CBOR Object Signing and Encryption (COSE): Countersignatures
draft-ietf-cose-countersign-02
Document Type Active Internet-Draft (cose WG)
Authors Jim Schaad  , Russ Housley 
Last updated 2020-12-16
Stream IETF
Intended RFC status (None)
Formats plain text html xml pdf htmlized (tools) htmlized bibtex
Stream WG state WG Document
Document shepherd No shepherd assigned
IESG IESG state I-D Exists
Consensus Boilerplate Unknown
Telechat date
Responsible AD (None)
Send notices to (None)
Email authors Email WG IPR References Referenced by Nits 
COSE Working Group                                             J. Schaad
Internet-Draft                                            August Cellars
Intended status: Standards Track                         R. Housley, Ed.
Expires: 19 June 2021                                     Vigil Security
                                                        16 December 2020

      CBOR Object Signing and Encryption (COSE): Countersignatures
                     draft-ietf-cose-countersign-02

Abstract

   Concise Binary Object Representation (CBOR) is a data format designed
   for small code size and small message size.  CBOR Object Signing and
   Encryption (COSE) defines a set of security services for CBOR.  This
   document defines a countersignature algorithm along with the needed
   header parameters and CBOR tags for COSE.

Contributing to this document

   This note is to be removed before publishing as an RFC.

   The source for this draft is being maintained in GitHub.  Suggested
   changes should be submitted as pull requests at https://github.com/
   cose-wg/countersign.  Instructions are on that page as well.
   Editorial changes can be managed in GitHub, but any substantial
   issues need to be discussed on the COSE mailing list.

Status of This Memo

   This Internet-Draft is submitted in full conformance with the
   provisions of BCP 78 and BCP 79.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF).  Note that other groups may also distribute
   working documents as Internet-Drafts.  The list of current Internet-
   Drafts is at https://datatracker.ietf.org/drafts/current/.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   This Internet-Draft will expire on 19 June 2021.

Schaad & Housley          Expires 19 June 2021                  [Page 1]
Internet-Draft               COSE Structure                December 2020

Copyright Notice

   Copyright (c) 2020 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents (https://trustee.ietf.org/
   license-info) in effect on the date of publication of this document.
   Please review these documents carefully, as they describe your rights
   and restrictions with respect to this document.  Code Components
   extracted from this document must include Simplified BSD License text
   as described in Section 4.e of the Trust Legal Provisions and are
   provided without warranty as described in the Simplified BSD License.

Table of Contents

   1.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . .   3
     1.1.  Requirements Terminology  . . . . . . . . . . . . . . . .   4
     1.2.  CBOR Grammar  . . . . . . . . . . . . . . . . . . . . . .   4
     1.3.  Document Terminology  . . . . . . . . . . . . . . . . . .   4
   2.  Countersignature Header Parameters  . . . . . . . . . . . . .   5
   3.  Version 2 Countersignatures . . . . . . . . . . . . . . . . .   6
     3.1.  Full Countersignatures  . . . . . . . . . . . . . . . . .   7
     3.2.  Abbreviated Countersignatures . . . . . . . . . . . . . .   8
     3.3.  Signing and Verification Process  . . . . . . . . . . . .   8
   4.  CBOR Encoding Restrictions  . . . . . . . . . . . . . . . . .  10
   5.  IANA Considerations . . . . . . . . . . . . . . . . . . . . .  10
     5.1.  CBOR Tag Assignment . . . . . . . . . . . . . . . . . . .  10
     5.2.  COSE Header Parameters Registry . . . . . . . . . . . . .  11
   6.  Security Considerations . . . . . . . . . . . . . . . . . . .  11
   7.  Implementation Status . . . . . . . . . . . . . . . . . . . .  13
     7.1.  Author's Versions . . . . . . . . . . . . . . . . . . . .  13
     7.2.  COSE Testing Library  . . . . . . . . . . . . . . . . . .  14
   8.  References  . . . . . . . . . . . . . . . . . . . . . . . . .  14
     8.1.  Normative References  . . . . . . . . . . . . . . . . . .  14
     8.2.  Informative References  . . . . . . . . . . . . . . . . .  15
   Appendix A.  Examples . . . . . . . . . . . . . . . . . . . . . .  16
     A.1.  Use of Early Code Points  . . . . . . . . . . . . . . . .  17
     A.2.  Examples of Signed Messages . . . . . . . . . . . . . . .  17
       A.2.1.  Countersignature  . . . . . . . . . . . . . . . . . .  17
     A.3.  Examples of Signed1 Messages  . . . . . . . . . . . . . .  18
       A.3.1.  Countersignature  . . . . . . . . . . . . . . . . . .  18
     A.4.  Examples of Enveloped Messages  . . . . . . . . . . . . .  19
       A.4.1.  Countersignature on Encrypted Content . . . . . . . .  19
     A.5.  Examples of Encrypted Messages  . . . . . . . . . . . . .  20
       A.5.1.  Countersignature on Encrypted Content . . . . . . . .  21
Show full document text
RFC Editor IASA & IETF LLC IETF Trust IRTF IETF IESG IAB IANA Privacy Statement IETF Tools