Skip to main content

Minutes IETF104: cose
minutes-104-cose-01

Meeting Minutes CBOR Object Signing and Encryption (cose) WG
Title Minutes IETF104: cose
State Active
Other versions plain text
Last updated 2019-03-29

minutes-104-cose-01
COSE WG - 104
2019-03-16 @ 09:00 CET


Minute takers
-------------
Francesca Palombini


Action Items 
----------------------------

**81523bis-struct**
- [CHAIRS] One more Call for Consensus on Counter Signature context string
- [Jim Schaad] change countersignature type to [+COSE_Signature]
- [Jim Schaad] Move Counter Signatutres out of Appendix with next revision
- [Jim Schaad] Register CBOR Tag for countersignature
- [Jim Schaad] Fix canonicalization text in COSE Structure

**8152bis-algs** and **hash-algs**
- [CHAIRS] ask on mailing list on input for what new alg to add
- [CHAIRS + Jim Schaad] have a timeline about new alg by Montreal + clear with
  ADs
- [CHAIRS] WGLC of Hash algorithms pending new revision
- [Jim Schaad] clean up COSE Algorithms draft
- [Jim Schaad] make changes to Hash algorithms

**x509**
- [Jim Schaad] Submit next version of X509 as keys + bring the leftover issues
  to the mailing list

**webauthn-algs**
- [CHAIRS] send announcement of adoption of WebAuthn draft on list
- [CHAIRS] forward secp256k1 name discussion to JOSE mailing list
- [Mike Jones] submit adopted draft
- [Mike Jones] bring [secp256k1] compressed vs non-compressed points discussion
  to the mailing list

**hash-sig**
- [CHAIRS] Call WGLC on SUIT Hash Sign pending new revision
- [Russ Hously] submit new revision implementing updates listed in the
  presentation

**next steps**
- [CHAIRS] schedule interim meeting for May (coordinate with CBOR)
- [CHAIRS] lead organizing of official interop targeting Montreal



Agenda
------

0. Administrivia (Chairs) - 5 minutes
1. 8152bis issues (Jim Schaad) - 30 minutes
2. Hash Algorithms (Jim Schaad) - 15 minutes
3. X509 as Keys (Jim Schaad) - 30 minutes
4. WebAuthn Algorithms (Mike Jones) - 15 minutes
5. SUIT Hash Signatures (Russ Housley) - 5 minutes
6. Next Steps (Chairs) - 5 minutes
7. Open Mic


Minutes
------

0. Administrivia (Chairs) - 5 minutes
* everybody OK with agenda.

1. 8152bis issues (Jim Schaad) - 30 minutes

COSE Structure
* Countersignature type: no one objects to change type from "COSE_Signature /
  [+COSE_Signature]" to "[+COSE_Signature]"
* Countersignature0 context string: hum too close to call. AP chairs to make
  one more call on the list (fast).
* Countersignature out of the appendix
* Result of hum: register CBOR Tag for countersignature
* IANA section is the update from COSE
* keep downref to CBORbis that should be done soon
* canonicalization: Jim will check if pulling the minimal text from CBOR is OK,
  otherwise refer to CBORbis
* interop: need to do formal interop testing before Montreal. 
Brendan Moran: please clarify what the signature field contains
Roman: where to find these implementations? Jim: COSE github Carsten: plan to
  extend cbor.io to contain pointers
* going forward: AP all to send feedback on if anything isn't clear in the doc.

2. Hash (et al) Algorithms (Jim Schaad) - 15 minutes

COSE Algorithms
* AP Jim to clean up security considerations, grammar and spelling, check
  references to structure draft, specify protected + unprotected fields

New Algorithms
* AP all: if you want a new algorithm to be added, speak up on the list.
* AP: clear up with ADs on charter
* Goal: Have a timeline of what WG should be doing by Montreal

HASH Algorithms
* Jim proposal: add a column in the registry to say what not to use truncation
  for. (Seems it needs more discussion?)
* Jim to put an example of CDDL Digest in the doc (and check feedback
  afterward)
* AP Chairs: WGLC after Jim makes the changes discussed

3. X509 as Keys (Jim Schaad) - 30 minutes

* AP: continue discussion on the list on the issues presented
* AP Jim: submit next revision with cleanup

4. WebAuthn Algorithms (Mike Jones) - 15 minutes

* consensus in the WG to continue without ECDAA
* (I missed the title that was decided)
* AP Chairs: consult the JOSE list on curve identifier secp256k1
* AP: Discuss compressed vs non-compressed in the mailing list
* AP Chairs: to send announcement of wg adoption on the list

5. SUIT Hash Signatures (Russ Housley) - 5 minutes

* AP Russ: submit new revision with updates listed
* AP Chairs: WGLC pending new revision

6. Next Steps (Chairs) - 5 minutes

* AP Chairs: plan interim meeting in May
* AP Chairs: plan interop at IETF105

7. Open Mic