idnits 2.17.1 draft-ietf-cbor-date-tag-03.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year == The document doesn't use any RFC 2119 keywords, yet seems to have RFC 2119 boilerplate text. -- The document date (July 1, 2020) is 1387 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) ** Obsolete normative reference: RFC 7049 (Obsoleted by RFC 8949) Summary: 1 error (**), 0 flaws (~~), 2 warnings (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 CBOR Working Group M. Jones 3 Internet-Draft A. Nadalin 4 Intended status: Standards Track Microsoft 5 Expires: January 2, 2021 J. Richter 6 pdv Financial Software GmbH 7 July 1, 2020 9 Concise Binary Object Representation (CBOR) Tags for Date 10 draft-ietf-cbor-date-tag-03 12 Abstract 14 The Concise Binary Object Representation (CBOR, RFC 7049) is a data 15 format whose design goals include the possibility of extremely small 16 code size, fairly small message size, and extensibility without the 17 need for version negotiation. 19 In CBOR, one point of extensibility is the definition of CBOR tags. 20 RFC 7049 defines two tags for time: CBOR tag 0 (RFC 3339 date/time 21 string) and tag 1 (Posix "seconds since the epoch"). Since then, 22 additional requirements have become known. This specification 23 defines a CBOR tag for an RFC 3339 date text string, for applications 24 needing a textual date representation without a time. It also 25 defines a CBOR tag for days since the Posix epoch, for applications 26 needing a numeric date representation without a time. These tags are 27 both for representations of calendar dates. It is intended as the 28 reference document for the IANA registration of the CBOR tags 29 defined. 31 Status of This Memo 33 This Internet-Draft is submitted in full conformance with the 34 provisions of BCP 78 and BCP 79. 36 Internet-Drafts are working documents of the Internet Engineering 37 Task Force (IETF). Note that other groups may also distribute 38 working documents as Internet-Drafts. The list of current Internet- 39 Drafts is at https://datatracker.ietf.org/drafts/current/. 41 Internet-Drafts are draft documents valid for a maximum of six months 42 and may be updated, replaced, or obsoleted by other documents at any 43 time. It is inappropriate to use Internet-Drafts as reference 44 material or to cite them other than as "work in progress." 46 This Internet-Draft will expire on January 2, 2021. 48 Copyright Notice 50 Copyright (c) 2020 IETF Trust and the persons identified as the 51 document authors. All rights reserved. 53 This document is subject to BCP 78 and the IETF Trust's Legal 54 Provisions Relating to IETF Documents 55 (https://trustee.ietf.org/license-info) in effect on the date of 56 publication of this document. Please review these documents 57 carefully, as they describe your rights and restrictions with respect 58 to this document. Code Components extracted from this document must 59 include Simplified BSD License text as described in Section 4.e of 60 the Trust Legal Provisions and are provided without warranty as 61 described in the Simplified BSD License. 63 Table of Contents 65 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 66 1.1. Requirements Notation and Conventions . . . . . . . . . . 3 67 2. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 3 68 2.1. Concise Binary Object Representation (CBOR) Tags 69 Registrations . . . . . . . . . . . . . . . . . . . . . . 3 70 3. Security Considerations . . . . . . . . . . . . . . . . . . . 3 71 4. References . . . . . . . . . . . . . . . . . . . . . . . . . 4 72 4.1. Normative References . . . . . . . . . . . . . . . . . . 4 73 4.2. Informative References . . . . . . . . . . . . . . . . . 4 74 Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . 4 75 Document History . . . . . . . . . . . . . . . . . . . . . . . . 4 76 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 5 78 1. Introduction 80 The Concise Binary Object Representation (CBOR) [RFC7049] provides 81 for the interchange of structured data without a requirement for a 82 pre-agreed schema. RFC 7049 defines a basic set of data types, as 83 well as a tagging mechanism that enables extending the set of data 84 types supported via an IANA registry. 86 This specification defines a CBOR tag for a text string representing 87 a date without a time. The tagged text string is represented as 88 specified by the RFC 3339 [RFC3339] "full-date" production. 90 This specification also defines a CBOR tag for an integer 91 representing a date without a time. The tagged integer is an 92 unsigned or negative value indicating the number of days since the 93 IEEE Std 1003.1, 2013 Edition [POSIX.1] epoch date 1970-01-01. As an 94 implementation note, this value has a constant offset from the 95 Modified Julian Date value (which is defined by the Smithsonian 96 Astrophysical Observatory as the number of days since November 17, 97 1858); this value is the Modified Julian Date minus 40,587. 99 Note that since both tags are for dates without times, time zones and 100 leap seconds are not applicable to these values. These tags are both 101 for representations of calendar dates. 103 1.1. Requirements Notation and Conventions 105 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 106 "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and 107 "OPTIONAL" in this document are to be interpreted as described in BCP 108 14 [RFC2119] [RFC8174] when, and only when, they appear in all 109 capitals, as shown here. 111 2. IANA Considerations 113 2.1. Concise Binary Object Representation (CBOR) Tags Registrations 115 This section registers the following values in the IANA "Concise 116 Binary Object Representation (CBOR) Tags" registry [IANA.cbor-tags]. 118 o Tag: 1004 (value requested) 119 o Data Item: UTF-8 text string 120 o Semantics: RFC 3339 full-date string 121 o Reference: [[ this specification ]] 123 o Tag: 100 (ASCII 'd') (value requested) 124 o Data Item: Unsigned or negative integer 125 o Semantics: Number of days since the epoch date 1970-01-01 126 o Reference: [[ this specification ]] 128 3. Security Considerations 130 The security considerations of RFC 7049 apply; the tags introduced 131 here are not expected to raise security considerations beyond those. 133 A date, of course, has significant security considerations; these 134 include the exploitation of ambiguities where the date is security 135 relevant or where the date is used in access control decisions. When 136 using a calendar date for decision making, for example access 137 control, it needs to be noted that since calendar dates do not 138 represent a specific point in time, the results of the evaluation can 139 differ depending upon where the decision is made. For instance, a 140 person may have reached their 21st birthday in Japan while 141 simultaneously being a day short of their 21st birthday in Hawaii. 143 4. References 145 4.1. Normative References 147 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 148 Requirement Levels", BCP 14, RFC 2119, 149 DOI 10.17487/RFC2119, March 1997, 150 . 152 [RFC3339] Klyne, G. and C. Newman, "Date and Time on the Internet: 153 Timestamps", RFC 3339, DOI 10.17487/RFC3339, July 2002, 154 . 156 [RFC7049] Bormann, C. and P. Hoffman, "Concise Binary Object 157 Representation (CBOR)", RFC 7049, DOI 10.17487/RFC7049, 158 October 2013, . 160 [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 161 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 162 May 2017, . 164 4.2. Informative References 166 [IANA.cbor-tags] 167 IANA, "Concise Binary Object Representation (CBOR) Tags", 168 . 170 [POSIX.1] IEEE, "The Open Group Base Specifications Issue 7", 171 IEEE Std 1003.1, 2013 Edition, 2013, 172 . 175 Acknowledgements 177 Thanks to Carsten Bormann for supporting creation of this 178 specification. Parts of the explanatory text in this specification 179 come from draft-bormann-cbor-time-tag-02. 181 Thanks to these people for reviews of the specification: Henk 182 Birkholz, Carsten Bormann, Thiago Macieira, Michael Richardson, Jim 183 Schaad, Juergen Schoenwaelder, and Dale Worley. 185 Document History 187 [[ to be removed by the RFC Editor before publication as an RFC ]] 189 -03 190 o Added statement that these tags are both for representations of 191 calendar dates. 193 o Described consequences of using calendar dates in access control 194 decisions. 196 -02 198 o Addressed working group last call comments, including stating that 199 time zones are not applicable to these values. 201 -01 203 o Changed "positive or negative" to "unsigned or negative". 205 o Added an implementation note about the relationship to Modified 206 Julian Dates. 208 -00 210 o Initial working group version based on draft-jones-cbor-date- 211 tag-01 with no normative changes. 213 Authors' Addresses 215 Michael B. Jones 216 Microsoft 218 Email: mbj@microsoft.com 219 URI: https://self-issued.info/ 221 Anthony Nadalin 222 Microsoft 224 Email: tonynad@microsoft.com 226 Joerg Richter 227 pdv Financial Software GmbH 229 Email: joerg.richter@pdv-fs.de