Re: [COSE] Newly Submitted Draft - CBOR Web Token (CWT) Claims in COSE Headers

[Hannes Tschofenig]

Hi Mike,

maybe you can give examples of where this feature is used in JWTs, which would 
explain why you want to have it in CWTs as well.

Ciao
Hannes

From: Mike Jones <michael.jo...@microsoft.com>
Sent: Thursday, March 3, 2022 6:02 PM
To: Hannes Tschofenig <hannes.tschofe...@arm.com>; Anders Rundgren 
<anders.rundgren....@gmail.com>; Laurence Lundblade <l...@island-resort.com>
Cc: Tobias Looker <tobias.looker@mattr.global>; cose@ietf.org
Subject: RE: [COSE] Newly Submitted Draft - CBOR Web Token (CWT) Claims in COSE 
Headers

We are *definitely* not attempting to change anything about COSE message 
processing, including how encryption is done.  We are defining an additional 
header parameter that can be used – that’s it.

                                                       -- Mike

From: Hannes Tschofenig 
<hannes.tschofe...@arm.com<mailto:hannes.tschofe...@arm.com>>
Sent: Thursday, March 3, 2022 1:45 AM
To: Anders Rundgren 
<anders.rundgren....@gmail.com<mailto:anders.rundgren....@gmail.com>>; Laurence 
Lundblade <l...@island-resort.com<mailto:l...@island-resort.com>>; Mike Jones 
<michael.jo...@microsoft.com<mailto:michael.jo...@microsoft.com>>
Cc: Tobias Looker 
<tobias.looker@mattr.global<mailto:tobias.looker@mattr.global>>; 
cose@ietf.org<mailto:cose@ietf.org>
Subject: RE: [COSE] Newly Submitted Draft - CBOR Web Token (CWT) Claims in COSE 
Headers

Hi Anders,

Thanks for jumping in.

The example you provide below is actually quite interesting and related to a 
question I posted to the list a few days ago (see 
https://mailarchive.ietf.org/arch/msg/cose/9nowDz5kbfUvrGR-o6U1Tm31XAA/).

I am not sure whether the intention of Tobias & Mike are actually to re-define 
the way how encryption is accomplished. They should confirm.

Ciao
Hannes

From: Anders Rundgren 
<anders.rundgren....@gmail.com<mailto:anders.rundgren....@gmail.com>>
Sent: Thursday, March 3, 2022 8:39 AM
To: Laurence Lundblade <l...@island-resort.com<mailto:l...@island-resort.com>>; 
Mike Jones 
<Michael.Jones=40microsoft....@dmarc.ietf.org<mailto:Michael.Jones=40microsoft....@dmarc.ietf.org>>
Cc: Hannes Tschofenig 
<hannes.tschofe...@arm.com<mailto:hannes.tschofe...@arm.com>>; Tobias Looker 
<tobias.looker=40mattr.glo...@dmarc.ietf.org<mailto:tobias.looker=40mattr.glo...@dmarc.ietf.org>>;
 cose@ietf.org<mailto:cose@ietf.org>
Subject: Re: [COSE] Newly Submitted Draft - CBOR Web Token (CWT) Claims in COSE 
Headers

On 2022-03-02 19:33, Laurence Lundblade wrote:
Makes sense to me. Helps out for the EAT claim named “profile” which gives 
information about the type of the token you might want before fully verifying 
it. Addresses an issue Anders brought up about the profile claim.

Not so fast  :)  I brought up a bunch of things which can be illustrated by 
this (just implemented...) example of an encryption object:

211(["https://example.com/myobject";<https://example.com/myobject>, {
  / COSE content encryption algorithm = A256GCM /
  1: 3,
  / Key encryption container /
  2: {
    / COSE Key encryption algorithm = ECDH-ES+A256KW /
    1: -31,
    / Key identifier /
    3: "mykey",
    / Ephemeral key /
    5: {
      / COSE Key type = OKP /
      1: 1,
      / COSE Curve = X25519 /
      -1: 4,
      / COSE X coordinate /
      -2: h'33a04b83d4428824b6d5477522d4a88fac4441122bc46136c0203faa308c3929'
    },
    / Encrypted key /
    10: 
h'e08977c25aeccaecd63b3367de2e2b8f700c82e098ad1e5099d9db510920ccff14debf820427e4ba'
  },
  / Tag /
  8: h'59a84826983e3247fbec4295f75cc138',
  / IV /
  9: h'fd8556c122cff2bc128d5119',
  / Encrypted data /
  10: 
h'e16b16c29da5163eb0131dd1f10f080f8850f55df2ae9d89a3b839ad50952858445f290dfb60'
}])

The core of this builds on Deterministic CBOR which unleashes the true power of 
CBOR in a way legacy solutions do not.   The enhancements include:

  *   Eliminating wrapping of header and (unencrypted) application data.
  *   Using the entire container (modulo the algorithm output variables which 
are added lastly) as input to a signature process and to the authentication 
part of an encryption process.  In the example that includes the top-level CBOR 
tag as well.  cryptoOperation(cborObject.encode()) is all that it takes on the 
encoder's side.
This is pretty much what the X.509 folks have been doing from the very start so 
there is close to zero innovation here 😁

In the example I have also used a URL as profile/object type indicator since 
IANA CBOR custom tag 1537244 or whatever you end-up with, simply isn't pretty 
enough :)  To be more serious: URLs are decentralized and would in this context 
probably be browseable as well.

Cheers,
Anders
IMPORTANT NOTICE: The contents of this email and any attachments are 
confidential and may also be privileged. If you are not the intended recipient, 
please notify the sender immediately and do not disclose the contents to any 
other person, use it for any purpose, or store or copy the information in any 
medium. Thank you.
IMPORTANT NOTICE: The contents of this email and any attachments are 
confidential and may also be privileged. If you are not the intended recipient, 
please notify the sender immediately and do not disclose the contents to any 
other person, use it for any purpose, or store or copy the information in any 
medium. Thank you.

_______________________________________________
COSE mailing list
COSE@ietf.org
https://www.ietf.org/mailman/listinfo/cose