< draft-selander-cose-kid-int-00.txt   draft-selander-cose-kid-int-01.txt >
Network Working Group G. Selander Network Working Group G. Selander
Internet-Draft J. Preuß Mattsson Internet-Draft J. Preuß Mattsson
Intended status: Standards Track Ericsson Intended status: Standards Track Ericsson
Expires: 8 September 2022 7 March 2022 Expires: 20 September 2022 19 March 2022
Integer value for the CBOR Object Signing and Encryption (COSE) key Integer value for the CBOR Object Signing and Encryption (COSE) key
identifier identifier
draft-selander-cose-kid-int-00 draft-selander-cose-kid-int-01
Abstract Abstract
This document extends the CBOR Object Signing and Encryption (COSE) This document extends the CBOR Object Signing and Encryption (COSE)
parameter kid to CBOR integer values. parameter kid to CBOR integer values.
Status of This Memo Status of This Memo
This Internet-Draft is submitted in full conformance with the This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79. provisions of BCP 78 and BCP 79.
skipping to change at page 1, line 32 skipping to change at page 1, line 32
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/. Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on 8 September 2022. This Internet-Draft will expire on 20 September 2022.
Copyright Notice Copyright Notice
Copyright (c) 2022 IETF Trust and the persons identified as the Copyright (c) 2022 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents (https://trustee.ietf.org/ Provisions Relating to IETF Documents (https://trustee.ietf.org/
license-info) in effect on the date of publication of this document. license-info) in effect on the date of publication of this document.
Please review these documents carefully, as they describe your rights Please review these documents carefully, as they describe your rights
skipping to change at page 2, line 12 skipping to change at page 2, line 12
described in Section 4.e of the Trust Legal Provisions and are described in Section 4.e of the Trust Legal Provisions and are
provided without warranty as described in the Revised BSD License. provided without warranty as described in the Revised BSD License.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2
2. Security Considerations . . . . . . . . . . . . . . . . . . . 3 2. Security Considerations . . . . . . . . . . . . . . . . . . . 3
3. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 3 3. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 3
3.1. COSE Header Parameters Registry . . . . . . . . . . . . . 3 3.1. COSE Header Parameters Registry . . . . . . . . . . . . . 3
3.2. COSE Key Common Parameters Registry . . . . . . . . . . . 3 3.2. COSE Key Common Parameters Registry . . . . . . . . . . . 3
4. References . . . . . . . . . . . . . . . . . . . . . . . . . 3 3.3. CWT Confirmation Methods . . . . . . . . . . . . . . . . 3
4.1. Normative References . . . . . . . . . . . . . . . . . . 3 4. References . . . . . . . . . . . . . . . . . . . . . . . . . 4
4.1. Normative References . . . . . . . . . . . . . . . . . . 4
4.2. Informative References . . . . . . . . . . . . . . . . . 4 4.2. Informative References . . . . . . . . . . . . . . . . . 4
Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . . . 4 Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . . . 5
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 4 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 5
1. Introduction 1. Introduction
Many Internet of Things (IoT) deployments require technologies which Many Internet of Things (IoT) deployments require technologies which
are highly performant in constrained environments [RFC7228]. The are highly performant in constrained environments [RFC7228]. The
connectivity for these settings may exhibit extremely restricted connectivity for these settings may exhibit extremely restricted
bandwidth constraints, for which byte level optimizations are bandwidth constraints, for which byte level optimizations are
motivated, see [I-D.ietf-lake-reqs]. motivated, see [I-D.ietf-lake-reqs].
The use of CBOR [RFC8949] enables a compact encoding of protected The use of CBOR [RFC8949] enables a compact encoding of protected
skipping to change at page 2, line 43 skipping to change at page 2, line 44
The value of the kid parameter is specified to be encoded as a CBOR The value of the kid parameter is specified to be encoded as a CBOR
byte string, which (with the exception of the empty string) requires byte string, which (with the exception of the empty string) requires
at least two bytes on the wire. For comparison, CBOR encoding of at least two bytes on the wire. For comparison, CBOR encoding of
small integers (-24, ..., 23) need only one byte on the wire. Since small integers (-24, ..., 23) need only one byte on the wire. Since
many IoT deployments may use local identifiers for which a few unique many IoT deployments may use local identifiers for which a few unique
identifiers are sufficient, the use of CBOR integers as key identifiers are sufficient, the use of CBOR integers as key
identifiers would reduce the overhead due to transport of COSE identifiers would reduce the overhead due to transport of COSE
objects. objects.
This specification amends this limitation by extending the COSE This specification amends this limitation by extending the COSE
parameter kid to allow CBOR integer values. kid is used in two parameter kid to allow CBOR integer values. kid is used in different
instances in COSE, which both need to be extended to CBOR int instances, which all need to be extended to CBOR int encoding:
encoding:
* The kid COSE header parameter, see Section 3.1. * The kid COSE header parameter, see Section 3.1.
* The kid COSE Key Common Parameter, see Section 3.2. * The kid COSE Key Common Parameter, see Section 3.2.
* The kid CWT Confirmation Method, see Section 3.3.
2. Security Considerations 2. Security Considerations
There are no additional security considerations compared to key There are no additional security considerations compared to key
identifiers to being byte strings. identifiers to being byte strings.
3. IANA Considerations 3. IANA Considerations
3.1. COSE Header Parameters Registry 3.1. COSE Header Parameters Registry
IANA has extended the Value Type of kid in the "COSE Header IANA has extended the Value Type of kid in the "COSE Header
skipping to change at page 3, line 38 skipping to change at page 3, line 38
IANA has extended the Value Type of kid in the "COSE Key Common IANA has extended the Value Type of kid in the "COSE Key Common
Parameters" registry under the group name "CBOR Object Signing and Parameters" registry under the group name "CBOR Object Signing and
Encryption (COSE)" to also allow the Value Type int. The resulting Encryption (COSE)" to also allow the Value Type int. The resulting
Value Type is bstr / int. The Value Registry for this item is empty Value Type is bstr / int. The Value Registry for this item is empty
and omitted from the table below. and omitted from the table below.
+------+-------+------------+---------------------------+ +------+-------+------------+---------------------------+
| Name | Label | Value Type | Description | | Name | Label | Value Type | Description |
+------+-------+------------+---------------------------+ +------+-------+------------+---------------------------+
| kid | 2 | bstr / int | Key identification value | | kid | 2 | bstr / int | Key identification value |
| | | | - to match kid in message | | | | | - match to kid in message |
+------+-------+------------+---------------------------+
3.3. CWT Confirmation Methods
IANA has extended the Value Type of kid in the "CWT Confirmation
Methods" registry under the group name "CBOR Web Token (CWT) Claims"
to also allow the Value Type int. The resulting Value Type is bstr /
int. The Value Registry for this item is empty and omitted from the
table below.
+------+-------+------------+---------------------------+
| Name | Label | Value Type | Description |
+------+-------+------------+---------------------------+
| kid | 3 | bstr / int | Key identification value |
| | | | - match to kid in message |
+------+-------+------------+---------------------------+ +------+-------+------------+---------------------------+
4. References 4. References
4.1. Normative References 4.1. Normative References
[I-D.ietf-cose-rfc8152bis-struct] [I-D.ietf-cose-rfc8152bis-struct]
Schaad, J., "CBOR Object Signing and Encryption (COSE): Schaad, J., "CBOR Object Signing and Encryption (COSE):
Structures and Process", Work in Progress, Internet-Draft, Structures and Process", Work in Progress, Internet-Draft,
draft-ietf-cose-rfc8152bis-struct-15, 1 February 2021, draft-ietf-cose-rfc8152bis-struct-15, 1 February 2021,
 End of changes. 8 change blocks. 
11 lines changed or deleted 28 lines changed or added

This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/