idnits 2.17.1 draft-selander-cose-kid-int-01.txt: -(3): Line appears to be too long, but this could be caused by non-ascii characters in UTF-8 encoding Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- == There are 3 instances of lines with non-ascii characters in the document. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (19 March 2022) is 769 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) -- Possible downref: Normative reference to a draft: ref. 'I-D.ietf-cose-rfc8152bis-struct' Summary: 0 errors (**), 0 flaws (~~), 2 warnings (==), 2 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group G. Selander 3 Internet-Draft J. Preuß Mattsson 4 Intended status: Standards Track Ericsson 5 Expires: 20 September 2022 19 March 2022 7 Integer value for the CBOR Object Signing and Encryption (COSE) key 8 identifier 9 draft-selander-cose-kid-int-01 11 Abstract 13 This document extends the CBOR Object Signing and Encryption (COSE) 14 parameter kid to CBOR integer values. 16 Status of This Memo 18 This Internet-Draft is submitted in full conformance with the 19 provisions of BCP 78 and BCP 79. 21 Internet-Drafts are working documents of the Internet Engineering 22 Task Force (IETF). Note that other groups may also distribute 23 working documents as Internet-Drafts. The list of current Internet- 24 Drafts is at https://datatracker.ietf.org/drafts/current/. 26 Internet-Drafts are draft documents valid for a maximum of six months 27 and may be updated, replaced, or obsoleted by other documents at any 28 time. It is inappropriate to use Internet-Drafts as reference 29 material or to cite them other than as "work in progress." 31 This Internet-Draft will expire on 20 September 2022. 33 Copyright Notice 35 Copyright (c) 2022 IETF Trust and the persons identified as the 36 document authors. All rights reserved. 38 This document is subject to BCP 78 and the IETF Trust's Legal 39 Provisions Relating to IETF Documents (https://trustee.ietf.org/ 40 license-info) in effect on the date of publication of this document. 41 Please review these documents carefully, as they describe your rights 42 and restrictions with respect to this document. Code Components 43 extracted from this document must include Revised BSD License text as 44 described in Section 4.e of the Trust Legal Provisions and are 45 provided without warranty as described in the Revised BSD License. 47 Table of Contents 49 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 50 2. Security Considerations . . . . . . . . . . . . . . . . . . . 3 51 3. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 3 52 3.1. COSE Header Parameters Registry . . . . . . . . . . . . . 3 53 3.2. COSE Key Common Parameters Registry . . . . . . . . . . . 3 54 3.3. CWT Confirmation Methods . . . . . . . . . . . . . . . . 3 55 4. References . . . . . . . . . . . . . . . . . . . . . . . . . 4 56 4.1. Normative References . . . . . . . . . . . . . . . . . . 4 57 4.2. Informative References . . . . . . . . . . . . . . . . . 4 58 Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . . . 5 59 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 5 61 1. Introduction 63 Many Internet of Things (IoT) deployments require technologies which 64 are highly performant in constrained environments [RFC7228]. The 65 connectivity for these settings may exhibit extremely restricted 66 bandwidth constraints, for which byte level optimizations are 67 motivated, see [I-D.ietf-lake-reqs]. 69 The use of CBOR [RFC8949] enables a compact encoding of protected 70 data as COSE objects [I-D.ietf-cose-rfc8152bis-struct], which is a 71 basic building block in various IoT security settings such as CWT 72 [RFC8392], OSCORE [RFC8613], and ACE-OAuth 73 [I-D.ietf-ace-oauth-authz]. COSE defines the key identifier 74 parameter kid used to identify keys used in the COSE object. 76 The value of the kid parameter is specified to be encoded as a CBOR 77 byte string, which (with the exception of the empty string) requires 78 at least two bytes on the wire. For comparison, CBOR encoding of 79 small integers (-24, ..., 23) need only one byte on the wire. Since 80 many IoT deployments may use local identifiers for which a few unique 81 identifiers are sufficient, the use of CBOR integers as key 82 identifiers would reduce the overhead due to transport of COSE 83 objects. 85 This specification amends this limitation by extending the COSE 86 parameter kid to allow CBOR integer values. kid is used in different 87 instances, which all need to be extended to CBOR int encoding: 89 * The kid COSE header parameter, see Section 3.1. 91 * The kid COSE Key Common Parameter, see Section 3.2. 93 * The kid CWT Confirmation Method, see Section 3.3. 95 2. Security Considerations 97 There are no additional security considerations compared to key 98 identifiers to being byte strings. 100 3. IANA Considerations 102 3.1. COSE Header Parameters Registry 104 IANA has extended the Value Type of kid in the "COSE Header 105 Parameters" registry under the group name "CBOR Object Signing and 106 Encryption (COSE)" to also allow the Value Type int. The resulting 107 Value Type is bstr / int. The Value Registry for this item is empty 108 and omitted from the table below. 110 +------+-------+------------+----------------+ 111 | Name | Label | Value Type | Description | 112 +------+-------+------------+----------------+ 113 | kid | 4 | bstr / int | Key identifier | 114 +------+-------+------------+----------------+ 116 3.2. COSE Key Common Parameters Registry 118 IANA has extended the Value Type of kid in the "COSE Key Common 119 Parameters" registry under the group name "CBOR Object Signing and 120 Encryption (COSE)" to also allow the Value Type int. The resulting 121 Value Type is bstr / int. The Value Registry for this item is empty 122 and omitted from the table below. 124 +------+-------+------------+---------------------------+ 125 | Name | Label | Value Type | Description | 126 +------+-------+------------+---------------------------+ 127 | kid | 2 | bstr / int | Key identification value | 128 | | | | - match to kid in message | 129 +------+-------+------------+---------------------------+ 131 3.3. CWT Confirmation Methods 133 IANA has extended the Value Type of kid in the "CWT Confirmation 134 Methods" registry under the group name "CBOR Web Token (CWT) Claims" 135 to also allow the Value Type int. The resulting Value Type is bstr / 136 int. The Value Registry for this item is empty and omitted from the 137 table below. 139 +------+-------+------------+---------------------------+ 140 | Name | Label | Value Type | Description | 141 +------+-------+------------+---------------------------+ 142 | kid | 3 | bstr / int | Key identification value | 143 | | | | - match to kid in message | 144 +------+-------+------------+---------------------------+ 146 4. References 148 4.1. Normative References 150 [I-D.ietf-cose-rfc8152bis-struct] 151 Schaad, J., "CBOR Object Signing and Encryption (COSE): 152 Structures and Process", Work in Progress, Internet-Draft, 153 draft-ietf-cose-rfc8152bis-struct-15, 1 February 2021, 154 . 157 [RFC8949] Bormann, C. and P. Hoffman, "Concise Binary Object 158 Representation (CBOR)", STD 94, RFC 8949, 159 DOI 10.17487/RFC8949, December 2020, 160 . 162 4.2. Informative References 164 [I-D.ietf-ace-oauth-authz] 165 Seitz, L., Selander, G., Wahlstroem, E., Erdtman, S., and 166 H. Tschofenig, "Authentication and Authorization for 167 Constrained Environments (ACE) using the OAuth 2.0 168 Framework (ACE-OAuth)", Work in Progress, Internet-Draft, 169 draft-ietf-ace-oauth-authz-46, 8 November 2021, 170 . 173 [I-D.ietf-lake-reqs] 174 Vucinic, M., Selander, G., Mattsson, J. P., and D. Garcia- 175 Carrillo, "Requirements for a Lightweight AKE for OSCORE", 176 Work in Progress, Internet-Draft, draft-ietf-lake-reqs-04, 177 8 June 2020, . 180 [RFC7228] Bormann, C., Ersue, M., and A. Keranen, "Terminology for 181 Constrained-Node Networks", RFC 7228, 182 DOI 10.17487/RFC7228, May 2014, 183 . 185 [RFC8392] Jones, M., Wahlstroem, E., Erdtman, S., and H. Tschofenig, 186 "CBOR Web Token (CWT)", RFC 8392, DOI 10.17487/RFC8392, 187 May 2018, . 189 [RFC8613] Selander, G., Mattsson, J., Palombini, F., and L. Seitz, 190 "Object Security for Constrained RESTful Environments 191 (OSCORE)", RFC 8613, DOI 10.17487/RFC8613, July 2019, 192 . 194 Acknowledgments 196 Authors' Addresses 198 Göran Selander 199 Ericsson AB 200 SE-164 80 Stockholm 201 Sweden 202 Email: goran.selander@ericsson.com 204 John Preuß Mattsson 205 Ericsson AB 206 SE-164 80 Stockholm 207 Sweden 208 Email: john.mattsson@ericsson.com