draft-ietf-cose-countersign-00.txt   draft-ietf-cose-countersign-01.txt 
COSE Working Group J. Schaad COSE Working Group J. Schaad
Internet-Draft August Cellars Internet-Draft August Cellars
Intended status: Standards Track September 4, 2020 Intended status: Standards Track R. Housley, Ed.
Expires: March 8, 2021 Expires: 10 April 2021 Vigil Security
7 October 2020
CBOR Object Signing and Encryption (COSE): Countersignatures CBOR Object Signing and Encryption (COSE): Countersignatures
draft-ietf-cose-countersign-00 draft-ietf-cose-countersign-01
Abstract Abstract
Concise Binary Object Representation (CBOR) is a data format designed Concise Binary Object Representation (CBOR) is a data format designed
for small code size and small message size. CBOR Object Signing and for small code size and small message size. CBOR Object Signing and
Encryption (COSE) defines a set of security services for CBOR. This Encryption (COSE) defines a set of security services for CBOR. This
document defines a countersignature algorithm along with the needed document defines a countersignature algorithm along with the needed
header parameters and CBOR tags for COSE. header parameters and CBOR tags for COSE.
Contributing to this document Contributing to this document
This note is to be removed before publishing as an RFC. This note is to be removed before publishing as an RFC.
The source for this draft is being maintained in GitHub. Suggested The source for this draft is being maintained in GitHub. Suggested
changes should be submitted as pull requests at https://github.com/ changes should be submitted as pull requests at https://github.com/
cose-wg/cose-rfc8152bis. Instructions are on that page as well. cose-wg/countersign. Instructions are on that page as well.
Editorial changes can be managed in GitHub, but any substantial Editorial changes can be managed in GitHub, but any substantial
issues need to be discussed on the COSE mailing list. issues need to be discussed on the COSE mailing list.
Status of This Memo Status of This Memo
This Internet-Draft is submitted in full conformance with the This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79. provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/. Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on March 8, 2021. This Internet-Draft will expire on 10 April 2021.
Copyright Notice Copyright Notice
Copyright (c) 2020 IETF Trust and the persons identified as the Copyright (c) 2020 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents (https://trustee.ietf.org/ Provisions Relating to IETF Documents (https://trustee.ietf.org/
license-info) in effect on the date of publication of this document. license-info) in effect on the date of publication of this document.
Please review these documents carefully, as they describe your rights Please review these documents carefully, as they describe your rights
and restrictions with respect to this document. Code Components and restrictions with respect to this document. Code Components
extracted from this document must include Simplified BSD License text extracted from this document must include Simplified BSD License text
as described in Section 4.e of the Trust Legal Provisions and are as described in Section 4.e of the Trust Legal Provisions and are
provided without warranty as described in the Simplified BSD License. provided without warranty as described in the Simplified BSD License.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3
1.1. Requirements Terminology . . . . . . . . . . . . . . . . 4 1.1. Requirements Terminology . . . . . . . . . . . . . . . . 3
1.2. CBOR Grammar . . . . . . . . . . . . . . . . . . . . . . 4 1.2. CBOR Grammar . . . . . . . . . . . . . . . . . . . . . . 4
1.3. Document Terminology . . . . . . . . . . . . . . . . . . 4 1.3. Document Terminology . . . . . . . . . . . . . . . . . . 4
2. Countersignature Header Parameters . . . . . . . . . . . . . 5 2. Countersignature Header Parameters . . . . . . . . . . . . . 5
3. Version 2 Countersignatures . . . . . . . . . . . . . . . . . 6 3. Version 2 Countersignatures . . . . . . . . . . . . . . . . . 6
3.1. Full Countersignatures . . . . . . . . . . . . . . . . . 7 3.1. Full Countersignatures . . . . . . . . . . . . . . . . . 7
3.2. Abbreviated Countersignatures . . . . . . . . . . . . . . 8 3.2. Abbreviated Countersignatures . . . . . . . . . . . . . . 8
3.3. Signing and Verification Process . . . . . . . . . . . . 8 3.3. Signing and Verification Process . . . . . . . . . . . . 8
4. CBOR Encoding Restrictions . . . . . . . . . . . . . . . . . 10 4. CBOR Encoding Restrictions . . . . . . . . . . . . . . . . . 10
5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 10 5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 10
5.1. CBOR Tag Assignment . . . . . . . . . . . . . . . . . . . 10 5.1. CBOR Tag Assignment . . . . . . . . . . . . . . . . . . . 10
skipping to change at page 2, line 45 skipping to change at page 2, line 50
8.2. Informative References . . . . . . . . . . . . . . . . . 15 8.2. Informative References . . . . . . . . . . . . . . . . . 15
Appendix A. Examples . . . . . . . . . . . . . . . . . . . . . . 16 Appendix A. Examples . . . . . . . . . . . . . . . . . . . . . . 16
A.1. Examples of Signed Messages . . . . . . . . . . . . . . . 17 A.1. Examples of Signed Messages . . . . . . . . . . . . . . . 17
A.1.1. Countersignature . . . . . . . . . . . . . . . . . . 17 A.1.1. Countersignature . . . . . . . . . . . . . . . . . . 17
A.2. Examples of Enveloped Messages . . . . . . . . . . . . . 18 A.2. Examples of Enveloped Messages . . . . . . . . . . . . . 18
A.2.1. Countersignature on Encrypted Content . . . . . . . . 18 A.2.1. Countersignature on Encrypted Content . . . . . . . . 18
A.3. Examples of Encrypted Messages . . . . . . . . . . . . . 19 A.3. Examples of Encrypted Messages . . . . . . . . . . . . . 19
A.4. Examples of MACed Messages . . . . . . . . . . . . . . . 19 A.4. Examples of MACed Messages . . . . . . . . . . . . . . . 19
A.5. Examples of MAC0 Messages . . . . . . . . . . . . . . . . 20 A.5. Examples of MAC0 Messages . . . . . . . . . . . . . . . . 20
Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . . . 20 Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . . . 20
Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 20 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 20
1. Introduction 1. Introduction
There has been an increased focus on small, constrained devices that There has been an increased focus on small, constrained devices that
make up the Internet of Things (IoT). One of the standards that has make up the Internet of Things (IoT). One of the standards that has
come out of this process is "Concise Binary Object Representation come out of this process is "Concise Binary Object Representation
(CBOR)" [I-D.ietf-cbor-7049bis]. CBOR extended the data model of the (CBOR)" [I-D.ietf-cbor-7049bis]. CBOR extended the data model of the
JavaScript Object Notation (JSON) [STD90] by allowing for binary JavaScript Object Notation (JSON) [STD90] by allowing for binary
data, among other changes. CBOR has been adopted by several of the data, among other changes. CBOR has been adopted by several of the
IETF working groups dealing with the IoT world as their encoding of IETF working groups dealing with the IoT world as their encoding of
skipping to change at page 3, line 46 skipping to change at page 3, line 46
countersignature computation so that the cryptographic computed countersignature computation so that the cryptographic computed
values is included. The exception to this is the COSE_Signature values is included. The exception to this is the COSE_Signature
structure where there is no cryptographic computed value. structure where there is no cryptographic computed value.
The new algorithm is designed to produce the same countersignature The new algorithm is designed to produce the same countersignature
value in those cases where the cryptographic computed value was value in those cases where the cryptographic computed value was
already included. This means that for those structures the only already included. This means that for those structures the only
thing that would need to be done is to change the value of the header thing that would need to be done is to change the value of the header
parameter. parameter.
This document deprecates the existing pair of header parameters to
hold a countersignature value. This document defines two new header
parameters to hold countersignature values computed with the new
algorithm. This document defines a new countersignature computation
algorithm which always includes cryptographic computed values if they
exist.
1.1. Requirements Terminology 1.1. Requirements Terminology
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
"OPTIONAL" in this document are to be interpreted as described in BCP "OPTIONAL" in this document are to be interpreted as described in BCP
14 [RFC2119] [RFC8174] when, and only when, they appear in all 14 [RFC2119] [RFC8174] when, and only when, they appear in all
capitals, as shown here. capitals, as shown here.
1.2. CBOR Grammar 1.2. CBOR Grammar
skipping to change at page 5, line 30 skipping to change at page 5, line 23
V2 countersignature: This header parameter holds one or more V2 countersignature: This header parameter holds one or more
countersignature values. Countersignatures provide a method of countersignature values. Countersignatures provide a method of
having a second party sign some data. The countersignature header having a second party sign some data. The countersignature header
parameter can occur as an unprotected attribute in any of the parameter can occur as an unprotected attribute in any of the
following structures: COSE_Sign1, COSE_Signature, COSE_Encrypt, following structures: COSE_Sign1, COSE_Signature, COSE_Encrypt,
COSE_recipient, COSE_Encrypt0, COSE_Mac, and COSE_Mac0. Details COSE_recipient, COSE_Encrypt0, COSE_Mac, and COSE_Mac0. Details
on version 2 countersignatures are found in Section 3. on version 2 countersignatures are found in Section 3.
+===========+=====+========================+==========+=============+ +===========+=====+========================+==========+=============+
| Name |Label| Value Type | Value | Description | |Name |Label|Value Type | Value | Description |
| | | | Registry | | | | | | Registry | |
+===========+=====+========================+==========+=============+ +===========+=====+========================+==========+=============+
| counter |TBD10|COSE_Countersignature / | | V2 counter | |counter |TBD10|COSE_Countersignature / | | V2 counter |
| signature | |[+ COSE_Countersignature| | signature | |signature | |[+ COSE_Countersignature| | signature |
| version 2 | | ] | | attribute | |version 2 | |] | | attribute |
+-----------+-----+------------------------+----------+-------------+ +-----------+-----+------------------------+----------+-------------+
| counter |TBD11| COSE_Countersignature0 | | Abbreviated | |counter |TBD11|COSE_Countersignature0 | | Abbreviated |
|signature 0| | | | Counter | |signature 0| | | | Counter |
| version 2 | | | | signature | |version 2 | | | | signature |
| | | | | vesion 2 | | | | | | vesion 2 |
+-----------+-----+------------------------+----------+-------------+ +-----------+-----+------------------------+----------+-------------+
Table 1: Common Header Parameters Table 1: Common Header Parameters
The CDDL fragment that represents the set of header parameters The CDDL fragment that represents the set of header parameters
defined in this section is given below. Each of the header defined in this section is given below. Each of the header
parameters is tagged as optional because they do not need to be in parameters is tagged as optional because they do not need to be in
every map; header parameters required in specific maps are discussed every map; header parameters required in specific maps are discussed
above. above.
skipping to change at page 11, line 14 skipping to change at page 11, line 14
5.2. COSE Header Parameters Registry 5.2. COSE Header Parameters Registry
IANA created a registry titled "COSE Header Parameters" as part of IANA created a registry titled "COSE Header Parameters" as part of
processing [RFC8152]. processing [RFC8152].
IANA is requested to register the following new items in the IANA is requested to register the following new items in the
registry. registry.
+=================+=====+======================+========+================+ +=================+=====+======================+========+================+
| Name |Label| Value Type | Value | Description | |Name |Label|Value Type |Value |Description |
| | | |Registry| | | | | |Registry| |
+=================+=====+======================+========+================+ +=================+=====+======================+========+================+
|counter signature|TBD10|COSE_Countersignature | | V2 | |counter signature|TBD10|COSE_Countersignature | |V2 |
| version 2 | | / [+ | |countersignature| |version 2 | |/ [+ | |countersignature|
| | |COSE_Countersignature | | attribute | | | |COSE_Countersignature | |attribute |
| | | ] | | | | | |] | | |
+-----------------+-----+----------------------+--------+----------------+ +-----------------+-----+----------------------+--------+----------------+
|Countersignature0|TBD11|COSE_Countersignature0| | Abbreviated | |Countersignature0|TBD11|COSE_Countersignature0| |Abbreviated |
| version 2 | | | | Counter | |version 2 | | | |Counter |
| | | | |signature vesion| | | | | |signature vesion|
| | | | | 2 | | | | | |2 |
+-----------------+-----+----------------------+--------+----------------+ +-----------------+-----+----------------------+--------+----------------+
Table 2: New Common Header Parameters Table 2: New Common Header Parameters
IANA is requested to modify the Description field for "counter IANA is requested to modify the Description field for "counter
signature" and "CounterSignature0" to include the words "(Deprecated signature" and "CounterSignature0" to include the words "(Deprecated
by [[This Document]]". by [[This Document]]".
6. Security Considerations 6. Security Considerations
skipping to change at page 15, line 19 skipping to change at page 15, line 19
8.1. Normative References 8.1. Normative References
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, Requirement Levels", BCP 14, RFC 2119,
DOI 10.17487/RFC2119, March 1997, DOI 10.17487/RFC2119, March 1997,
<https://www.rfc-editor.org/info/rfc2119>. <https://www.rfc-editor.org/info/rfc2119>.
[I-D.ietf-cbor-7049bis] [I-D.ietf-cbor-7049bis]
Bormann, C. and P. Hoffman, "Concise Binary Object Bormann, C. and P. Hoffman, "Concise Binary Object
Representation (CBOR)", Work in Progress, Internet-Draft, Representation (CBOR)", Work in Progress, Internet-Draft,
draft-ietf-cbor-7049bis-14, June 16, 2020, draft-ietf-cbor-7049bis-16, 30 September 2020,
<https://tools.ietf.org/html/draft-ietf-cbor-7049bis-14>. <https://tools.ietf.org/html/draft-ietf-cbor-7049bis-16>.
[RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC
2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174,
May 2017, <https://www.rfc-editor.org/info/rfc8174>. May 2017, <https://www.rfc-editor.org/info/rfc8174>.
[I-D.ietf-cose-rfc8152bis-algs] [I-D.ietf-cose-rfc8152bis-algs]
Schaad, J., "CBOR Object Signing and Encryption (COSE): Schaad, J., "CBOR Object Signing and Encryption (COSE):
Initial Algorithms", Work in Progress, Internet-Draft, Initial Algorithms", Work in Progress, Internet-Draft,
draft-ietf-cose-rfc8152bis-algs-11, July 1, 2020, draft-ietf-cose-rfc8152bis-algs-12, 24 September 2020,
<https://tools.ietf.org/html/draft-ietf-cose-rfc8152bis- <https://tools.ietf.org/html/draft-ietf-cose-rfc8152bis-
algs-11>. algs-12>.
8.2. Informative References 8.2. Informative References
[RFC8610] Birkholz, H., Vigano, C., and C. Bormann, "Concise Data [RFC8610] Birkholz, H., Vigano, C., and C. Bormann, "Concise Data
Definition Language (CDDL): A Notational Convention to Definition Language (CDDL): A Notational Convention to
Express Concise Binary Object Representation (CBOR) and Express Concise Binary Object Representation (CBOR) and
JSON Data Structures", RFC 8610, DOI 10.17487/RFC8610, JSON Data Structures", RFC 8610, DOI 10.17487/RFC8610,
June 2019, <https://www.rfc-editor.org/info/rfc8610>. June 2019, <https://www.rfc-editor.org/info/rfc8610>.
[RFC8152] Schaad, J., "CBOR Object Signing and Encryption (COSE)", [RFC8152] Schaad, J., "CBOR Object Signing and Encryption (COSE)",
skipping to change at page 16, line 23 skipping to change at page 16, line 23
<https://www.rfc-editor.org/info/rfc7942>. <https://www.rfc-editor.org/info/rfc7942>.
[RFC4998] Gondrom, T., Brandner, R., and U. Pordesch, "Evidence [RFC4998] Gondrom, T., Brandner, R., and U. Pordesch, "Evidence
Record Syntax (ERS)", RFC 4998, DOI 10.17487/RFC4998, Record Syntax (ERS)", RFC 4998, DOI 10.17487/RFC4998,
August 2007, <https://www.rfc-editor.org/info/rfc4998>. August 2007, <https://www.rfc-editor.org/info/rfc4998>.
[I-D.ietf-core-groupcomm-bis] [I-D.ietf-core-groupcomm-bis]
Dijk, E., Wang, C., and M. Tiloca, "Group Communication Dijk, E., Wang, C., and M. Tiloca, "Group Communication
for the Constrained Application Protocol (CoAP)", Work in for the Constrained Application Protocol (CoAP)", Work in
Progress, Internet-Draft, draft-ietf-core-groupcomm-bis- Progress, Internet-Draft, draft-ietf-core-groupcomm-bis-
01, July 13, 2020, <https://tools.ietf.org/html/draft- 01, 13 July 2020, <https://tools.ietf.org/html/draft-ietf-
ietf-core-groupcomm-bis-01>. core-groupcomm-bis-01>.
[I-D.ietf-cose-rfc8152bis-struct] [I-D.ietf-cose-rfc8152bis-struct]
Schaad, J., "CBOR Object Signing and Encryption (COSE): Schaad, J., "CBOR Object Signing and Encryption (COSE):
Structures and Process", Work in Progress, Internet-Draft, Structures and Process", Work in Progress, Internet-Draft,
draft-ietf-cose-rfc8152bis-struct-12, August 24, 2020, draft-ietf-cose-rfc8152bis-struct-13, 4 September 2020,
<https://tools.ietf.org/html/draft-ietf-cose-rfc8152bis- <https://tools.ietf.org/html/draft-ietf-cose-rfc8152bis-
struct-12>. struct-13>.
[RFC8613] Selander, G., Mattsson, J., Palombini, F., and L. Seitz, [RFC8613] Selander, G., Mattsson, J., Palombini, F., and L. Seitz,
"Object Security for Constrained RESTful Environments "Object Security for Constrained RESTful Environments
(OSCORE)", RFC 8613, DOI 10.17487/RFC8613, July 2019, (OSCORE)", RFC 8613, DOI 10.17487/RFC8613, July 2019,
<https://www.rfc-editor.org/info/rfc8613>. <https://www.rfc-editor.org/info/rfc8613>.
Appendix A. Examples Appendix A. Examples
This appendix includes a set of examples that show the different This appendix includes a set of examples that show the different
features and message types that have been defined in this document. features and message types that have been defined in this document.
skipping to change at page 20, line 13 skipping to change at page 20, line 13
A.4. Examples of MACed Messages A.4. Examples of MACed Messages
A.5. Examples of MAC0 Messages A.5. Examples of MAC0 Messages
Acknowledgments Acknowledgments
This document is a product of the COSE working group of the IETF. This document is a product of the COSE working group of the IETF.
The initial version of the specification was based to some degree on The initial version of the specification was based to some degree on
the outputs of the JOSE and S/MIME working groups. the outputs of the JOSE and S/MIME working groups.
Author's Address Jim Schaad passed on 3 October 2020. This document is primarily his
work. Russ Housley served as the document editor after Jim's
untimely death, mostly helping with the approval and publication
processes. Jim deserves all credit for the technical content.
{{{ RFC EDITOR: Please remove Russ Housley as an author of this
document at publication. Jim Schaad should be listed as the sole
author. }}}
Authors' Addresses
Jim Schaad Jim Schaad
August Cellars August Cellars
Email: ietf@augustcellars.com Email: ietf@augustcellars.com
Russ Housley (editor)
Vigil Security, LLC
Email: housley@vigilsec.com
 End of changes. 23 change blocks. 
37 lines changed or deleted 40 lines changed or added

This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/