Below are my short summary of what I think needs discussion regarding [1] X.509 discussion topics --------------------------
Major discussion points: 1. Many people have expressed that they don't understand the trust assumptions mentioned for x5u. Is x5u meant to distribute trust anchors in some way? 2. It was suggested that parts of the end-entity certificate need to be integrity protected. This would make the current specification of x5bag and x5chain insecure. - Putting everything in protected would be problematic for Michael's use case with middleboxes removing intermediary certs. - Putting the cert in external_aad like EDHOC would change the COSE processing... Less major discussion points: - Protection requirements for x5u use of HTTP CoAP. - Not allowing OSCORE, Mandating PKCS7. If time allow, we can continue with how we would like things to work for CBOR encoded X.509 certificates. There we have more flexibility. John -----Original Message----- From: Göran Selander <[email protected]> Date: Tuesday, 16 February 2021 at 07:50 To: John Mattsson <[email protected]>, Ivaylo Petrov <[email protected]>, cose <[email protected]> Cc: Cose Chairs Wg <[email protected]> Subject: Re: [COSE] Agenda for interim on 17.02.2021 Hi, I second John's proposal to have the interim meeting. These are topics of recent mail threads ([1], [2]) and although these are not sharply defined issues, the meeting may if not solve at least help us come to a sharper formulation of the issues. I can prepare a slide on the second point. Göran [1] https://mailarchive.ietf.org/arch/msg/cose/RaeiOMvtAVuP710uHuYCLU3AU_4/ [2] https://mailarchive.ietf.org/arch/browse/cose/?index=RaeiOMvtAVuP710uHuYCLU3AU_4 On 2021-02-11, 08:42, "COSE on behalf of John Mattsson" <[email protected] on behalf of [email protected]> wrote: Hi, I would like the WG to discuss and hopefully agree on: * X509. Trust relations, protection, and formats. This is relevant for the EDHOC and the CBOR certificate work as well. * IANA registrations policies, in particular co-factor ECC, as brought up by Wei25519. I think these are the two most urgent things to discuss. I am however not the driver for any of these. Cheers, John From: Ivaylo Petrov <[email protected]> Date: Wednesday, 10 February 2021 at 23:30 To: cose <[email protected]> Cc: Cose Chairs Wg <[email protected]> Subject: Agenda for interim on 17.02.2021 Dear all, Our next interim is scheduled for 17.02.2021 from 16:00 UTC. The chairs would like to know what topics the WG would like to discuss during the interim. If there is nothing to discuss at that time, we could cancel the interim as the IETF 110 meeting will be less than a month later. - Matthew and Ivaylo COSE WG Chairs _______________________________________________ COSE mailing list [email protected] https://www.ietf.org/mailman/listinfo/cose
