Re: [COSE] Alissa Cooper's No Objection on charter-ietf-cose-01-00: (with COMMENT)

[Matthew A. Miller]

On 18/10/10 12:18, Adam Roach wrote:
> On 10/10/18 12:57 PM, Alissa Cooper wrote:
>> s/full standard/proposed standard/
> 
> 
> I think RFC 8152 is a Proposed Standard already. My reading is that the
> intention of this work item is to move it to Internet Standard.
> 

Yes, the intention is to move COSE to Internet Standard.


- m

Matthew A. Miller



signature.asc
Description: OpenPGP digital signature
___
COSE mailing list
COSE@ietf.org
https://www.ietf.org/mailman/listinfo/cose

Re: [COSE] Call for Adoption of draft-schaad-cose-rfc8152bis-* Documents

[Matthew A. Miller]

[ dons hat ]

Gentle reminder that the call for adoption of these documents ends soon.

[ doffs hat ]

I support adopting both documents.


- m

Matthew A. Miller
On 19/01/07 19:39, Matthew A. Miller wrote:
> Welcome back COSE Working Group!  Let's get started!
> 
> This message begins the call for adoption of the following drafts:
> 
> * draft-schaad-cose-rfc8152bis-struct-01
>   - https://tools.ietf.org/html/draft-schaad-cose-rfc8152bis-struct-01
> * draft-schaad-cose-rfc8152bis-algs-01
>   - https://tools.ietf.org/html/draft-schaad-cose-rfc8152bis-algs-01
> 
> Note that adoption does not mean they are finished, only that they
> are an acceptable starting point.
> 
> Please indicate if you support adopting these documents as working
> group items.  You can also provide additional comments on their
> adoption.
> 
> Adopting both documents means the working group supports splitting
> the algorithms from the message structure.
> 
> This call will run approximately two weeks, ending January 20.
> Please respond before that date.
> 
> 
> Regards,
> 
> - Ivaylo and Matthew
> COSE Working Group Chairs
> 

___
COSE mailing list
COSE@ietf.org
https://www.ietf.org/mailman/listinfo/cose

Re: [COSE] Call for Adoption of draft-schaad-cose-x509 Document

[Matthew A. Miller]

[ doffs hat ]

I support adoption of this document.


- m

Matthew A. Miller
On 19/01/16 08:48, ivaylo petrov wrote:
> Dear WG,
> 
> This message begins the call for adoption of the following draft:
> 
> * draft-schaad-cose-x509-03
>   - https://tools.ietf.org/html/draft-schaad-cose-x509-03
> 
> We would like to remind you that adoption does not mean they are
> finished, only that they are an acceptable starting point.
> 
> If you have read the draft, please indicate whether you support adopting
> that documents as working group items. If you see any problem with
> adopting it or have any other comment, please tell us.
> 
> This call will run approximately two weeks, ending January 28.
> Please respond before that date.
> 
> Best regards,
> 
> - Matthew and Ivaylo
> COSE Working Group Chairs
> 

___
COSE mailing list
COSE@ietf.org
https://www.ietf.org/mailman/listinfo/cose

[COSE] Call for Adoption of draft-schaad-cose-rfc8152bis-* Documents

[Matthew A. Miller]

Welcome back COSE Working Group!  Let's get started!

This message begins the call for adoption of the following drafts:

* draft-schaad-cose-rfc8152bis-struct-01
  - https://tools.ietf.org/html/draft-schaad-cose-rfc8152bis-struct-01
* draft-schaad-cose-rfc8152bis-algs-01
  - https://tools.ietf.org/html/draft-schaad-cose-rfc8152bis-algs-01

Note that adoption does not mean they are finished, only that they
are an acceptable starting point.

Please indicate if you support adopting these documents as working
group items.  You can also provide additional comments on their
adoption.

Adopting both documents means the working group supports splitting
the algorithms from the message structure.

This call will run approximately two weeks, ending January 20.
Please respond before that date.


Regards,

- Ivaylo and Matthew
COSE Working Group Chairs

___
COSE mailing list
COSE@ietf.org
https://www.ietf.org/mailman/listinfo/cose

Re: [COSE] Call for Adoption: draft-jones-cose-additional-algorithms

[Matthew A. Miller]

The Call for Adoption has concluded, with a good show of support to
adopt and no objections noted.

Mike, at your convenience please submit `draft-ietf-cose-webauthn-algs`
(or -algorithms), replacing `draft-jones-cose-additional-algorithms`.

In the meeting session, it was determined (with consent of the
reviewers) that the draft can be adopted before the review comments are
addressed.  If there are any objections, please raise them now.


Thank you all,

- Ivaylo and Matthew
COSE WG Chairs

___
COSE mailing list
COSE@ietf.org
https://www.ietf.org/mailman/listinfo/cose

[COSE] Call for Consensus: Standalone Hash Algorithms Document

[Matthew A. Miller]

This messages starts a call for consensus to separate the COSE hash
algorithms into a separate document, ending on 2018-03-10.

In the virtual interim on 02-15, it was proposed to separate them from
draft-ietf-cose-x509, to allow the hash algorithm registrations to
stabilize more quickly than the rest of the X.509 draft.  If the working
group agrees with separating the algorithms, then a document will be
published that consists of Section 4 (Hash Algorithm Identifiers) and
Section 5.3 (COSE Algorithm Registry) from draft-ietf-cose-x509.

Please respond with whether or not you support separating the hash
algorithms into a separate document.  If you do not support this, please
indicate why not.


- Ivaylo and Matthew
COSE Chairs



signature.asc
Description: OpenPGP digital signature
___
COSE mailing list
COSE@ietf.org
https://www.ietf.org/mailman/listinfo/cose

[COSE] results (Last) Call for Consensus - CounterSignature0 vs CounterSignature1

[Matthew A. Miller]

Thank you all who participating in the various rounds, either in-person
on on-list.

From the comments, it does not appear we have consensus to make the
change.  The existing context "CounterSignature0" will remain.


- Ivaylo and Matthew
COSE WG Chairs

On 19/03/29 06:06, Matthew A. Miller wrote:
> This is another call for consensus, ending April 5.
> 
> The issue is whether to change the counter signature context string from
> "CounterSignature0" to "CounterSignature1".
> 
> The changed value would be more consistent with the structure and text
> of the document, however this is a breaking change that could cause
> interoperability failures with implementations that have not updated.
> 
> This issue has previously been asked on this list, as well as in the
> meeting session in Prague.  In the meeting session, a number of people
> raised objections because this is a breaking change.
> 
> Please respond by April 5, either saying you support the change (and
> possibly why), or saying you do not support the change (and why).
> 
> 
> Thank you,
> 
> - Ivaylo and Matthew
> COSE WG Chairs
> 



signature.asc
Description: OpenPGP digital signature
___
COSE mailing list
COSE@ietf.org
https://www.ietf.org/mailman/listinfo/cose

Re: [COSE] [IANA #1148103] Early Code Point Assignments

[Matthew A. Miller]

Hello Jean-Marc,

Two reviewers have approved of the header parameters, so I believe the
value 33 should be safe.

I will follow up with IANA to see when that will be reflected in the
registry.


- m

Matthew A. Miller
one each of Expert Reviewers and COSE chairs
On 19/08/20 10:29, DESPERRIER Jean-Marc wrote:
> Hi,
> 
> I hope you can hear back from the expert about ietf-cose-x509 quickly. 
> Meanwhile in ISO/IEC JTC 1/SC 17/WG 10, for the informal prototype test event 
> of the current draft of ISO 18013-5 we organized this week-end, we used the 
> value 33 for x5chain that Jim proposed. Let's hope we don't have to change it 
> later, and can rapidly reference it in the newer draft.
> 
> Best regards,
> Jean-Marc
> 
> -Message d'origine-
> De : COSE  De la part de Sabrina Tanamal via RT
> Envoyé : mercredi 14 août 2019 00:24
> À : i...@augustcellars.com
> Cc : cose-...@ietf.org; cose@ietf.org
> Objet : [COSE] [IANA #1148103] Early Code Point Assignments
> 
> Hi Jim, 
> 
> We've made the early allocations for draft-ietf-cose-hash-algs, but we're 
> still waiting to hear back from the experts regarding the assignments in 
> draft-ietf-cose-x509. We'll let you know as soon as we hear from them. 
> 
> These early allocations are complete: 
> 
> SHAKE256 (TEMPORARY - registered 2019-08-13, expires 2020-08-13)  -45 
> 256-bit SHAKE   [draft-ietf-cose-hash-algs] Yes
> SHA-512 (TEMPORARY - registered 2019-08-13, expires 2020-08-13)   -44 
> SHA-2 512-bit Hash  [draft-ietf-cose-hash-algs] Yes
> SHA-384 (TEMPORARY - registered 2019-08-13, expires 2020-08-13)   -43 
> SHA-2 384-bit Hash  [draft-ietf-cose-hash-algs] Yes
> SHAKE128 (TEMPORARY - registered 2019-08-13, expires 2020-08-13)  -18 
> 128-bit SHAKE   [draft-ietf-cose-hash-algs] Yes
> SHA-512/256 (TEMPORARY - registered 2019-08-13, expires 2020-08-13)   -17 
> SHA-2 512-bit Hash truncated to 256-bits[draft-ietf-cose-hash-algs]   
>   Yes
> SHA-256 (TEMPORARY - registered 2019-08-13, expires 2020-08-13)   -16 
> SHA-2 256-bit Hash  [draft-ietf-cose-hash-algs] Yes
> SHA-256/64 (TEMPORARY - registered 2019-08-13, expires 2020-08-13)-15 
> SHA-2 256-bit Hash truncated to 64-bits [draft-ietf-cose-hash-algs] 
> Filter Only
> SHA-1 (TEMPORARY - registered 2019-08-13, expires 2020-08-13) -14 SHA-1 
> Hash  [draft-ietf-cose-hash-algs] Filter Only
> 
> If this document hasn't been approved for publication by July 2020, we'll 
> contact you about approving a one-year renewal. Any further renewals would 
> require IESG approval.
> 
> Best regards,
> 
> Sabrina Tanamal
> Senior IANA Services Specialist
> 
> On Mon Jul 29 14:52:02 2019, i...@augustcellars.com wrote:
>> Following the meeting in Montreal where I asked for the ability to do 
>> early point assignment for documents in the working group and got permission,
>> these are the code points that I am assigning.   I am only assigning points
>> that I know people are asking for now, some points will be setup later.
>>
>> For draft-ietf-cose-x509 
>> (https://urldefense.com/v3/__https://tools.ietf.org/html/draft-ietf-cose-x509__;!U11cABxz5NU!l1Wgt4J1m7vpUmVAJc210eIq0w2nX3wx4mddkqAX-AXr5yijD3btkT8QN5cqdYkQdceWs-22$
>>  ):
>>
>> Table COSE Header Parameters
>> https://urldefense.com/v3/__https://www.iana.org/assignments/cose/cose
>> .xhtml*header-parameters__;Iw!U11cABxz5NU!l1Wgt4J1m7vpUmVAJc210eIq0w2n
>> X3wx4mddkqAX-AXr5yijD3btkT8QN5cqdYkQdWsgiY8C$
>>
>> Name Value
>> x5bag32
>> x5chain  33
>> x5t  34
>> x5u  35
>>
>> For draft-ietf-cose-hash-algs
>> (https://urldefense.com/v3/__https://tools.ietf.org/html/draft-ietf-cose-hash-algs__;!U11cABxz5NU!l1Wgt4J1m7vpUmVAJc210eIq0w2nX3wx4mddkqAX-AXr5yijD3btkT8QN5cqdYkQdTBumviG$
>>  ):
>>
>> Table  COSE Algorithms
>> https://urldefense.com/v3/__https://www.iana.org/assignments/cose/cose
>> .xhtml*algorithms__;Iw!U11cABxz5NU!l1Wgt4J1m7vpUmVAJc210eIq0w2nX3wx4md
>> dkqAX-AXr5yijD3btkT8QN5cqdYkQdTHbtJY4$
>>
>> Name Value
>>
>> SHA-1-14
>> SHA-256/64   -15
>> SHA-256  -16
>> SHA-384  -43
>> SHA-512  -44
>> SHA-512/256  -17
>> SHAKE128 -18
>> SHAKE256 -45
>>
>>
>> Jim
>>
>>
> 
> ___
> COSE mailing list
> COSE@ietf.org
> https://urldefense.com/v3/__https://www.ietf.org/mailman/listinfo/cose__;!U11cABxz5NU!l1Wgt4J1m7vpUmVAJc210eIq0w2nX3wx4mddkqAX-AXr5yijD3btkT8QN5cqdYkQdfhP1OAe$
>  
> 
> ___
> COSE mailing list
> COSE@ietf.org
> https://www.ietf.org/mailman/listinfo/cose
> 

___
COSE mailing list
COSE@ietf.org
https://www.ietf.org/mailman/listinfo/cose

Re: [COSE] [IANA #1148103] Early Code Point Assignments

[Matthew A. Miller]

As a Chair, I approve of this early assignment.


- m

Matthew A. Miller

On 19/07/31 09:51, Sabrina Tanamal via RT wrote:
> Hi Jim, all, 
> 
> Before we can make RFC 7120 early allocations for the registrations listed 
> below, we need approval from a chair and an AD. 
> 
> Because these are Standards Action with Expert Review registries, we'll have 
> to ask the designated experts for approval as well. 
> 
> Best regards, 
> 
> Sabrina Tanamal
> Senior IANA Services Specialist
> 
> On Mon Jul 29 14:52:02 2019, i...@augustcellars.com wrote:
>> Following the meeting in Montreal where I asked for the ability to do early
>> point assignment for documents in the working group and got permission,
>> these are the code points that I am assigning.   I am only assigning points
>> that I know people are asking for now, some points will be setup later.
>>
>> For draft-ietf-cose-x509 (https://tools.ietf.org/html/draft-ietf-cose-x509):
>>
>> Table COSE Header Parameters
>> https://www.iana.org/assignments/cose/cose.xhtml#header-parameters
>>
>> Name Value
>> x5bag32
>> x5chain  33
>> x5t  34
>> x5u  35
>>
>> For draft-ietf-cose-hash-algs
>> (https://tools.ietf.org/html/draft-ietf-cose-hash-algs):
>>
>> Table  COSE Algorithms
>> https://www.iana.org/assignments/cose/cose.xhtml#algorithms
>>
>> Name Value
>>
>> SHA-1-14
>> SHA-256/64   -15
>> SHA-256  -16
>> SHA-384  -43
>> SHA-512  -44
>> SHA-512/256  -17
>> SHAKE128 -18
>> SHAKE256 -45
>>
>>
>> Jim
>>
>>
> 

___
COSE mailing list
COSE@ietf.org
https://www.ietf.org/mailman/listinfo/cose

[COSE] Minutes from IETF 106 Session

[Matthew A. Miller]

Hello WG,

The draft minutes from our session at IETF 106 are in Datatracker:

<
https://datatracker.ietf.org/meeting/106/materials/minutes-106-cose-00.txt >

Please send any corrections to the chairs or this list.


Thank you,

- Ivaylo and Matthew
COSE WG Chairs

___
COSE mailing list
COSE@ietf.org
https://www.ietf.org/mailman/listinfo/cose

Re: [COSE] Call for Consensus: Begin Recharter of COSE WG

[Matthew A. Miller]

Hello All,

There's a couple days left on comments regarding rechartering.  So far
we have:
* no objections to rechartering
* no additional proposed work on non-algorithms (beyond cert compression)

If you have objections to rechartering, or have additional non-algorithm
work items that should be considered, please send in your comments by
this Friday, 04-17.


Thank you,

- COSE WG Chairs
Ivaylo and Matthew



signature.asc
Description: OpenPGP digital signature
___
COSE mailing list
COSE@ietf.org
https://www.ietf.org/mailman/listinfo/cose

Re: [COSE] Call for Consensus: Begin Recharter of COSE WG

[Matthew A. Miller]

With no hat ...

Being a little less specific on the profile details in the charter seems
worthwhile to me.  I don't want it to be an open invitation to come up
with a third profile, though.


- m

Matthew A. Miller
On 20/04/17 01:30, Joel Höglund wrote:
> Hi all,
> 
> I support the charter, with the addition/comment below made by John
> Mattsson about also keeping the RFC 7925 profile, as it is relevant for
> the IoT scenarios we are working on.
> 
> Best Regards
> 
> Joel Höglund
> 
>>> I just learned that IETF 6TiSCH is relying on IEEE 802.11AR profiled
> X.509 
>>> certificates instead of RFC 7925 profiled X.509 certificates. It
> might be that the
>>> CBOR compression should support both. This could be done with small 
>>> additions as the profiles are quite similar. I think the charter
> should leave the 
>>> scope a bit more open on this point.
> 
> ___
> COSE mailing list
> COSE@ietf.org
> https://www.ietf.org/mailman/listinfo/cose
> 

___
COSE mailing list
COSE@ietf.org
https://www.ietf.org/mailman/listinfo/cose

[COSE] Call for Consensus: Begin Recharter of COSE WG

[Matthew A. Miller]

Hello All,

This message is to confirm the in-meeting consensus to recharter the
COSE Working Group.  Given the strong consensus in the meeting, we are
most concerned with objections to rechartering.

With all of the chartered work effectively complete, the question is
raised about what to do next.  In the virtual meeting today
(2020-04-02), there was much support to keep the COSE Working Group open
and recharter.

Jim Schaad has drafted an initial revised [CHARTER].  The executive
summary of that discussion:

The working group will recharter to accept a limited set of work:

* Algorithm definitions with IETF-level consensus and the WG's approval
* A specific (to-be-determined) set of non-algorithm items (currently
"compressed certificate encoding")

If you have objections to rechartering, or have additional items for the
Working Group to consider in its recharter, Please respond with the
objections or suggestions the < cose@ietf.org > mailing list by April 17.


Thank you,

- COSE WG Chairs
Ivaylo and Matthew

___
COSE mailing list
COSE@ietf.org
https://www.ietf.org/mailman/listinfo/cose

[COSE] WGLC Results on 8152bis Documents

[Matthew A. Miller]

Apologies for the extreme delay here.  The WGLC for
draft-ietf-cose-rfc8152bis drafts (-struct[1] and -algs[2]) has been
bespoke closed for a while now.

Thank you all that provided review and feedback.  The chairs read that
we have consensus to publish, and the latest revisions address the
comments received.  A request to the IESG for publication will be forthwith.


Thank you again,

- COSE WG Chairs
Ivaylo and Matthew

[1]: < https://datatracker.ietf.org/doc/draft-ietf-cose-rfc8152bis-struct >
[2]> < https://datatracker.ietf.org/doc/draft-ietf-cose-rfc8152bis-algs >

___
COSE mailing list
COSE@ietf.org
https://www.ietf.org/mailman/listinfo/cose

Re: [COSE] Publication has been requested for draft-ietf-cose-rfc8152bis-algs-07

[Matthew A. Miller]

I believe I can do this still, and will do so, and update the shepherd
write-up.


- m

Matthew A. Miller

On 20/03/31 12:41, Benjamin Kaduk wrote:
> I can change it in the datatracker as needed, too.
> 
> -Ben
> 
> On Tue, Mar 31, 2020 at 11:40:26AM -0700, Jim Schaad wrote:
>> It has been pointed out to me that my intention was for this document to be
>> informational and not an Internet Standard.  I messed up the string at the
>> top of the document and need to correct that.
>>
>> Jim
>>
>>
>> -Original Message-
>> From: COSE  On Behalf Of Matthew Miller via
>> Datatracker
>> Sent: Tuesday, March 31, 2020 10:38 AM
>> To: ka...@mit.edu
>> Cc: linuxwolf+i...@outer-planes.net; cose-cha...@ietf.org;
>> iesg-secret...@ietf.org; cose@ietf.org
>> Subject: [COSE] Publication has been requested for
>> draft-ietf-cose-rfc8152bis-algs-07
>>
>> Matthew Miller has requested publication of
>> draft-ietf-cose-rfc8152bis-algs-07 as Internet Standard on behalf of the
>> COSE working group.
>>
>> Please verify the document's state at
>> https://datatracker.ietf.org/doc/draft-ietf-cose-rfc8152bis-algs/
>>
>>
>> ___
>> COSE mailing list
>> COSE@ietf.org
>> https://www.ietf.org/mailman/listinfo/cose
>>
>> ___
>> COSE mailing list
>> COSE@ietf.org
>> https://www.ietf.org/mailman/listinfo/cose

___
COSE mailing list
COSE@ietf.org
https://www.ietf.org/mailman/listinfo/cose

[COSE] CBOR Object Signing and Encryption (cose) WG Virtual Meeting: 2020-04-02 (TOMORROW)

[Matthew A. Miller]

A reminder that our session is tomorrow at 17:00 UTC (10:00 PDT, 18:00
CEST) over Webex:

URL:
https://ietf.webex.com/ietf/j.php?MTID=m65dc99c8fcf80c2ad60c4bcc24f22477
Meeting Number: 318 487 000
Meeting Password: DkuJ2VDMK79


Our Agenda (with more details):

1. Administrivia (Chairs) - 5 minutes
  - Note Well
  - blue sheets (etherpad)
  - Minutes:
https://etherpad.ietf.org:9009/p/notes-ietf-107-cose?useMonospaceFont=true
  - Jabber: c...@jabber.ietf.org
2. Update on drafts status (Chairs) - 15 Minutes
  - draft-ietf-cose-hash-sisgs
  - draft-ietf-cose-webauthn-algorithms
  - draft-ietf-cose-rfc8152bis-struct
  - draft-ietf-cose-rfc8152bis-algs
  - draft-ietf-cose-hash-algs
  - draft-ietf-cose-x509
3. Cert Compression (John Mattsson) - 10 Minutes
  - draft-mattsson-cose-cbor-cert-compress
4. Rechartering Discussion (Chairs) - 30 Minutes
  - draft-schaad-cose-more-algs
  - draft-mattsson-cose-cbor-cert-compress
  - Others?
5. AOB



- COSE WG Chairs
Ivaylo and Matthew

___
COSE mailing list
COSE@ietf.org
https://www.ietf.org/mailman/listinfo/cose

[COSE]  [CLOSED] Call for Consensus Confirmation: Progressing rfc8152bis-struct and Countersignatures 

[Matthew A. Miller]

Having no objections, we'll proceed with the previously proposed actions.

Jim, at your convenience, please publish the indicated changes to 
-rfc8152bis-struct.  Also please submit the countersignatures v2 document as a 
working group document.


Thank you all,
-Ivaylo and Matthew
COSE WG Chairs

> On Aug 26, 2020, at 13:58, Matthew A. Miller  
> wrote:
> 
> Hello COSE WG,
> 
> The interim meeting today focused on countersignatures, and there was
> rough consensus on a proposed plan.  The chairs are seeking any
> objections for a proposed breakdown to move forward countersignatures.
> 
> 1) The working group will have two documents: rfc8152bis-struct for the
> current state of the art, and a separate (still to be written) document
> that describes the improved countersignatures (colloquially V2).
> -rfc8152bis-struct will include an informative reference to this new
> document in order to progress.  Please inform the WG if you object to
> separating countersignatures into a separate document.
> 
> 2) The current countersignatures algorithm will be removed from
> -rfc8152bis-struct, and in its place will be the rationale for
> deprecating the "v1" countersignatures; readers will be directed to RFC
> 8152 for information on implementing them.  Please inform the WG if you
> object to dropping "Countersignatures v1" from -rfc8152bis-struct.
> 
> Please respond to this message with your objection to (1) and/or (2)
> above.  This call expires in approximately one week, on September 2.
> Please be sure to respond with objections before then.
> 
> 
> Thank you,
> - Ivaylo and Matthew
> COSE WG Chairs

___
COSE mailing list
COSE@ietf.org
https://www.ietf.org/mailman/listinfo/cose

[COSE] Virtual Interim 2020-08-26 -- Recording and Minutes and Next

[Matthew A. Miller]

The recording for last week's session can be found here: < 
https://ietf.webex.com/ietf/ldr.php?RCID=ce4a477b56724b0ea5873646358c7e7b >

The minutes have been uploaded to datatracker: < 
https://www.ietf.org/proceedings/interim-2020-cose-02/minutes/minutes-interim-2020-cose-02-202008261600-00
 >

Please note there is another interim scheduled in one week, 9 September 2020 at 
16:00 UTC.

Thank you again to Francesca for capturing decisions and actions, and thank you 
to everyone that participated in the last interim.


- Ivaylo and Matthew
COSE WG Chairs
___
COSE mailing list
COSE@ietf.org
https://www.ietf.org/mailman/listinfo/cose

[COSE] Virtual Interim Meeting 2020-08-26

[Matthew A. Miller]

Hello all,

We have an interim meeting Wednesday, 26 August 2020 at 16:00 UTC.  The
agenda is to progress a new CounterSignature mechanism that addresses
the discovered defects.

This interim will be conducted via Webex <
https://ietf.webex.com/ietf/j.php?MTID=m5528e10375ba600e61b9133f1f8bcfa7  >.

The fuller proposed agenda is below and is located in datatracker.  The
meeting iCalendar event is attached.


"
# COSE WG @ 2020-08-26 Interim Agenda

Where: Webex
When: 2020-08-26 @ 16:00 - 17:00 UTC

* Notes/Minutes: < TBD @ codimd >
* Jabber: < xmpp:c...@jabber.ietf.org?join >
* Webex:
https://ietf.webex.com/ietf/j.php?MTID=m5528e10375ba600e61b9133f1f8bcfa7

## 0. Administrivia (Chairs) - 5 minutes (16:00 - 16:05)

* Bluesheets (see notes)
* Note taker(s)
* Jabber scribe
* Agenda + Bartering

## 1. Countersignature Recap (Chairs) - 5 minutes (16:05 - 16:10)

## 1. Progression of -8152bis-struct (Jim Schaad) - 20 minutes (16:10 -
16:30)
* Mail thread <
https://mailarchive.ietf.org/arch/msg/cose/SdW-ployB8TCtD54RU5IZg5uQVo/ >

## 2. CounterSignature v2 Proposal (Jim Schaad) - 25 minutes (16:30 - 16:55)
* Mail thread <
https://mailarchive.ietf.org/arch/msg/cose/6-vyoetZboIdrwwEYoYlj9QY_3Q/ >
* -rfc1852bis-struct § 5 <
https://tools.ietf.org/html/draft-ietf-cose-rfc8152bis-struct-12#section-5 >

## 3. Wrap-up (Chairs) - 5 minutes (16:55 - 17:00)

* Next steps
* Next meeting? (2020-09-09 @ 16:00)
"

--
Ivaylo and Matthew
COSE WG
BEGIN:VCALENDAR
PRODID:-//Microsoft Corporation//Outlook 10.0 MIMEDIR//EN
VERSION:2.0
METHOD:REQUEST
BEGIN:VTIMEZONE
TZID:Europe/Brussels
TZURL:http://tzurl.org/zoneinfo-outlook/Europe/Brussels
X-LIC-LOCATION:Europe/Brussels
BEGIN:DAYLIGHT
TZOFFSETFROM:+0100
TZOFFSETTO:+0200
TZNAME:CEST
DTSTART:19700329T02
RRULE:FREQ=YEARLY;BYMONTH=3;BYDAY=-1SU
END:DAYLIGHT
BEGIN:STANDARD
TZOFFSETFROM:+0200
TZOFFSETTO:+0100
TZNAME:CET
DTSTART:19701025T03
RRULE:FREQ=YEARLY;BYMONTH=10;BYDAY=-1SU
END:STANDARD
END:VTIMEZONE
BEGIN:VEVENT
DTSTAMP:20200811T150947Z
ATTENDEE;CN="COSE Working Group";ROLE=REQ-PARTICIPANT;RSVP=FALSE:MAILTO:cose-cha...@ietf.org
ORGANIZER;CN="Cisco Webex":MAILTO:messen...@webex.com
DTSTART;TZID=Europe/Brussels:20200826T18
DTEND;TZID=Europe/Brussels:20200826T19
LOCATION:https://ietf.webex.com/ietf/j.php?MTID=m5528e10375ba600e61b9133f1f8bcfa7
TRANSP:OPAQUE
SEQUENCE:1597158587
UID:51e88c5d-618c-4f70-b8fc-7f991a70
DESCRIPTION:\n\nJOIN WEBEX MEETING\nhttps://ietf.webex.com/ietf/j.php?MTID=m5528e10375ba600e61b9133f1f8bcfa7\nMeeting number (access code): 171 745 9639\n\n\nMeeting password: 6YZbzJ9U6d9\n\n\n\nTAP TO JOIN FROM A MOBILE DEVICE (ATTENDEES ONLY)\n+1-650-479-3208,,1717459639## tel:%2B1-650-479-3208,,*01*1717459639%23%23*01* Call-in toll number (US/Canada)\n\n\nJOIN BY PHONE\n1-650-479-3208 Call-in toll number (US/Canada)\n\nGlobal call-in numbers\nhttps://ietf.webex.com/ietf/globalcallin.php?MTID=ma2817d3dce48bb0eb88c7fdf0c76d188\n\n\nJOIN FROM A VIDEO SYSTEM OR APPLICATION\nDial sip:1717459...@ietf.webex.com\nYou can also dial 173.243.2.68 and enter your meeting number.\n\n\nJoin using Microsoft Lync or Microsoft Skype for Business\nDial sip:1717459639.i...@lync.webex.com\n\n\n\nIf you are a host, click here to view host information:\nhttps://ietf.webex.com/ietf/j.php?MTID=mc4b2df631d7ba6352e1aa998e22affcd\n\n\n\nCan't join the meeting? Contact support here:\nhttps://ietf.webex.com/ietf/mc\n\n\nIMPORTANT NOTICE: Please note that this Webex service allows audio and other information sent during the session to be recorded, which may be discoverable in a legal matter. You should inform all meeting attendees prior to recording if you intend to record the meeting.\n
X-ALT-DESC;FMTTYPE=text/html:\ntable {\n	border-collapse: separate; width =100%;	border: 0;	border-spacing: 0;}\n\ntr {\n	line-height: 18px;}\n\na, td {\n	font-size: 14px;	font-family: Arial;	color: #333;	word-wrap: break-word;	word-break: normal;	padding: 0;}\n\n.title {\n	font-size: 28px;}\n\n.image {\n	width: auto;	max-width: auto;}\n\n.footer {\n	width: 604px;}\n\n.main {\n\n}@media screen and (max-device-width: 800px) {\n	.title {\n		font-size: 22px !important;	}\n	.image {\n		width: auto !important;		max-width: 100% !important;	}\n	.footer {\n		width: 100% !important;		max-width: 604px !important\n	}\n	.main {\n		width: 100% !important;		max-width: 604px !important\n	}\n}\n\n\n\n	\n	\n		\n			\n\n\n\n			\n\n	\n		When it's time, join the Webex meeting here.\n	\n\n\n\n	\n		Meeting number (access code): 171 745 9639\n	\n\n			\n			Meeting password:6YZbzJ9U6d9\n\n\n	\n			\n\n	\n		\n			https://ietf.webex.com/ietf/j.php?MTID=m5528e10375ba600e61b9133f1f8bcfa7; style="color:#FF; font-size:20px; text-decoration:none;">Join meeting\n		\n	\n\n			\n		\n\n \n\n\n Tap to join from a mobile device (attendees only)  +1-650-479-3208,,1717459639## Call-in toll number (US/Canada) Join by phone  1-650-479-3208 Call-in 

[COSE]  Call for Consensus Confirmation: Progressing rfc8152bis-struct and Countersignatures 

[Matthew A. Miller]

Hello COSE WG,

The interim meeting today focused on countersignatures, and there was
rough consensus on a proposed plan.  The chairs are seeking any
objections for a proposed breakdown to move forward countersignatures.

1) The working group will have two documents: rfc8152bis-struct for the
current state of the art, and a separate (still to be written) document
that describes the improved countersignatures (colloquially V2).
-rfc8152bis-struct will include an informative reference to this new
document in order to progress.  Please inform the WG if you object to
separating countersignatures into a separate document.

2) The current countersignatures algorithm will be removed from
-rfc8152bis-struct, and in its place will be the rationale for
deprecating the "v1" countersignatures; readers will be directed to RFC
8152 for information on implementing them.  Please inform the WG if you
object to dropping "Countersignatures v1" from -rfc8152bis-struct.

Please respond to this message with your objection to (1) and/or (2)
above.  This call expires in approximately one week, on September 2.
Please be sure to respond with objections before then.


Thank you,
- Ivaylo and Matthew
COSE WG Chairs

___
COSE mailing list
COSE@ietf.org
https://www.ietf.org/mailman/listinfo/cose

Re: [COSE] New option going forward for COSE struct

[Matthew A. Miller]

Speaking with no hat ...

My personal preference would be to deprecate counter-signatures from
-struct so it can progress, and document the v2 in a separate document.
 I have small personal preference for deprecating the v1
counter-signature in -struct while keeping its process documented, but
it's a small preference.

I'm in favor of two documents, but not three.  For me, I think that
means either counter-signatures are consolidated into a single document,
or the v1 is left in RFC 8152.  As a radical opinion, maybe consider
leaving the v1 mechanism behind in RFC 8152 and only discuss its
deprecation in -struct.


- m

Matthew A. Miller

On 20/08/24 10:17, Jim Schaad wrote:
> At the virtual IETF meeting where had a long discussion on how the structure
> document should progress without getting any type of final conclusions.
> Since that time I have come up with a new option which I think should be
> added to the discussion.
> 
> 1.  Have a single document with the new countersignature algorithm added.
> This has the advantage that everything is in one place, it is easy to tag
> the current countersignature algorithm header parameters as deprecated
> because there is a new replacement in the document.
> 
> 2.  Have two documents (version 1):  Fix the description of the current
> countersignature algorithm in the bis document and progress that.  Create a
> new document which contains the new countersignature algorithm.  This would
> be an odd choice because I am not sure how the current countersignature
> algorithm should be tagged.  Not deprecating seems wrong but trying to
> deprecate later also seems to be a strange thing to do.
> 
> 3.  Have two documents (version 2): Pull the current countersignature
> algorithm out of the core document and allow it to progress to full standard
> without a countersignature algorithm at all.  Create a new document with
> both the new and old countersignature algorithms tagging the old one as
> deprecated.  This can then be added to the STD number in the future.
> 
> 4. Have two documents (version 3): Pull the current countersignature
> algorithm out of the core document and add the new countersignature
> algorithm to it.  Create  new document which contains the old
> countersignature algorithm and publish it as historical.  This is cleaner in
> many respects as the deprecated version of the countersignature algorithm
> would be in a document which is clearly marked as not being what is to be
> used.
> 
> 5. Have three documents:  Pull the current countersignature algorithm out of
> the core document and advance it to full standard.  Create two new
> documents, one for each of the countersignature algorithms.  The old
> countersignature algorithm would be published as historic and the new
> document can be cycled as needed until it is ready and then added to the STD
> number as a second document.
> 
> I suggested the last option to the chairs in a private email mostly as an
> option that exists but I was not really serious about it.  However, in
> retrospect I am starting to warmup to the way of doing things as it has
> several advantages.  The current structure document can progress without any
> big problems.  (Yes I still need to deal with Ben's discuss, but it is kind
> of meta.)  It also means that the two countersignature algorithms are
> separated and clearly marked in the RFCs themselves as to what there
> statuses are.  There are no issues with having multiple documents in the
> full standard so adding the countersignature v2 document later is not a
> problem.
> 
> Jim
> 
> 
> ___
> COSE mailing list
> COSE@ietf.org
> https://www.ietf.org/mailman/listinfo/cose
> 



signature.asc
Description: OpenPGP digital signature
___
COSE mailing list
COSE@ietf.org
https://www.ietf.org/mailman/listinfo/cose

Re: [COSE] Secdir last call review of draft-ietf-cose-webauthn-algorithms-06

[Matthew A. Miller]

Hello Linda,

Thanks for the review.  Speaking on the author's behalf, SHA-2 is
defined as the collection of hash algorithms, including all of those
cited (SHA-256, SHA-384, SHA-512).  Do you believe it is critical to
call this out explicitly?


- m

Matthew A. Miller
On 20/05/26 17:51, Linda Dunbar via Datatracker wrote:
> Reviewer: Linda Dunbar
> Review result: Not Ready
> 
> I have reviewed this document as part of the security directorate's ongoing
> effort to review all IETF documents being processed by the IESG.  These
> comments were written primarily for the benefit of the security area 
> directors.
>  Document editors and WG chairs should treat these comments just like any 
> other
>  last call comments.
> 
> This document is to list down the COSE Algorithms to be registered to
> IANA. But it seems the description is not complete. In the Section 2: among 
> the
> 4 algorithms listed under RSASSA-PKCS1-v1_5, three are NOT recommended, one is
> deprecated. Under the Security Consideration (Section 5), Section 5.2 
> describes
> why SHA-2 is "Not Recommended", Section 5.3 describes why SHA-1 is
> "Deprecated".  What about the description on why SHA-512,  SHA-384, and 
> SHA-256
> are not recommended?  Is the missing description intended?
> 
> Best Regards,
> 
> Linda Dunbar
> 
> 
> 

___
COSE mailing list
COSE@ietf.org
https://www.ietf.org/mailman/listinfo/cose

[COSE]  Call for Consensus: CounterSignature Discussion 

[Matthew A. Miller]

This message is to confirm consensus to deprecate the current
CounterSignature feature and replace it with one that best accounts for
all COSE message types.

At the synchronous WG meeting on July 29, the issue with
countersignatures was heavily discussed.  In summary, the
currently-defined CounterSignature mechanism is not processed with the
cryptographic content for certain COSE message types.  The consensus
from the meeting is to mark the current CounterSignature process and
structure deprecated in rfc8152bis and define a new one that properly
accounts for the cryptographic.  Further consensus leaned toward an
aggressive approach, incorporating all bstr elements in the target
structure when computing the signature.

To complete the new CounterSignature method, the sense in the meeting is
to have a series of virtual interims.  The details of the new method and
where it fits as working group items is still to be determined.  Jim
Schaad posted a starting proposal for a method[1], and an initial
discussion on how to approach this as a working group item[2].

Given the participation in the meeting is very close to the
participation on the list, we are only seeking objections.  If you have
objections, please inform the list and why you object.  A following
message will propose times for interims, ideally starting this month
(August).


Thank you,

- Ivaylo and Matthew
COSE WG Chairs

--
[1]: <
https://mailarchive.ietf.org/arch/msg/cose/6-vyoetZboIdrwwEYoYlj9QY_3Q/ >
[2]: <
https://mailarchive.ietf.org/arch/msg/cose/8Mxcnsq9sm_pXQAm-2bexKxpaMU/ >

___
COSE mailing list
COSE@ietf.org
https://www.ietf.org/mailman/listinfo/cose

[COSE] Fwd: [108all] Final reminder: IETF 108 meeting survey

[Matthew A. Miller]

If you participated in last weeks festivities and have not filled out
the meeting survey, please consider doing so.

The survey is at: < https://www.surveymonkey.com/r/T3SL7JF >


Thanks!

- Ivaylo and Matthew
COSE WG Chairs
On 20/08/05 04:30, IETF Executive Director wrote:
> Thank you very much to the ~230 people who have filled in the IETF 108 
> meeting survey as this data is crucial to helping us plan future meetings.  
> We could still use another 70 or so responses and so this is a final reminder 
> to please help us by taking a few minutes to complete the survey:
> 
>   https://www.surveymonkey.com/r/T3SL7JF
> 
> Thanks in advance
> 

___
COSE mailing list
COSE@ietf.org
https://www.ietf.org/mailman/listinfo/cose

Re: [COSE] IETF-108 Session - REQUESTING VOLUNTEERS

[Matthew A. Miller]

As you may have noticed, the schedule is a little tight.  To help get
going more quickly, we are soliciting volunteers now for:

* taking notes/minutes (grab action items)
* scribing to Jabber (relay "MIC" comments from Jabber to meetecho,

Please message < cose-cha...@ietf.org > if you can help.


Thank you!

- Ivaylo and Matthew
COSE WG Chairs

___
COSE mailing list
COSE@ietf.org
https://www.ietf.org/mailman/listinfo/cose

[COSE] IETF-108 Session - 2020-07-29 @ 13:00 UTC

[Matthew A. Miller]

Hello COSE WG,

A reminder the session is Wednesday (tomorrow)!

Where: Meetecho
When: 2020-07-29 @ 13:00-13:50 UTC

* Notes: https://codimd.ietf.org/notes-ietf-108-cose
* Jabber: xmpp:c...@jabber.ietf.org?join
* Meetecho:
https://meetings.conf.meetecho.com/ietf108/?group=cose==1

The updated agenda is below and at:
https://www.ietf.org/proceedings/108/agenda/agenda-108-cose-03

Some Meetecho tips we recommend, based on our experiences:

* If you want to queue “at the mic”, always Request Audio
  - Request Video is optional

* If you are speaking, first state your name

* If you are taking or tracking notes, open in a new tab/window
  - Windows (Chrome/Firefox/Edge): CTRL + left_click
  - MacOS (Chrome/Firefox/Safari): ⌘ + left_click
  - Linux (Chrome/Firefox): CTRL + left_click


"""
## 0. Administrivia (Chairs) - 5 minutes (13:00 - 13:05)
  * ~Bluesheets~
  * Note taker(s)
  * Jabber Scribe
  * Agenda + Bartering

## 1. Document Status (Chairs) - 5 minutes (13:05 - 13:10)
  * https://datatracker.ietf.org/doc/draft-ietf-cose-webauthn-algorithms/
  * https://datatracker.ietf.org/doc/draft-ietf-cose-x509/
  * https://datatracker.ietf.org/doc/draft-ietf-cose-hash-algs/
  * https://datatracker.ietf.org/doc/draft-ietf-cose-rfc8152bis-algs/

### 1.1 Struct Discuss (Jim Schaad) - 10 minutes (13:10 - 13:20)
  * https://datatracker.ietf.org/doc/draft-ietf-cose-rfc8152bis-struct/
  * https://mailarchive.ietf.org/arch/msg/cose/yjKTObY8Gb387p6V4gwAFHts72g/

## 2. Cert Compression (Joel Höglund) - 10 minutes (13:20 - 13:30)
  * https://tools.ietf.org/html/draft-mattsson-cose-cbor-cert-compress-01

## 3. More Algorithms (Jim Schaad) - 5 minutes (13:30 - 13:35)
  * https://tools.ietf.org/html/draft-schaad-cose-more-algs-01

## 4. Chartering (Chairs) - 15 minutes (13:35 - 13:50)
  * (WIP) https://github.com/cose-wg/Charter/blob/master/Charter.md
"""

- Ivaylo & Matthew
COSE WG Chairs

___
COSE mailing list
COSE@ietf.org
https://www.ietf.org/mailman/listinfo/cose

[COSE] COSE WG @ IETF-108 Minutes

[Matthew A. Miller]

Minutes from the COSE WG @ IETF-108 session are uploaded to datatracker.
 Please send any corrections and the minutes will be updated.

* Minutes: <
https://www.ietf.org/proceedings/108/minutes/minutes-108-cose-01.txt >

A big thank you to Francesca Palombini for taking minutes.


-- Ivaylo and Matthew
COSE WG Chairs

___
COSE mailing list
COSE@ietf.org
https://www.ietf.org/mailman/listinfo/cose

[COSE] Preliminary Agenda and Call for Items @ IETF 108

[Matthew A. Miller]

This is well overdue, but here is a preliminary agenda based on
activities.  If anyone has more to discuss, please alert the chairs.

The COSE WG session is scheduled for 50 minutes on Wednesday, 20 July at
11:00 UTC.  Note this is quite early for those of located in western
North America (including a document author and a co-chair); bear with
any grogginess.

< https://www.ietf.org/proceedings/108/agenda/agenda-108-cose-00.txt >

"""
COSE WG Agenda
IETF 108 - Virtual/Meetecho
2020-07-29 @ 11:00 UTC

## 0. Administrivia (Chairs) - 5 minutes
  * NOTE WELL
  * Bluesheets
  * Jabber + Minutes
  * Agenda Bartering

## 1. Document Status (Chairs) - 10 minutes
  * https://datatracker.ietf.org/doc/draft-ietf-cose-webauthn-algorithms/
  * https://datatracker.ietf.org/doc/draft-ietf-cose-rfc8152bis-struct/
  * https://datatracker.ietf.org/doc/draft-ietf-cose-rfc8152bis-algs/
  * https://datatracker.ietf.org/doc/draft-ietf-cose-hash-algs/
  * https://datatracker.ietf.org/doc/draft-ietf-cose-x509/

## 2. Cert Compression (Joel Höglund) - 10 minutes
  * https://tools.ietf.org/html/draft-mattsson-cose-cbor-cert-compress-01

## 3. Chartering (Chairs) - 20 minutes
  * (WIP) https://github.com/cose-wg/Charter/blob/master/Charter.md

## 4. AOB
"""

-- 
Ivaylo and Matthew
COSE Chairs

___
COSE mailing list
COSE@ietf.org
https://www.ietf.org/mailman/listinfo/cose