not well-formed -- the limitation is that the sequence
of byte strings does need to be well-formed as such. of byte strings does need to be well-formed as such.
5. Security Considerations 5. Security Considerations
The security considerations of CBOR [RFC7049] apply. This format The security considerations of CBOR [RFC7049] apply. This format
provides no cryptographic integrity protection of any kind, but can provides no cryptographic integrity protection of any kind, but can
be combined with security specifications such as COSE [RFC8152] to do be combined with security specifications such as COSE [RFC8152] to do
so. so. (COSE protections can be applied to an entire CBOR sequence or
to each of the elements of the sequence independently; in the latter
case, additional effort may be required if there is a need to protect
the relationship of the elements in the sequence.)
As usual, decoders must operate on input that is assumed to be As usual, decoders must operate on input that is assumed to be
untrusted. This means that decoders must fail gracefully in the face untrusted. This means that decoders MUST fail gracefully in the face
of malicious inputs. of malicious inputs.
6. IANA Considerations 6. IANA Considerations
6.1. Media Type 6.1. Media Type
Media types are registered in the media types registry Media types are registered in the media types registry
[IANA.media-types]. IANA is requested to register the MIME media [IANA.media-types]. IANA is requested to register the MIME media
type for CBOR Sequence, application/cbor-seq, as follows: type for CBOR Sequence, application/cbor-seq, as follows:
 End of changes. 7 change blocks. 
16 lines changed or deleted 19 lines changed or added

This html diff was produced by rfcdiff 1.47. The latest version is available from http://tools.ietf.org/tools/rfcdiff/