idnits 2.17.1 draft-jones-webauthn-secp256k1-00.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (May 30, 2018) is 2156 days in the past. Is this intentional? Checking references for intended status: Informational ---------------------------------------------------------------------------- ** Obsolete normative reference: RFC 8152 (Obsoleted by RFC 9052, RFC 9053) Summary: 1 error (**), 0 flaws (~~), 1 warning (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 WebAuthn Working Group M. Jones 3 Internet-Draft Microsoft 4 Intended status: Informational May 30, 2018 5 Expires: December 1, 2018 7 Using secp256k1 with JOSE and COSE 8 draft-jones-webauthn-secp256k1-00 10 Abstract 12 This specification defines algorithm encodings and representations 13 enabling the Standards for Efficient Cryptography Group (SECG) 14 elliptic curve "secp256k1" to be used for JSON Object Signing and 15 Encryption (JOSE) and CBOR Object Signing and Encryption (COSE) 16 messages. 18 Status of This Memo 20 This Internet-Draft is submitted in full conformance with the 21 provisions of BCP 78 and BCP 79. 23 Internet-Drafts are working documents of the Internet Engineering 24 Task Force (IETF). Note that other groups may also distribute 25 working documents as Internet-Drafts. The list of current Internet- 26 Drafts is at https://datatracker.ietf.org/drafts/current/. 28 Internet-Drafts are draft documents valid for a maximum of six months 29 and may be updated, replaced, or obsoleted by other documents at any 30 time. It is inappropriate to use Internet-Drafts as reference 31 material or to cite them other than as "work in progress." 33 This Internet-Draft will expire on December 1, 2018. 35 Copyright Notice 37 Copyright (c) 2018 IETF Trust and the persons identified as the 38 document authors. All rights reserved. 40 This document is subject to BCP 78 and the IETF Trust's Legal 41 Provisions Relating to IETF Documents 42 (https://trustee.ietf.org/license-info) in effect on the date of 43 publication of this document. Please review these documents 44 carefully, as they describe your rights and restrictions with respect 45 to this document. Code Components extracted from this document must 46 include Simplified BSD License text as described in Section 4.e of 47 the Trust Legal Provisions and are provided without warranty as 48 described in the Simplified BSD License. 50 Table of Contents 52 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 53 1.1. Requirements Notation and Conventions . . . . . . . . . . 2 54 2. JOSE and COSE secp256k1 Curve Key Representations . . . . . . 2 55 3. ECDSA Signature with secp256k1 Curve . . . . . . . . . . . . 3 56 4. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 3 57 4.1. JSON Web Key Elliptic Curve Registration . . . . . . . . 3 58 4.2. JOSE Algorithm Registration . . . . . . . . . . . . . . . 3 59 4.3. COSE Elliptic Curves Registration . . . . . . . . . . . . 4 60 4.4. COSE Algorithm Registration . . . . . . . . . . . . . . . 4 61 5. Security Considerations . . . . . . . . . . . . . . . . . . . 4 62 6. References . . . . . . . . . . . . . . . . . . . . . . . . . 4 63 6.1. Normative References . . . . . . . . . . . . . . . . . . 4 64 6.2. Informative References . . . . . . . . . . . . . . . . . 5 65 Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . 6 66 Document History . . . . . . . . . . . . . . . . . . . . . . . . 6 67 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 6 69 1. Introduction 71 This specification defines algorithm encodings and representations 72 enabling the Standards for Efficient Cryptography Group (SECG) 73 elliptic curve "secp256k1" [SEC2] to be used for JSON Object Signing 74 and Encryption (JOSE) [RFC7515] and CBOR Object Signing and 75 Encryption (COSE) [RFC8152] messages. The elliptic curve and 76 associated algorithm are registered in appropriate IANA JOSE and COSE 77 registries. 79 1.1. Requirements Notation and Conventions 81 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 82 "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and 83 "OPTIONAL" in this document are to be interpreted as described in BCP 84 14 [RFC2119] [RFC8174] when, and only when, they appear in all 85 capitals, as shown here. 87 2. JOSE and COSE secp256k1 Curve Key Representations 89 The Standards for Efficient Cryptography Group (SECG) elliptic curve 90 "secp256k1" [SEC2] is represented in a JSON Web Key (JWK) [RFC7517] 91 using these values: 93 o "kty": "EC" 94 o "crv": "P-256K" 96 plus "x" and "y" values to represent the curve point for the key. 97 Other optional values such as "alg" MAY also be present. 99 It is represented in a COSE_Key [RFC8152] using these values: 101 o "kty" (1): "EC2" (2) 102 o "crv" (-1): "P-256K" (TBD - requested assignment 8) 104 plus "x" (-2) and "y" (-3) values to represent the curve point for 105 the key. Other optional values such as "alg" (3) MAY also be 106 present. 108 3. ECDSA Signature with secp256k1 Curve 110 The ECDSA signature algorithm is defined in [DSS]. Implementations 111 need to check that the key type is "EC" for JOSE or "EC2" (2) for 112 COSE when creating or verifying a signature. 114 The ECDSA algorithm specified in this document is: 116 +--------------+---------------------------+------------------------+ 117 | JOSE Alg | COSE Alg Value | Description | 118 | Name | | | 119 +--------------+---------------------------+------------------------+ 120 | ES256K | TBD (requested assignment | ECDSA w/ secp256k1 | 121 | | -43) | Curve | 122 +--------------+---------------------------+------------------------+ 124 Table 1: ECDSA Algorithm Values 126 4. IANA Considerations 128 4.1. JSON Web Key Elliptic Curve Registration 130 This section registers the following value in the IANA "JSON Web Key 131 Elliptic Curve" registry [IANA.JOSE.Curves]. 133 o Curve Name: P-256K 134 o Curve Description: SECG secp256k1 Curve 135 o JOSE Implementation Requirements: Optional 136 o Change Controller: IESG 137 o Specification Document(s): Section 2 of [[ this specification ]] 139 4.2. JOSE Algorithm Registration 141 This section registers the following value in the IANA "JSON Web 142 Signature and Encryption Algorithms" registry [IANA.JOSE.Algorithms]. 144 o Algorithm Name: ES256K 145 o Algorithm Description: ECDSA w/ secp256k1 Curve 146 o Algorithm Usage Locations: alg 147 o JOSE Implementation Requirements: Optional 148 o Change Controller: IESG 149 o Reference: Section 3 of [[ this specification ]] 150 o Algorithm Analysis Document(s): [SEC2] 152 4.3. COSE Elliptic Curves Registration 154 This section registers the following value in the IANA "COSE Elliptic 155 Curves" registry [IANA.COSE.Curves]. 157 o Name: P-256K 158 o Value: TBD (requested assignment 8) 159 o Key Type: EC2 160 o Description: SECG secp256k1 Curve 161 o Change Controller: IESG 162 o Reference: Section 2 of [[ this specification ]] 163 o Recommended: Yes 165 4.4. COSE Algorithm Registration 167 This section registers the following value in the IANA "COSE 168 Algorithms" registry [IANA.COSE.Algorithms]. 170 o Name: ES256K 171 o Value: TBD (requested assignment -43) 172 o Description: ECDSA w/ secp256k1 Curve 173 o Reference: Section 3 of this document 174 o Recommended: Yes 176 5. Security Considerations 178 Care should be taken that a secp256k1 key not be mistaken for a P-256 179 key, given that their representations are the same except for the 180 "crv" value. 182 The procedures and security considerations described in the [SEC1], 183 [SEC2], and [DSS] specifications apply to implementations of this 184 specification. 186 6. References 188 6.1. Normative References 190 [DSS] National Institute of Standards and Technology (NIST), 191 "Digital Signature Standard (DSS)", FIPS PUB 186-4, July 192 2013, . 195 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 196 Requirement Levels", BCP 14, RFC 2119, 197 DOI 10.17487/RFC2119, March 1997, 198 . 200 [RFC7515] Jones, M., Bradley, J., and N. Sakimura, "JSON Web 201 Signature (JWS)", RFC 7515, DOI 10.17487/RFC7515, May 202 2015, . 204 [RFC7517] Jones, M., "JSON Web Key (JWK)", RFC 7517, 205 DOI 10.17487/RFC7517, May 2015, 206 . 208 [RFC8152] Schaad, J., "CBOR Object Signing and Encryption (COSE)", 209 RFC 8152, DOI 10.17487/RFC8152, July 2017, 210 . 212 [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 213 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 214 May 2017, . 216 [SEC1] Standards for Efficient Cryptography Group, "SEC 1: 217 Elliptic Curve Cryptography", Version 2.0, May 2009, 218 . 220 [SEC2] Standards for Efficient Cryptography Group, "SEC 2: 221 Recommended Elliptic Curve Domain Parameters", 222 Version 2.0, January 2010, 223 . 225 6.2. Informative References 227 [IANA.COSE.Algorithms] 228 IANA, "COSE Algorithms", 229 . 232 [IANA.COSE.Curves] 233 IANA, "COSE Elliptic Curves", 234 . 237 [IANA.JOSE.Algorithms] 238 IANA, "JSON Web Signature and Encryption Algorithms", 239 . 242 [IANA.JOSE.Curves] 243 IANA, "JSON Web Key Elliptic Curve", 244 . 247 Acknowledgements 249 TBD 251 Document History 253 [[ to be removed by the RFC Editor before publication as an RFC ]] 255 -00 257 o Initial version. 259 Author's Address 261 Michael B. Jones 262 Microsoft 264 Email: mbj@microsoft.com 265 URI: http://self-issued.info/