| < draft-ietf-cose-hash-sig-06.txt | draft-ietf-cose-hash-sig-07.txt > | |||
|---|---|---|---|---|
| Network Working Group R. Housley | Network Working Group R. Housley | |||
| Internet-Draft Vigil Security | Internet-Draft Vigil Security | |||
| Intended status: Standards Track November 01, 2019 | Intended status: Standards Track November 03, 2019 | |||
| Expires: May 4, 2020 | Expires: May 6, 2020 | |||
| Use of the HSS/LMS Hash-based Signature Algorithm with CBOR Object | Use of the HSS/LMS Hash-based Signature Algorithm with CBOR Object | |||
| Signing and Encryption (COSE) | Signing and Encryption (COSE) | |||
| draft-ietf-cose-hash-sig-06 | draft-ietf-cose-hash-sig-07 | |||
| Abstract | Abstract | |||
| This document specifies the conventions for using the Hierarchical | This document specifies the conventions for using the Hierarchical | |||
| Signature System (HSS) / Leighton-Micali Signature (LMS) hash-based | Signature System (HSS) / Leighton-Micali Signature (LMS) hash-based | |||
| signature algorithm with the CBOR Object Signing and Encryption | signature algorithm with the CBOR Object Signing and Encryption | |||
| (COSE) syntax. The HSS/LMS algorithm is one form of hash-based | (COSE) syntax. The HSS/LMS algorithm is one form of hash-based | |||
| digital signature; it is described in RFC 8554. | digital signature; it is described in RFC 8554. | |||
| Status of This Memo | Status of This Memo | |||
| skipping to change at page 1, line 35 ¶ | skipping to change at page 1, line 35 ¶ | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF). Note that other groups may also distribute | Task Force (IETF). Note that other groups may also distribute | |||
| working documents as Internet-Drafts. The list of current Internet- | working documents as Internet-Drafts. The list of current Internet- | |||
| Drafts is at https://datatracker.ietf.org/drafts/current/. | Drafts is at https://datatracker.ietf.org/drafts/current/. | |||
| Internet-Drafts are draft documents valid for a maximum of six months | Internet-Drafts are draft documents valid for a maximum of six months | |||
| and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
| time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
| material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
| This Internet-Draft will expire on May 4, 2020. | This Internet-Draft will expire on May 6, 2020. | |||
| Copyright Notice | Copyright Notice | |||
| Copyright (c) 2019 IETF Trust and the persons identified as the | Copyright (c) 2019 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents | Provisions Relating to IETF Documents | |||
| (https://trustee.ietf.org/license-info) in effect on the date of | (https://trustee.ietf.org/license-info) in effect on the date of | |||
| publication of this document. Please review these documents | publication of this document. Please review these documents | |||
| skipping to change at page 2, line 28 ¶ | skipping to change at page 2, line 28 ¶ | |||
| 4.1. Implementation Security Considerations . . . . . . . . . 7 | 4.1. Implementation Security Considerations . . . . . . . . . 7 | |||
| 5. Operational Considerations . . . . . . . . . . . . . . . . . 8 | 5. Operational Considerations . . . . . . . . . . . . . . . . . 8 | |||
| 6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 9 | 6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 9 | |||
| 6.1. COSE Algorithms Registry Entry . . . . . . . . . . . . . 9 | 6.1. COSE Algorithms Registry Entry . . . . . . . . . . . . . 9 | |||
| 6.2. COSE Key Types Registry Entry . . . . . . . . . . . . . . 9 | 6.2. COSE Key Types Registry Entry . . . . . . . . . . . . . . 9 | |||
| 7. References . . . . . . . . . . . . . . . . . . . . . . . . . 9 | 7. References . . . . . . . . . . . . . . . . . . . . . . . . . 9 | |||
| 7.1. Normative References . . . . . . . . . . . . . . . . . . 9 | 7.1. Normative References . . . . . . . . . . . . . . . . . . 9 | |||
| 7.2. Informative References . . . . . . . . . . . . . . . . . 10 | 7.2. Informative References . . . . . . . . . . . . . . . . . 10 | |||
| Appendix A. Examples . . . . . . . . . . . . . . . . . . . . . . 11 | Appendix A. Examples . . . . . . . . . . . . . . . . . . . . . . 11 | |||
| A.1. Example COSE Full Message Signature . . . . . . . . . . . 11 | A.1. Example COSE Full Message Signature . . . . . . . . . . . 11 | |||
| A.2. Example COSE_Sign0 Message . . . . . . . . . . . . . . . 13 | A.2. Example COSE_Sign1 Message . . . . . . . . . . . . . . . 13 | |||
| Appendix B. Acknowledgements . . . . . . . . . . . . . . . . . . 15 | Appendix B. Acknowledgements . . . . . . . . . . . . . . . . . . 15 | |||
| Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 15 | Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 15 | |||
| 1. Introduction | 1. Introduction | |||
| This document specifies the conventions for using the Hierarchical | This document specifies the conventions for using the Hierarchical | |||
| Signature System (HSS) / Leighton-Micali Signature (LMS) hash-based | Signature System (HSS) / Leighton-Micali Signature (LMS) hash-based | |||
| signature algorithm with with the CBOR Object Signing and Encryption | signature algorithm with with the CBOR Object Signing and Encryption | |||
| (COSE) [RFC8152] syntax. The LMS system provides a one-time digital | (COSE) [RFC8152] syntax. The LMS system provides a one-time digital | |||
| signature that is a variant of Merkle Tree Signatures (MTS). The HSS | signature that is a variant of Merkle Tree Signatures (MTS). The HSS | |||
| skipping to change at page 11, line 19 ¶ | skipping to change at page 11, line 19 ¶ | |||
| [RFC5280] Cooper, D., Santesson, S., Farrell, S., Boeyen, S., | [RFC5280] Cooper, D., Santesson, S., Farrell, S., Boeyen, S., | |||
| Housley, R., and W. Polk, "Internet X.509 Public Key | Housley, R., and W. Polk, "Internet X.509 Public Key | |||
| Infrastructure Certificate and Certificate Revocation List | Infrastructure Certificate and Certificate Revocation List | |||
| (CRL) Profile", RFC 5280, DOI 10.17487/RFC5280, May 2008, | (CRL) Profile", RFC 5280, DOI 10.17487/RFC5280, May 2008, | |||
| <https://www.rfc-editor.org/info/rfc5280>. | <https://www.rfc-editor.org/info/rfc5280>. | |||
| Appendix A. Examples | Appendix A. Examples | |||
| This appendix provides a non-normative example of a COSE full message | This appendix provides a non-normative example of a COSE full message | |||
| signature and an example of a COSE_Sign0 message. This section | signature and an example of a COSE_Sign1 message. This section | |||
| follows the formatting used in [RFC8152]. | follows the formatting used in [RFC8152]. | |||
| The programs that were used to generate the examples can be found at | The programs that were used to generate the examples can be found at | |||
| https://github.com/cose-wg/Examples. | https://github.com/cose-wg/Examples. | |||
| A.1. Example COSE Full Message Signature | A.1. Example COSE Full Message Signature | |||
| This section provides an example of a COSE full message signature. | This section provides an example of a COSE full message signature. | |||
| Size of binary file is 2560 bytes. | Size of binary file is 2560 bytes. | |||
| skipping to change at page 13, line 29 ¶ | skipping to change at page 13, line 29 ¶ | |||
| e71696cef93c6a552456bf96e9d075e383bb7543c675842bafbfc7cdb88483b3276c | e71696cef93c6a552456bf96e9d075e383bb7543c675842bafbfc7cdb88483b3276c | |||
| 29d4f0a341c2d406e40d4653b7e4d045851acf6a0a0ea9c710b805cced4635ee8c10 | 29d4f0a341c2d406e40d4653b7e4d045851acf6a0a0ea9c710b805cced4635ee8c10 | |||
| 7362f0fc8d80c14d0ac49c516703d26d14752f34c1c0d2c4247581c18c2cf4de48e9 | 7362f0fc8d80c14d0ac49c516703d26d14752f34c1c0d2c4247581c18c2cf4de48e9 | |||
| ce949be7c888e9caebe4a415e291fd107d21dc1f084b1158208249f28f4f7c7e931b | ce949be7c888e9caebe4a415e291fd107d21dc1f084b1158208249f28f4f7c7e931b | |||
| a7b3bd0d824a4570' | a7b3bd0d824a4570' | |||
| ] | ] | |||
| ] | ] | |||
| ] | ] | |||
| ) | ) | |||
| A.2. Example COSE_Sign0 Message | A.2. Example COSE_Sign1 Message | |||
| This section provides an example of a COSE_Sign0 message. | This section provides an example of a COSE_Sign1 message. | |||
| Size of binary file is 2552 bytes. | Size of binary file is 2552 bytes. | |||
| 18( | 18( | |||
| [ | [ | |||
| / protected / h'a101382d' / { | / protected / h'a101382d' / { | |||
| \ alg \ 1:-46 \ HSS-LMS \ | \ alg \ 1:-46 \ HSS-LMS \ | |||
| } / , | } / , | |||
| / unprotected / { | / unprotected / { | |||
| / kid / 4:'ItsBig' | / kid / 4:'ItsBig' | |||
| End of changes. 7 change blocks. | ||||
| 8 lines changed or deleted | 8 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||