COSE Header parameter for RFC 3161 Time-Stamp Tokens
draft-ietf-cose-tsa-tst-header-parameter-00

The information below is for an old version of the document.
Document Type
This is an older version of an Internet-Draft whose latest revision state is "Active".
Authors Henk Birkholz , Thomas Fossati , Maik Riechert
Last updated 2023-09-10
RFC stream Internet Engineering Task Force (IETF)
Formats
txt html xml htmlized bibtex bibxml
Reviews
SECDIR Telechat review (of -06) by Stefan Santesson Has issues
IOTDIR Telechat review (of -05) by Alexey Melnikov Ready
SECDIR Telechat review (of -05) by Stefan Santesson Serious issues
SECDIR Telechat review (of -04) by Stefan Santesson Serious issues
GENART IETF Last Call review (of -03) by Linda Dunbar Ready w/nits
OPSDIR IETF Last Call review (of -03) by Yingzhen Qu Ready
ARTART IETF Last Call review (of -03) by Shuping Peng Ready w/issues
Additional resources Mailing list discussion
Stream WG state WG Document
Associated WG milestone
Jun 2025
COSE header parameters for RFC 3161-based timestamping into COSE objects to IESG
Document shepherd (None)
IESG IESG state I-D Exists
Consensus boilerplate Unknown
Telechat date (None)
Responsible AD (None)
Send notices to (None)
Email authors Email WG IPR References Referenced by Nits Search email archive
draft-ietf-cose-tsa-tst-header-parameter-00 
COSE Working Group                                           H. Birkholz
Internet-Draft                                            Fraunhofer SIT
Intended status: Standards Track                              T. Fossati
Expires: 13 March 2024                                               arm
                                                             M. Riechert
                                                               Microsoft
                                                       10 September 2023

          COSE Header parameter for RFC 3161 Time-Stamp Tokens
              draft-ietf-cose-tsa-tst-header-parameter-00

Abstract

   RFC 3161 provides a method to time-stamp a message digest to prove
   that it was created before a given time.  This document defines how
   signatures of CBOR Signing And Encrypted (COSE) message structures
   can be time-stamped using RFC 3161 along with the needed header
   parameter to carry the corresponding time-stamp.

Status of This Memo

   This Internet-Draft is submitted in full conformance with the
   provisions of BCP 78 and BCP 79.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF).  Note that other groups may also distribute
   working documents as Internet-Drafts.  The list of current Internet-
   Drafts is at https://datatracker.ietf.org/drafts/current/.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   This Internet-Draft will expire on 13 March 2024.

Copyright Notice

   Copyright (c) 2023 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

Birkholz, et al.          Expires 13 March 2024                 [Page 1]
Internet-Draft                 TST Header                 September 2023

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents (https://trustee.ietf.org/
   license-info) in effect on the date of publication of this document.
   Please review these documents carefully, as they describe your rights
   and restrictions with respect to this document.  Code Components
   extracted from this document must include Revised BSD License text as
   described in Section 4.e of the Trust Legal Provisions and are
   provided without warranty as described in the Revised BSD License.

Table of Contents

   1.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . .   2
     1.1.  Requirements Notation . . . . . . . . . . . . . . . . . .   2
   2.  RFC 3161 Time-Stamp Tokens COSE Header Parameter  . . . . . .   2
   3.  Security Considerations . . . . . . . . . . . . . . . . . . .   3
   4.  IANA Considerations . . . . . . . . . . . . . . . . . . . . .   4
   5.  References  . . . . . . . . . . . . . . . . . . . . . . . . .   4
     5.1.  Normative References  . . . . . . . . . . . . . . . . . .   4
     5.2.  Informative References  . . . . . . . . . . . . . . . . .   4
   Authors' Addresses  . . . . . . . . . . . . . . . . . . . . . . .   4

1.  Introduction

   This document defines a new COSE [STD96] header parameter that
   carries the TST output of RFC 3161.

1.1.  Requirements Notation

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
   "OPTIONAL" in this document are to be interpreted as described in
   BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all
   capitals, as shown here.

2.  RFC 3161 Time-Stamp Tokens COSE Header Parameter

   The use of RFC 3161 Time-Stamp Tokens, often in combination with
   X.509 certificates, allows for an existing trust infrastructure to be
   used with COSE.

   The new COSE header parameter for carrying time-stamp tokens is
   defined as:

   *  Name: rfc3161-tst

   *  Label: TBD

   *  Value Type: bstr / [2*bstr]

Birkholz, et al.          Expires 13 March 2024                 [Page 2]
Internet-Draft                 TST Header                 September 2023

   *  Value Registry: none

   *  Description: One or more RFC 3161 time-stamp tokens.

   *  Reference: TBD

   FIXME(tho) The content of the byte string are the bytes of the DER-
   encoded RFC 3161 TimeStampToken structure.  FooFIXME matches the
   content of the equivalent header attribute defined in [RFC3161] for
   Cryptographic Message Syntax (CMS, see [STD70]) envelopes.

   A rfc3161-tst header parameter allows for a single time-stamp token
   or multiple time-stamp tokens to be carried in COSE header maps.  If
   a single time-stamp token is conveyed, it is placed in a CBOR byte
   string.  If multiple time-stamp tokens are conveyed, a CBOR array of
   two or more byte strings is used, with each time-stamp token being in
   its own byte string.

   Time-stamp tokens in this context are similar to a countersignature
   [RFC9338].  Therefore, the header parameter is included in the
   unprotected header of COSE envelopes.

   When sending a request to an RFC 3161 Time Stamping Authority (TSA,
   see [RFC3161]) to obtain a time-stamp token, the message imprint
   (Section 2.4 of [RFC3161]) of the request MUST be the hash of the
   signature field of the COSE envelope to be time-stamped.  The hash
   algorithm does not have to match the algorithm used for signing the
   COSE message.

   RFC 3161 time-stamp tokens use CMS as signature envelope format.
   [STD70] illustrates details of signature verification and [RFC3161]
   provides the details specific to time-stamp token validation.  The
   payload of the signed time-stamp token is a TSTInfo structure as
   defined in [RFC3161] and contains the message imprint that was sent
   to the TSA.  As part of validation of the COSE envelope, the message
   imprint MUST match the hash of the signature field of the time-
   stamped COSE envelope.  The hash algorithm is contained in the
   message imprint structure, together with the hash itself.

   WHY_ALWAYS_ME?(tho) Explicit guidance is illustrated in Appendix B of
   [RFC3161] via an example that shows how time-stamp tokens can be used
   during signature verification of a time-stamped message when using
   X.509 certificates.

3.  Security Considerations

   Similar security considerations as described in RFC 3161 as well as
   the security considerations of RFC 9338 apply.

Birkholz, et al.          Expires 13 March 2024                 [Page 3]
Internet-Draft                 TST Header                 September 2023

4.  IANA Considerations

   TBD

   IANA is requested to register the new COSE Header parameter described
   in section TBD in the "COSE Header Parameters" registry.

5.  References

5.1.  Normative References

   [RFC2119]  Bradner, S., "Key words for use in RFCs to Indicate
              Requirement Levels", BCP 14, RFC 2119,
              DOI 10.17487/RFC2119, March 1997,
              <https://doi.org/10.17487/RFC2119>.

   [RFC3161]  Adams, C., Cain, P., Pinkas, D., and R. Zuccherato,
              "Internet X.509 Public Key Infrastructure Time-Stamp
              Protocol (TSP)", RFC 3161, DOI 10.17487/RFC3161, August
              2001, <https://doi.org/10.17487/RFC3161>.

   [RFC8174]  Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC
              2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174,
              May 2017, <https://doi.org/10.17487/RFC8174>.

   [STD70]    Housley, R., "Cryptographic Message Syntax (CMS)", STD 70,
              RFC 5652, DOI 10.17487/RFC5652, September 2009,
              <https://doi.org/10.17487/RFC5652>.

   [STD96]    Schaad, J., "CBOR Object Signing and Encryption (COSE):
              Structures and Process", STD 96, RFC 9052,
              DOI 10.17487/RFC9052, August 2022,
              <https://doi.org/10.17487/RFC9052>.

5.2.  Informative References

   [RFC9338]  Schaad, J., "CBOR Object Signing and Encryption (COSE):
              Countersignatures", STD 96, RFC 9338,
              DOI 10.17487/RFC9338, December 2022,
              <https://doi.org/10.17487/RFC9338>.

Authors' Addresses

   Henk Birkholz
   Fraunhofer SIT
   Rheinstrasse 75
   64295 Darmstadt
   Germany

Birkholz, et al.          Expires 13 March 2024                 [Page 4]
Internet-Draft                 TST Header                 September 2023

   Email: henk.birkholz@sit.fraunhofer.de

   Thomas Fossati
   arm
   Email: Thomas.Fossati@arm.com

   Maik Riechert
   Microsoft
   United Kingdom
   Email: Maik.Riechert@microsoft.com

Birkholz, et al.          Expires 13 March 2024                 [Page 5]