Skip to main content

Minutes interim-2020-cose-04: Wed 16:00
minutes-interim-2020-cose-04-202009231600-00

Meeting Minutes CBOR Object Signing and Encryption (cose) WG
Title Minutes interim-2020-cose-04: Wed 16:00
State Active
Other versions plain text
Last updated 2020-10-01

minutes-interim-2020-cose-04-202009231600-00
# COSE Virtual Interim

## Connection details

* Date: September 23, 2020
* Time: 09-10 Pacific, 18:00 CET:
  https://www.worldtimebuddy.com/?qm=1&lid=8,12,100&h=8&date=2020-9-23&sln=9-10
* Webex recording: https://www.youtube.com/watch?v=THXFA4Ma3gE

## Attendees

1. Ivaylo Petrov, Google
2. Matthew Miller
3. Jim Schaad, August Cellars
4. Francesca Palombini, Ericsson
5. Marco Tiloca, RISE
6. Peter Yee, AKAYLA
7. Ben Kaduk, Akamai
8. Shahid Raza. RISE
9. Jonathan Hammell, Canadian Centre for Cyber Security
10. Michael Richardson (MCR), Sandelman Software Works Inc
11. John Mattsson
12. Henk Birkholz
13. Goran Selander

## Action Items

* Jim to update rfc8152bis-struct doc
* Chairs to sync with Ben and Barry for IETF LC of rfc8152bis-struct
* Goran/John/Henk to propose new text for the charter
* Coordinate with TLS?
* Chairs: schedule IETF 109 meeting
* Chairs: schedule a new virtual interim for October - the same time.

## Minutes

### 0. Administrivia (Chairs) - 5 minutes

* Note well
* Note taker(s):
* Jabber Scribe: Ivaylo Petrov
* Attendees recording
* Agenda bashing

### 1. Discuss documents remaining changes

Discuss remaining issues with documents

* rfc8152bis-struct
  Jim Posted text waiting for Ben to respond.
  Ben - couple of small questions in just posted message
  - externally supplied data not application supplied data - need to update.
  No other comments forth coming.
  Jim to update the document perhaps after a couple of mails with Ben
* any other document
* Discussing if there should be a LC
  - Ben: WGLC might not be needed
  - Matt: Another IETF LC
* X509 document - currently in last call
  - Should see more reviews in the next couple of weeks.

### 2. Charter
https://github.com/cose-wg/Charter/blob/master/Charter.md

Matt - summary of work issues that are currently permitted and planned for.
Ask for people who have read the proposed text from Jim
John - Several comments - refers to outdated drafts for the Certificate work.
Only refers to RFC 7925 - Needs to be looser on that.  May be some things that
can be skipped - subset of RFC 7925 UTA now working on a bis document as well.
Discussion in LAKE and 6tish is that IEEE certificate profile is important. 
Charter should allow for that work to be done as well. Several comments about
supporting native on the list as well. Goren - Input from Henk, Laurence and
others.  Did not support the format.  Could do something more directly in CBOR
structure.  Eliminate the need for ASN.1 encoding/decoding. Henk - On RFC 7925
- balance between what can compress and what is excluded from compression. 
Example is text encoding with different string types. Jim - Existing charter
excludes any binding of keys and identities. Ben - Yes for Native.  Should be
OK for compression work. Matt - how critical is native certificates? Goren -
dual stack is not a good situation for IoT.  More of a migration path for
larger devices.  Native is much better for constrained env. Compression format
need to decompress prior to doing ASN.1 work. Henk - certificates frequently
used to carry stuff that is not identity/key binding.  Things that are more
claims with short lived lifetimes. Goren, et. al. - to provide some updated
text for the charter about what they are asking for. John - should coordinate
with TLS FP: Timeline? Matt: Was blocked on the current document set.  Looking
for updated text and possibly a new checkpoint 3-4 weeks to see where we are
at. Henk: Are we aiming for IETF to have a more solid proposal or is this not
tied to that? Matt: Good goal would be to have ready for the F2F meeting.

### 3. Countersignature feedback

Only one mail thread to date from Jim
Does not seem to be an issue that the WG thinks needs to be addressed.
Call for Reviewers:  MCR, FP, MM,

### 4. AOB

Matt: Meeting for the next F2F session.
Some feedback about not doing it.
Having a series of interims is going to be necessary in any event (MM opinion)
independent of F2F meetings. FP: Get more people looking in during the F2F
meeting which may be worth it in itself. Matt: WG gets things done with
meetings, agrees doing the IETF aligned meetings gets more people. Henk - would
support the F2F meeting. Matt: At a minimum the agenda would include finalizing
the charter.

Matt: How often to do more interiums
Jim : MCR on jabber suggested once per month
Matt:  Any objections to that - Chairs will talk about it and try to get
interims through IETF 110 plus a F2F meeting. Chairs will send a note to the
list on this.

Looked at John's suggested change to the charter and no objections were raised.