draft-ietf-rats-uccs-01.txt   draft-ietf-rats-uccs-02.txt 
RATS Working Group H. Birkholz RATS Working Group H. Birkholz
Internet-Draft Fraunhofer SIT Internet-Draft Fraunhofer SIT
Intended status: Standards Track J. O'Donoghue Intended status: Standards Track J. O'Donoghue
Expires: 14 January 2022 Qualcomm Technologies Inc. Expires: 16 July 2022 Qualcomm Technologies Inc.
N. Cam-Winget N. Cam-Winget
Cisco Systems Cisco Systems
C. Bormann C. Bormann
Universität Bremen TZI Universität Bremen TZI
13 July 2021 12 January 2022
A CBOR Tag for Unprotected CWT Claims Sets A CBOR Tag for Unprotected CWT Claims Sets
draft-ietf-rats-uccs-01 draft-ietf-rats-uccs-02
Abstract Abstract
CBOR Web Token (CWT, RFC 8392) Claims Sets sometimes do not need the CBOR Web Token (CWT, RFC 8392) Claims Sets sometimes do not need the
protection afforded by wrapping them into COSE, as is required for a protection afforded by wrapping them into COSE, as is required for a
true CWT. This specification defines a CBOR tag for such unprotected true CWT. This specification defines a CBOR tag for such unprotected
CWT Claims Sets (UCCS) and discusses conditions for its proper use. CWT Claims Sets (UCCS) and discusses conditions for its proper use.
// The present version (-01) has a few editorial improvements over
// -00 and attempts to address points from Thomas Fossati's
// 2021-03-16 review, for further discussion at IETF 111.
About This Document
This note is to be removed before publishing as an RFC.
Status information for this document may be found at
https://datatracker.ietf.org/doc/draft-ietf-rats-uccs/.
Discussion of this document takes place on the Remote ATtestation
ProcedureS (rats) Working Group mailing list (mailto:rats@ietf.org),
which is archived at https://mailarchive.ietf.org/arch/browse/rats/.
Source for this draft and an issue tracker can be found at
https://github.com/ietf-rats-wg/draft-ietf-rats-uccs.
Status of This Memo Status of This Memo
This Internet-Draft is submitted in full conformance with the This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79. provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/. Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on 14 January 2022. This Internet-Draft will expire on 16 July 2022.
Copyright Notice Copyright Notice
Copyright (c) 2021 IETF Trust and the persons identified as the Copyright (c) 2022 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents (https://trustee.ietf.org/ Provisions Relating to IETF Documents (https://trustee.ietf.org/
license-info) in effect on the date of publication of this document. license-info) in effect on the date of publication of this document.
Please review these documents carefully, as they describe your rights Please review these documents carefully, as they describe your rights
and restrictions with respect to this document. Code Components and restrictions with respect to this document. Code Components
extracted from this document must include Simplified BSD License text extracted from this document must include Revised BSD License text as
as described in Section 4.e of the Trust Legal Provisions and are described in Section 4.e of the Trust Legal Provisions and are
provided without warranty as described in the Simplified BSD License. provided without warranty as described in the Revised BSD License.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3
1.1. Terminology . . . . . . . . . . . . . . . . . . . . . . . 3 1.1. Terminology . . . . . . . . . . . . . . . . . . . . . . . 3
2. Example Use Cases . . . . . . . . . . . . . . . . . . . . . . 4 2. Example Use Cases . . . . . . . . . . . . . . . . . . . . . . 4
3. Characteristics of a Secure Channel . . . . . . . . . . . . . 4 3. Characteristics of a Secure Channel . . . . . . . . . . . . . 4
3.1. UCCS and Remote ATtestation procedureS (RATS) . . . . . . 5 3.1. UCCS and Remote ATtestation procedureS (RATS) . . . . . . 5
3.2. Privacy Preserving Channels . . . . . . . . . . . . . . . 6 3.2. Privacy Preserving Channels . . . . . . . . . . . . . . . 6
4. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 6 4. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 7
5. Security Considerations . . . . . . . . . . . . . . . . . . . 7 5. Security Considerations . . . . . . . . . . . . . . . . . . . 7
5.1. General Considerations . . . . . . . . . . . . . . . . . 7 5.1. General Considerations . . . . . . . . . . . . . . . . . 7
5.2. AES-CBC_MAC . . . . . . . . . . . . . . . . . . . . . . . 8 5.2. AES-CBC_MAC . . . . . . . . . . . . . . . . . . . . . . . 8
5.3. AES-GCM . . . . . . . . . . . . . . . . . . . . . . . . . 8 5.3. AES-GCM . . . . . . . . . . . . . . . . . . . . . . . . . 8
5.4. AES-CCM . . . . . . . . . . . . . . . . . . . . . . . . . 8 5.4. AES-CCM . . . . . . . . . . . . . . . . . . . . . . . . . 9
5.5. ChaCha20 and Poly1305 . . . . . . . . . . . . . . . . . . 8 5.5. ChaCha20 and Poly1305 . . . . . . . . . . . . . . . . . . 9
6. References . . . . . . . . . . . . . . . . . . . . . . . . . 9 6. References . . . . . . . . . . . . . . . . . . . . . . . . . 9
6.1. Normative References . . . . . . . . . . . . . . . . . . 9 6.1. Normative References . . . . . . . . . . . . . . . . . . 9
6.2. Informative References . . . . . . . . . . . . . . . . . 9 6.2. Informative References . . . . . . . . . . . . . . . . . 10
Appendix A. Example . . . . . . . . . . . . . . . . . . . . . . 10 Appendix A. CDDL . . . . . . . . . . . . . . . . . . . . . . . . 11
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 11 Appendix B. Example . . . . . . . . . . . . . . . . . . . . . . 13
Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . 14
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 14
1. Introduction 1. Introduction
A CBOR Web Token (CWT) as specified by [RFC8392] is always wrapped in A CBOR Web Token (CWT) as specified by [RFC8392] is always wrapped in
a CBOR Object Signing and Encryption (COSE, [RFC8152]) envelope. a CBOR Object Signing and Encryption (COSE, [RFC8152]) envelope.
COSE provides -- amongst other things -- the end-to-end data origin COSE provides -- amongst other things -- the end-to-end data origin
authentication and integrity protection employed by RFC 8392 and authentication and integrity protection employed by RFC 8392 and
optional encryption for CWTs. Under the right circumstances optional encryption for CWTs. Under the right circumstances
(Section 3), though, a signature providing proof for authenticity and (Section 3), though, a signature providing proof for authenticity and
integrity can be provided through the transfer protocol and thus integrity can be provided through the transfer protocol and thus
skipping to change at page 9, line 11 skipping to change at page 9, line 34
Section 4.3.1 of [I-D.ietf-cose-rfc8152bis-algs] contains a detailed Section 4.3.1 of [I-D.ietf-cose-rfc8152bis-algs] contains a detailed
explanation of these considerations. explanation of these considerations.
6. References 6. References
6.1. Normative References 6.1. Normative References
[IANA.cbor-tags] [IANA.cbor-tags]
IANA, "Concise Binary Object Representation (CBOR) Tags", IANA, "Concise Binary Object Representation (CBOR) Tags",
<http://www.iana.org/assignments/cbor-tags>. <https://www.iana.org/assignments/cbor-tags>.
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, Requirement Levels", BCP 14, RFC 2119,
DOI 10.17487/RFC2119, March 1997, DOI 10.17487/RFC2119, March 1997,
<https://www.rfc-editor.org/info/rfc2119>. <https://www.rfc-editor.org/info/rfc2119>.
[RFC7519] Jones, M., Bradley, J., and N. Sakimura, "JSON Web Token [RFC7519] Jones, M., Bradley, J., and N. Sakimura, "JSON Web Token
(JWT)", RFC 7519, DOI 10.17487/RFC7519, May 2015, (JWT)", RFC 7519, DOI 10.17487/RFC7519, May 2015,
<https://www.rfc-editor.org/info/rfc7519>. <https://www.rfc-editor.org/info/rfc7519>.
skipping to change at page 10, line 16 skipping to change at page 10, line 39
Schaad, J., "CBOR Object Signing and Encryption (COSE): Schaad, J., "CBOR Object Signing and Encryption (COSE):
Structures and Process", Work in Progress, Internet-Draft, Structures and Process", Work in Progress, Internet-Draft,
draft-ietf-cose-rfc8152bis-struct-15, 1 February 2021, draft-ietf-cose-rfc8152bis-struct-15, 1 February 2021,
<https://www.ietf.org/archive/id/draft-ietf-cose- <https://www.ietf.org/archive/id/draft-ietf-cose-
rfc8152bis-struct-15.txt>. rfc8152bis-struct-15.txt>.
[I-D.ietf-rats-architecture] [I-D.ietf-rats-architecture]
Birkholz, H., Thaler, D., Richardson, M., Smith, N., and Birkholz, H., Thaler, D., Richardson, M., Smith, N., and
W. Pan, "Remote Attestation Procedures Architecture", Work W. Pan, "Remote Attestation Procedures Architecture", Work
in Progress, Internet-Draft, draft-ietf-rats-architecture- in Progress, Internet-Draft, draft-ietf-rats-architecture-
12, 23 April 2021, <https://www.ietf.org/archive/id/draft- 14, 9 December 2021, <https://www.ietf.org/archive/id/
ietf-rats-architecture-12.txt>. draft-ietf-rats-architecture-14.txt>.
[I-D.ietf-rats-eat] [I-D.ietf-rats-eat]
Mandyam, G., Lundblade, L., Ballesteros, M., and J. Lundblade, L., Mandyam, G., and J. O'Donoghue, "The Entity
O'Donoghue, "The Entity Attestation Token (EAT)", Work in Attestation Token (EAT)", Work in Progress, Internet-
Progress, Internet-Draft, draft-ietf-rats-eat-10, 7 June Draft, draft-ietf-rats-eat-11, 24 October 2021,
2021, <https://www.ietf.org/archive/id/draft-ietf-rats- <https://www.ietf.org/archive/id/draft-ietf-rats-eat-
eat-10.txt>. 11.txt>.
[I-D.ietf-teep-architecture] [I-D.ietf-teep-architecture]
Pei, M., Tschofenig, H., Thaler, D., and D. Wheeler, Pei, M., Tschofenig, H., Thaler, D., and D. Wheeler,
"Trusted Execution Environment Provisioning (TEEP) "Trusted Execution Environment Provisioning (TEEP)
Architecture", Work in Progress, Internet-Draft, draft- Architecture", Work in Progress, Internet-Draft, draft-
ietf-teep-architecture-14, 22 February 2021, ietf-teep-architecture-15, 12 July 2021,
<https://www.ietf.org/archive/id/draft-ietf-teep- <https://www.ietf.org/archive/id/draft-ietf-teep-
architecture-14.txt>. architecture-15.txt>.
[RFC6749] Hardt, D., Ed., "The OAuth 2.0 Authorization Framework",
RFC 6749, DOI 10.17487/RFC6749, October 2012,
<https://www.rfc-editor.org/info/rfc6749>.
[RFC8446] Rescorla, E., "The Transport Layer Security (TLS) Protocol [RFC8446] Rescorla, E., "The Transport Layer Security (TLS) Protocol
Version 1.3", RFC 8446, DOI 10.17487/RFC8446, August 2018, Version 1.3", RFC 8446, DOI 10.17487/RFC8446, August 2018,
<https://www.rfc-editor.org/info/rfc8446>. <https://www.rfc-editor.org/info/rfc8446>.
[RFC8693] Jones, M., Nadalin, A., Campbell, B., Ed., Bradley, J.,
and C. Mortimore, "OAuth 2.0 Token Exchange", RFC 8693,
DOI 10.17487/RFC8693, January 2020,
<https://www.rfc-editor.org/info/rfc8693>.
[RFC8747] Jones, M., Seitz, L., Selander, G., Erdtman, S., and H.
Tschofenig, "Proof-of-Possession Key Semantics for CBOR
Web Tokens (CWTs)", RFC 8747, DOI 10.17487/RFC8747, March
2020, <https://www.rfc-editor.org/info/rfc8747>.
[TPM2] "Trusted Platform Module Library Specification, Family [TPM2] "Trusted Platform Module Library Specification, Family
"2.0", Level 00, Revision 01.59 ed., Trusted Computing “2.0”, Level 00, Revision 01.59 ed., Trusted Computing
Group", 2019. Group", 2019.
Appendix A. Example Appendix A. CDDL
[RFC8392] does not define CDDL for CWT Claims sets.
This specification proposes using the definitions in Figure 1 for the
claims set defined in [RFC8392]. Note that these definitions have
been built such that they also can describe [RFC7519] claims sets by
disabling feature "cbor" and enabling feature "json", but this
flexibility is not the subject of the present specification.
Claims-Set = {
* $$Claims-Set-Claims
* Claim-Label .feature "extended-claims-label" => any
}
Claim-Label = int / text
string-or-uri = text
$$Claims-Set-Claims //= ( iss-claim-label => string-or-uri )
$$Claims-Set-Claims //= ( sub-claim-label => string-or-uri )
$$Claims-Set-Claims //= ( aud-claim-label => string-or-uri )
$$Claims-Set-Claims //= ( exp-claim-label => ~time )
$$Claims-Set-Claims //= ( nbf-claim-label => ~time )
$$Claims-Set-Claims //= ( iat-claim-label => ~time )
$$Claims-Set-Claims //= ( cti-claim-label => bytes )
iss-claim-label = JC<"iss", 1>
sub-claim-label = JC<"sub", 2>
aud-claim-label = JC<"aud", 3>
exp-claim-label = JC<"exp", 4>
nbf-claim-label = JC<"nbf", 5>
iat-claim-label = JC<"iat", 6>
cti-claim-label = CBOR-ONLY<7> ; jti in JWT: different name and text
JSON-ONLY<J> = J .feature "json"
CBOR-ONLY<C> = C .feature "cbor"
JC<J,C> = JSON-ONLY<J> / CBOR-ONLY<C>
Figure 1: CDDL definition for Claims-Set
Specifications that define additional claims should also supply
additions to the $$Claims-Set-Claims socket, e.g.:
; [RFC8747]
$$Claims-Set-Claims //= ( 8: CWT-cnf ) ; cnf
CWT-cnf = {
(1: CWT-COSE-Key) //
(2: CWT-Encrypted_COSE_Key) //
(3: CWT-kid)
}
CWT-COSE-Key = COSE_Key
CWT-Encrypted_COSE_Key = COSE_Encrypt / COSE_Encrypt0
CWT-kid = bytes
; [RFC8693]
$$Claims-Set-Claims //= ( 9: CWT-scope ) ; scope
; TO DO: understand what this means:
; scope The scope of an access token as defined in [RFC6749].
; scope 9 byte string or text string [IESG] [RFC8693, Section 4.2]
CWT-scope = bytes / text
; [RFC-ietf-ace-oauth-authz-45, Section 5.10]
$$Claims-Set-Claims //= ( 38: CWT-ace-profile ) ; ace_profile
CWT-ace-profile = $CWT-ACE-Profiles /
int .feature "ace_profile-extend"
; fill in from IANA registry
; https://www.iana.org/assignments/ace/ace.xhtml#ace-profiles :
$CWT-ACE-Profiles /= 1 ; coap_dtls
$$Claims-Set-Claims //= ( 39: CWT-cnonce ) ; cnonce
CWT-cnonce = bytes
$$Claims-Set-Claims //= ( 40: CWT-exi ) ; exi
CWT-exi = uint ; in seconds (5.10.3)
;;; insert CDDL from 9052-to-be to complete these CDDL definitions.
Appendix B. Example
The example CWT Claims Set from Appendix A.1 of [RFC8392] can be The example CWT Claims Set from Appendix A.1 of [RFC8392] can be
turned into an UCCS by enclosing it with a tag number TBD601: turned into an UCCS by enclosing it with a tag number TBD601:
<TBD601>( <TBD601>(
{ {
/ iss / 1: "coap://as.example.com", / iss / 1: "coap://as.example.com",
/ sub / 2: "erikw", / sub / 2: "erikw",
/ aud / 3: "coap://light.example.com", / aud / 3: "coap://light.example.com",
/ exp / 4: 1444064944, / exp / 4: 1444064944,
/ nbf / 5: 1443944944, / nbf / 5: 1443944944,
/ iat / 6: 1443944944, / iat / 6: 1443944944,
/ cti / 7: h'0b71' / cti / 7: h'0b71'
} }
) )
Acknowledgements
Laurence Lundblade suggested some improvements to the CDDL.
Authors' Addresses Authors' Addresses
Henk Birkholz Henk Birkholz
Fraunhofer SIT Fraunhofer SIT
Rheinstrasse 75 Rheinstrasse 75
64295 Darmstadt 64295 Darmstadt
Germany Germany
Email: henk.birkholz@sit.fraunhofer.de Email: henk.birkholz@sit.fraunhofer.de
 End of changes. 20 change blocks. 
27 lines changed or deleted 142 lines changed or added

This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/