Using RSA Algorithms with CBOR Object Signing and Encryption (COSE) Messages
draft-jones-cose-rsa-05
Revision differences
Document history
Date | Rev. | By | Action |
---|---|---|---|
2017-08-25
|
05 | (System) | RFC Editor state changed to AUTH48-DONE from AUTH48 |
2017-08-14
|
05 | (System) | RFC Editor state changed to AUTH48 from RFC-EDITOR |
2017-08-01
|
05 | Gunter Van de Velde | Closed request for Last Call review by OPSDIR with state 'No Response' |
2017-07-26
|
05 | (System) | RFC Editor state changed to RFC-EDITOR from EDIT |
2017-07-18
|
05 | (System) | IANA Action state changed to RFC-Ed-Ack from Waiting on RFC Editor |
2017-07-18
|
05 | (System) | IANA Action state changed to Waiting on RFC Editor from Waiting on Authors |
2017-07-17
|
05 | (System) | IANA Action state changed to Waiting on Authors from In Progress |
2017-07-17
|
05 | (System) | IANA Action state changed to In Progress from Waiting on ADs |
2017-07-14
|
05 | (System) | IANA Action state changed to Waiting on ADs from On Hold |
2017-07-14
|
05 | (System) | IANA Action state changed to On Hold from In Progress |
2017-07-14
|
05 | (System) | IANA Action state changed to In Progress |
2017-07-14
|
05 | (System) | RFC Editor state changed to EDIT |
2017-07-14
|
05 | (System) | IESG state changed to RFC Ed Queue from Approved-announcement sent |
2017-07-14
|
05 | (System) | Announcement was received by RFC Editor |
2017-07-14
|
05 | Amy Vezza | IESG state changed to Approved-announcement sent from Approved-announcement to be sent::Revised I-D Needed |
2017-07-14
|
05 | Amy Vezza | IESG has approved the document |
2017-07-14
|
05 | Amy Vezza | Closed "Approve" ballot |
2017-07-14
|
05 | Amy Vezza | Ballot approval text was generated |
2017-06-22
|
05 | Cindy Morgan | IESG state changed to Approved-announcement to be sent::Revised I-D Needed from IESG Evaluation |
2017-06-22
|
05 | (System) | IANA Review state changed to Version Changed - Review Needed from IANA - Not OK |
2017-06-22
|
05 | Michael Jones | New version available: draft-jones-cose-rsa-05.txt |
2017-06-22
|
05 | (System) | New version approved |
2017-06-22
|
05 | (System) | Request for posting confirmation emailed to previous authors: Michael Jones |
2017-06-22
|
05 | Michael Jones | Uploaded new revision |
2017-06-22
|
04 | Warren Kumari | [Ballot Position Update] New position, No Objection, has been recorded for Warren Kumari |
2017-06-21
|
04 | Alia Atlas | [Ballot Position Update] New position, No Objection, has been recorded for Alia Atlas |
2017-06-21
|
04 | Ben Campbell | [Ballot Position Update] Position for Ben Campbell has been changed to No Objection from No Record |
2017-06-21
|
04 | Ben Campbell | [Ballot comment] 6.1: I wonder if "highly recommended" in paragraph 2 and "should not be used" in paragraph 3 warrant 2119 keywords. 6.3, paragraph 2: … [Ballot comment] 6.1: I wonder if "highly recommended" in paragraph 2 and "should not be used" in paragraph 3 warrant 2119 keywords. 6.3, paragraph 2: I wonder the same about "Keys used with RSAES-OAEP must follow the constraints...". But it's not clear to me whether this creates a new requirement to follow the constraints in 3447, or it it just references an existing requirement from 3447. |
2017-06-21
|
04 | Ben Campbell | Ballot comment text updated for Ben Campbell |
2017-06-21
|
04 | Benoît Claise | [Ballot Position Update] New position, No Objection, has been recorded for Benoit Claise |
2017-06-20
|
04 | Terry Manderson | [Ballot Position Update] New position, No Objection, has been recorded for Terry Manderson |
2017-06-20
|
04 | Alissa Cooper | [Ballot Position Update] New position, No Objection, has been recorded for Alissa Cooper |
2017-06-20
|
04 | Alexey Melnikov | [Ballot Position Update] New position, No Objection, has been recorded for Alexey Melnikov |
2017-06-20
|
04 | Deborah Brungard | [Ballot Position Update] New position, No Objection, has been recorded for Deborah Brungard |
2017-06-19
|
04 | Alvaro Retana | [Ballot Position Update] New position, No Objection, has been recorded for Alvaro Retana |
2017-06-19
|
04 | Adam Roach | [Ballot comment] The "must" and "must not" in the final paragraph of section 6.3 seem normative in their intention (and are presumably why [Boneh99] is … [Ballot comment] The "must" and "must not" in the final paragraph of section 6.3 seem normative in their intention (and are presumably why [Boneh99] is listed as "normative" rather than "informative" in the references section). Given that the document is using 2119 language elsewhere, I would suggest capitalizing them for avoidance of doubt. Please fix this nit: ** Obsolete normative reference: RFC 3447 |
2017-06-19
|
04 | Adam Roach | [Ballot Position Update] New position, No Objection, has been recorded for Adam Roach |
2017-06-19
|
04 | Spencer Dawkins | [Ballot Position Update] New position, No Objection, has been recorded for Spencer Dawkins |
2017-06-19
|
04 | Eric Rescorla | [Ballot comment] This document seems sound overall. A few points which I believe would improve it. - The Private Key format seems like a straight … [Ballot comment] This document seems sound overall. A few points which I believe would improve it. - The Private Key format seems like a straight translation of RFC 8017's RSAPrivateKey but the explanation of the various parameters in 8017 is a lot clearer. E.g., "exponent1 is d mod (p - 1)." versus "first factor CRT Exponent" I would advice making the direct connection to 8017 and adopting their descriptions. - Is it really wise to be standardizing RSA-OAEP with SHA-1 at this point? I'm not claiming that there is a real attack, but we are generally trying to not do anything new with SHA-1. " value 32,768 is represented as the CBOR byte sequence 0b010_00010 (major type 2, additional information 2 for the length), 0x80 0x00." I found this text hard to follow. I believe it would be improved by putting the parenthetical at the end rather than in the middle. - S 6.3. Rather than just saying "low" you should specify exactly which ones you mean. |
2017-06-19
|
04 | Eric Rescorla | [Ballot Position Update] New position, No Objection, has been recorded for Eric Rescorla |
2017-06-19
|
04 | (System) | IANA Review state changed to IANA - Not OK from Version Changed - Review Needed |
2017-06-19
|
04 | Suresh Krishnan | [Ballot Position Update] New position, No Objection, has been recorded for Suresh Krishnan |
2017-06-16
|
04 | Mirja Kühlewind | [Ballot Position Update] New position, No Objection, has been recorded for Mirja Kühlewind |
2017-06-16
|
04 | Kathleen Moriarty | IESG state changed to IESG Evaluation from Waiting for AD Go-Ahead |
2017-06-16
|
04 | Kathleen Moriarty | Ballot has been issued |
2017-06-16
|
04 | Kathleen Moriarty | [Ballot Position Update] New position, Yes, has been recorded for Kathleen Moriarty |
2017-06-16
|
04 | Kathleen Moriarty | Created "Approve" ballot |
2017-06-15
|
04 | (System) | IANA Review state changed to Version Changed - Review Needed from IANA - Not OK |
2017-06-15
|
04 | Michael Jones | New version available: draft-jones-cose-rsa-04.txt |
2017-06-15
|
04 | (System) | New version approved |
2017-06-15
|
04 | (System) | Request for posting confirmation emailed to previous authors: Michael Jones |
2017-06-15
|
04 | Michael Jones | Uploaded new revision |
2017-06-15
|
03 | (System) | IANA Review state changed to IANA - Not OK from IANA - Review Needed |
2017-06-15
|
03 | Sabrina Tanamal | (Via drafts-lastcall@iana.org): IESG/Authors/WG Chairs: The IANA Services Operator has completed its review of draft-jones-cose-rsa-02.txt. If any part of this review is inaccurate, please let … (Via drafts-lastcall@iana.org): IESG/Authors/WG Chairs: The IANA Services Operator has completed its review of draft-jones-cose-rsa-02.txt. If any part of this review is inaccurate, please let us know. The IANA Services Operator understands that, upon approval of this document, there are three actions which we must complete. First, in the COSE Algorithms registry on the CBOR Object Signing and Encryption (COSE) registry page, the following six algorithms are to be registered: +-------------------------------+-------+---------+-----------------+------------+ | Name | Value | Hash | Description | Reference |+-------------------------------+-------+---------+-----------------+------------+ | PS256 | -37 | SHA-256 | RSASSA-PSS w/ | [RFC-to-be]| | | | | SHA-256 | | | PS384 | -38 | SHA-384 | RSASSA-PSS w/ | [RFC-to-be]| | | | | SHA-384 | | | PS512 | -39 | SHA-512 | RSASSA-PSS w/ | [RFC-to-be]| | | | | SHA-512 | | | RSAES-OAEP w/ RFC 3447 | -40 | SHA-1 | RSAES OAEP w/ | [RFC-to-be]| | default parameters | | | SHA-1 | | | RSAES-OAEP w/ SHA-256 | -41 | SHA-256 | RSAES OAEP w/ | [RFC-to-be]| | | | | SHA-256 | | | RSAES-OAEP w/ SHA-512 | -42 | SHA-512 | RSAES OAEP w/ | [RFC-to-be]| | | | | SHA-512 | | +-------------------------------+-------+---------+-----------------+------------+ Because this registry requires Expert Review [RFC5226] for registration, we've contacted the IESG-designated expert in a separate ticket to request approval. Expert review should be completed before your document can be approved for publication as an RFC. Second, in the COSE Key Type registry also on the CBOR Object Signing and Encryption (COSE) registry page, the following value is to be registered: Name: RSA Value: 3 Description: RSA Key Reference: [ RFC-to-be ] Because this registry also requires Expert Review [RFC5226] for registration, we've contacted the IESG-designated expert in a separate ticket to request approval. Expert review should be completed before your document can be approved for publication as an RFC. Third, in the COSE Key Type Parameters registry also on the CBOR Object Signing and Encryption (COSE) registry page, the following value is to be registered: [ each new registration will have a reference of [ RFC-to-be ]]. +-------+----------+-------+-------+--------------------------------+ | Name | Key Type | Value | Type | Description | +-------+----------+-------+-------+--------------------------------+ | n | 3 | -1 | bstr | Modulus Parameter | | e | 3 | -2 | bstr | Exponent Parameter | | d | 3 | -3 | bstr | Private Exponent Parameter | | p | 3 | -4 | bstr | First Prime Factor | | q | 3 | -5 | bstr | Second Prime Factor | | dP | 3 | -6 | bstr | First Factor CRT Exponent | | dQ | 3 | -7 | bstr | Second Factor CRT Exponent | | qInv | 3 | -8 | bstr | First CRT Coefficient | | other | 3 | -9 | array | Other Primes Info | | r_i | 3 | -10 | bstr | i-th factor, Prime Factor | | d_i | 3 | -11 | bstr | i-th factor, Factor CRT | | | | | | Exponent | | t_i | 3 | -12 | bstr | i-th factor, Factor CRT | | | | | | Coefficient | +-------+----------+-------+-------+--------------------------------+ Because this registry also requires Expert Review [RFC5226] for registration, we've contacted the IESG-designated expert in a separate ticket to request approval. Expert review should be completed before your document can be approved for publication as an RFC. The IANA Services Operator understands that these three actions are the only ones required to be completed upon approval of this document. Note: The actions requested in this document will not be completed until the document has been approved for publication as an RFC. This message is only to confirm what actions will be performed. Thank you, Sabrina Tanamal IANA Services Specialist PTI |
2017-06-15
|
03 | (System) | IESG state changed to Waiting for AD Go-Ahead from In Last Call |
2017-06-13
|
03 | Kathleen Moriarty | Ballot writeup was changed |
2017-06-02
|
03 | Tero Kivinen | Request for Last Call review by SECDIR Completed: Has Issues. Reviewer: Stephen Kent. |
2017-05-26
|
03 | Tero Kivinen | Request for Last Call review by SECDIR is assigned to Stephen Kent |
2017-05-26
|
03 | Tero Kivinen | Request for Last Call review by SECDIR is assigned to Stephen Kent |
2017-05-22
|
03 | Gunter Van de Velde | Request for Last Call review by OPSDIR is assigned to Tim Wicinski |
2017-05-22
|
03 | Gunter Van de Velde | Request for Last Call review by OPSDIR is assigned to Tim Wicinski |
2017-05-21
|
03 | Roni Even | Request for Telechat review by GENART Completed: Ready with Nits. Reviewer: Roni Even. Sent review to list. |
2017-05-18
|
03 | Michael Jones | New version available: draft-jones-cose-rsa-03.txt |
2017-05-18
|
03 | (System) | New version approved |
2017-05-18
|
03 | (System) | Request for posting confirmation emailed to previous authors: Michael Jones |
2017-05-18
|
03 | Michael Jones | Uploaded new revision |
2017-05-18
|
02 | Amy Vezza | IANA Review state changed to IANA - Review Needed |
2017-05-18
|
02 | Amy Vezza | The following Last Call announcement was sent out: From: The IESG To: IETF-Announce CC: rsalz@akamai.com, Kathleen.Moriarty.ietf@gmail.com, draft-jones-cose-rsa@ietf.org Reply-To: ietf@ietf.org Sender: Subject: Last Call: … The following Last Call announcement was sent out: From: The IESG To: IETF-Announce CC: rsalz@akamai.com, Kathleen.Moriarty.ietf@gmail.com, draft-jones-cose-rsa@ietf.org Reply-To: ietf@ietf.org Sender: Subject: Last Call: (Using RSA Algorithms with COSE Messages) to Proposed Standard The IESG has received a request from an individual submitter to consider the following document: - 'Using RSA Algorithms with COSE Messages' as Proposed Standard The IESG plans to make a decision in the next few weeks, and solicits final comments on this action. Please send substantive comments to the ietf@ietf.org mailing lists by 2017-06-15. Exceptionally, comments may be sent to iesg@ietf.org instead. In either case, please retain the beginning of the Subject line to allow automated sorting. Abstract The CBOR Object Signing and Encryption (COSE) specification defines cryptographic message encodings using Concise Binary Object Representation (CBOR). This specification defines algorithm encodings and representations enabling RSA algorithms to be used for COSE messages. Encodings for the use of RSASSA-PSS signatures, RSAES-OAEP encryption, and RSA keys are specified. The file can be obtained via https://datatracker.ietf.org/doc/draft-jones-cose-rsa/ IESG discussion can be tracked via https://datatracker.ietf.org/doc/draft-jones-cose-rsa/ballot/ No IPR declarations have been submitted directly on this I-D. |
2017-05-18
|
02 | Amy Vezza | IESG state changed to In Last Call from Last Call Requested |
2017-05-18
|
02 | Jean Mahoney | Request for Telechat review by GENART is assigned to Roni Even |
2017-05-18
|
02 | Jean Mahoney | Request for Telechat review by GENART is assigned to Roni Even |
2017-05-18
|
02 | Kathleen Moriarty | Placed on agenda for telechat - 2017-06-22 |
2017-05-18
|
02 | Kathleen Moriarty | Last call was requested |
2017-05-18
|
02 | Kathleen Moriarty | Ballot approval text was generated |
2017-05-18
|
02 | Kathleen Moriarty | Ballot writeup was generated |
2017-05-18
|
02 | Kathleen Moriarty | IESG state changed to Last Call Requested from Publication Requested |
2017-05-18
|
02 | Kathleen Moriarty | Last call announcement was generated |
2017-05-18
|
02 | Kathleen Moriarty | IESG process started in state Publication Requested |
2017-05-03
|
02 | Rich Salz | Changed document writeup |
2017-05-02
|
02 | Kathleen Moriarty | Notification list changed to Rich Salz <rsalz@akamai.com> |
2017-05-02
|
02 | Kathleen Moriarty | Document shepherd changed to Rich Salz |
2017-05-02
|
02 | Kathleen Moriarty | Shepherding AD changed to Kathleen Moriarty |
2017-05-02
|
02 | Kathleen Moriarty | Changed consensus to Yes from Unknown |
2017-05-02
|
02 | Kathleen Moriarty | Intended Status changed to Proposed Standard from None |
2017-05-02
|
02 | Kathleen Moriarty | Stream changed to IETF from None |
2017-03-09
|
02 | Michael Jones | New version available: draft-jones-cose-rsa-02.txt |
2017-03-09
|
02 | (System) | New version approved |
2017-03-09
|
02 | (System) | Request for posting confirmation emailed to previous authors: Michael Jones |
2017-03-09
|
02 | Michael Jones | Uploaded new revision |
2016-12-31
|
01 | Michael Jones | New version available: draft-jones-cose-rsa-01.txt |
2016-12-31
|
01 | (System) | New version approved |
2016-12-31
|
01 | (System) | Request for posting confirmation emailed to previous authors: "Michael Jones" |
2016-12-31
|
01 | Michael Jones | Uploaded new revision |
2016-10-06
|
00 | (System) | Document has expired |
2016-04-04
|
00 | Michael Jones | New version available: draft-jones-cose-rsa-00.txt |