Re: [COSE] Alissa Cooper's No Objection on charter-ietf-cose-01-00: (with COMMENT)
On 18/10/10 12:18, Adam Roach wrote: > On 10/10/18 12:57 PM, Alissa Cooper wrote: >> s/full standard/proposed standard/ > > > I think RFC 8152 is a Proposed Standard already. My reading is that the > intention of this work item is to move it to Internet Standard. > Yes, the intention is to move COSE to Internet Standard. - m Matthew A. Miller signature.asc Description: OpenPGP digital signature ___ COSE mailing list COSE@ietf.org https://www.ietf.org/mailman/listinfo/cose
Re: [COSE] Call for Adoption of draft-schaad-cose-rfc8152bis-* Documents
[ dons hat ] Gentle reminder that the call for adoption of these documents ends soon. [ doffs hat ] I support adopting both documents. - m Matthew A. Miller On 19/01/07 19:39, Matthew A. Miller wrote: > Welcome back COSE Working Group! Let's get started! > > This message begins the call for adoption of the following drafts: > > * draft-schaad-cose-rfc8152bis-struct-01 > - https://tools.ietf.org/html/draft-schaad-cose-rfc8152bis-struct-01 > * draft-schaad-cose-rfc8152bis-algs-01 > - https://tools.ietf.org/html/draft-schaad-cose-rfc8152bis-algs-01 > > Note that adoption does not mean they are finished, only that they > are an acceptable starting point. > > Please indicate if you support adopting these documents as working > group items. You can also provide additional comments on their > adoption. > > Adopting both documents means the working group supports splitting > the algorithms from the message structure. > > This call will run approximately two weeks, ending January 20. > Please respond before that date. > > > Regards, > > - Ivaylo and Matthew > COSE Working Group Chairs > ___ COSE mailing list COSE@ietf.org https://www.ietf.org/mailman/listinfo/cose
Re: [COSE] Call for Adoption of draft-schaad-cose-x509 Document
[ doffs hat ] I support adoption of this document. - m Matthew A. Miller On 19/01/16 08:48, ivaylo petrov wrote: > Dear WG, > > This message begins the call for adoption of the following draft: > > * draft-schaad-cose-x509-03 > - https://tools.ietf.org/html/draft-schaad-cose-x509-03 > > We would like to remind you that adoption does not mean they are > finished, only that they are an acceptable starting point. > > If you have read the draft, please indicate whether you support adopting > that documents as working group items. If you see any problem with > adopting it or have any other comment, please tell us. > > This call will run approximately two weeks, ending January 28. > Please respond before that date. > > Best regards, > > - Matthew and Ivaylo > COSE Working Group Chairs > ___ COSE mailing list COSE@ietf.org https://www.ietf.org/mailman/listinfo/cose
[COSE] Call for Adoption of draft-schaad-cose-rfc8152bis-* Documents
Welcome back COSE Working Group! Let's get started! This message begins the call for adoption of the following drafts: * draft-schaad-cose-rfc8152bis-struct-01 - https://tools.ietf.org/html/draft-schaad-cose-rfc8152bis-struct-01 * draft-schaad-cose-rfc8152bis-algs-01 - https://tools.ietf.org/html/draft-schaad-cose-rfc8152bis-algs-01 Note that adoption does not mean they are finished, only that they are an acceptable starting point. Please indicate if you support adopting these documents as working group items. You can also provide additional comments on their adoption. Adopting both documents means the working group supports splitting the algorithms from the message structure. This call will run approximately two weeks, ending January 20. Please respond before that date. Regards, - Ivaylo and Matthew COSE Working Group Chairs ___ COSE mailing list COSE@ietf.org https://www.ietf.org/mailman/listinfo/cose
Re: [COSE] Call for Adoption: draft-jones-cose-additional-algorithms
The Call for Adoption has concluded, with a good show of support to adopt and no objections noted. Mike, at your convenience please submit `draft-ietf-cose-webauthn-algs` (or -algorithms), replacing `draft-jones-cose-additional-algorithms`. In the meeting session, it was determined (with consent of the reviewers) that the draft can be adopted before the review comments are addressed. If there are any objections, please raise them now. Thank you all, - Ivaylo and Matthew COSE WG Chairs ___ COSE mailing list COSE@ietf.org https://www.ietf.org/mailman/listinfo/cose
[COSE] Call for Consensus: Standalone Hash Algorithms Document
This messages starts a call for consensus to separate the COSE hash algorithms into a separate document, ending on 2018-03-10. In the virtual interim on 02-15, it was proposed to separate them from draft-ietf-cose-x509, to allow the hash algorithm registrations to stabilize more quickly than the rest of the X.509 draft. If the working group agrees with separating the algorithms, then a document will be published that consists of Section 4 (Hash Algorithm Identifiers) and Section 5.3 (COSE Algorithm Registry) from draft-ietf-cose-x509. Please respond with whether or not you support separating the hash algorithms into a separate document. If you do not support this, please indicate why not. - Ivaylo and Matthew COSE Chairs signature.asc Description: OpenPGP digital signature ___ COSE mailing list COSE@ietf.org https://www.ietf.org/mailman/listinfo/cose
[COSE] results (Last) Call for Consensus - CounterSignature0 vs CounterSignature1
Thank you all who participating in the various rounds, either in-person on on-list. From the comments, it does not appear we have consensus to make the change. The existing context "CounterSignature0" will remain. - Ivaylo and Matthew COSE WG Chairs On 19/03/29 06:06, Matthew A. Miller wrote: > This is another call for consensus, ending April 5. > > The issue is whether to change the counter signature context string from > "CounterSignature0" to "CounterSignature1". > > The changed value would be more consistent with the structure and text > of the document, however this is a breaking change that could cause > interoperability failures with implementations that have not updated. > > This issue has previously been asked on this list, as well as in the > meeting session in Prague. In the meeting session, a number of people > raised objections because this is a breaking change. > > Please respond by April 5, either saying you support the change (and > possibly why), or saying you do not support the change (and why). > > > Thank you, > > - Ivaylo and Matthew > COSE WG Chairs > signature.asc Description: OpenPGP digital signature ___ COSE mailing list COSE@ietf.org https://www.ietf.org/mailman/listinfo/cose
Re: [COSE] [IANA #1148103] Early Code Point Assignments
Hello Jean-Marc, Two reviewers have approved of the header parameters, so I believe the value 33 should be safe. I will follow up with IANA to see when that will be reflected in the registry. - m Matthew A. Miller one each of Expert Reviewers and COSE chairs On 19/08/20 10:29, DESPERRIER Jean-Marc wrote: > Hi, > > I hope you can hear back from the expert about ietf-cose-x509 quickly. > Meanwhile in ISO/IEC JTC 1/SC 17/WG 10, for the informal prototype test event > of the current draft of ISO 18013-5 we organized this week-end, we used the > value 33 for x5chain that Jim proposed. Let's hope we don't have to change it > later, and can rapidly reference it in the newer draft. > > Best regards, > Jean-Marc > > -Message d'origine- > De : COSE De la part de Sabrina Tanamal via RT > Envoyé : mercredi 14 août 2019 00:24 > À : i...@augustcellars.com > Cc : cose-...@ietf.org; cose@ietf.org > Objet : [COSE] [IANA #1148103] Early Code Point Assignments > > Hi Jim, > > We've made the early allocations for draft-ietf-cose-hash-algs, but we're > still waiting to hear back from the experts regarding the assignments in > draft-ietf-cose-x509. We'll let you know as soon as we hear from them. > > These early allocations are complete: > > SHAKE256 (TEMPORARY - registered 2019-08-13, expires 2020-08-13) -45 > 256-bit SHAKE [draft-ietf-cose-hash-algs] Yes > SHA-512 (TEMPORARY - registered 2019-08-13, expires 2020-08-13) -44 > SHA-2 512-bit Hash [draft-ietf-cose-hash-algs] Yes > SHA-384 (TEMPORARY - registered 2019-08-13, expires 2020-08-13) -43 > SHA-2 384-bit Hash [draft-ietf-cose-hash-algs] Yes > SHAKE128 (TEMPORARY - registered 2019-08-13, expires 2020-08-13) -18 > 128-bit SHAKE [draft-ietf-cose-hash-algs] Yes > SHA-512/256 (TEMPORARY - registered 2019-08-13, expires 2020-08-13) -17 > SHA-2 512-bit Hash truncated to 256-bits[draft-ietf-cose-hash-algs] > Yes > SHA-256 (TEMPORARY - registered 2019-08-13, expires 2020-08-13) -16 > SHA-2 256-bit Hash [draft-ietf-cose-hash-algs] Yes > SHA-256/64 (TEMPORARY - registered 2019-08-13, expires 2020-08-13)-15 > SHA-2 256-bit Hash truncated to 64-bits [draft-ietf-cose-hash-algs] > Filter Only > SHA-1 (TEMPORARY - registered 2019-08-13, expires 2020-08-13) -14 SHA-1 > Hash [draft-ietf-cose-hash-algs] Filter Only > > If this document hasn't been approved for publication by July 2020, we'll > contact you about approving a one-year renewal. Any further renewals would > require IESG approval. > > Best regards, > > Sabrina Tanamal > Senior IANA Services Specialist > > On Mon Jul 29 14:52:02 2019, i...@augustcellars.com wrote: >> Following the meeting in Montreal where I asked for the ability to do >> early point assignment for documents in the working group and got permission, >> these are the code points that I am assigning. I am only assigning points >> that I know people are asking for now, some points will be setup later. >> >> For draft-ietf-cose-x509 >> (https://urldefense.com/v3/__https://tools.ietf.org/html/draft-ietf-cose-x509__;!U11cABxz5NU!l1Wgt4J1m7vpUmVAJc210eIq0w2nX3wx4mddkqAX-AXr5yijD3btkT8QN5cqdYkQdceWs-22$ >> ): >> >> Table COSE Header Parameters >> https://urldefense.com/v3/__https://www.iana.org/assignments/cose/cose >> .xhtml*header-parameters__;Iw!U11cABxz5NU!l1Wgt4J1m7vpUmVAJc210eIq0w2n >> X3wx4mddkqAX-AXr5yijD3btkT8QN5cqdYkQdWsgiY8C$ >> >> Name Value >> x5bag32 >> x5chain 33 >> x5t 34 >> x5u 35 >> >> For draft-ietf-cose-hash-algs >> (https://urldefense.com/v3/__https://tools.ietf.org/html/draft-ietf-cose-hash-algs__;!U11cABxz5NU!l1Wgt4J1m7vpUmVAJc210eIq0w2nX3wx4mddkqAX-AXr5yijD3btkT8QN5cqdYkQdTBumviG$ >> ): >> >> Table COSE Algorithms >> https://urldefense.com/v3/__https://www.iana.org/assignments/cose/cose >> .xhtml*algorithms__;Iw!U11cABxz5NU!l1Wgt4J1m7vpUmVAJc210eIq0w2nX3wx4md >> dkqAX-AXr5yijD3btkT8QN5cqdYkQdTHbtJY4$ >> >> Name Value >> >> SHA-1-14 >> SHA-256/64 -15 >> SHA-256 -16 >> SHA-384 -43 >> SHA-512 -44 >> SHA-512/256 -17 >> SHAKE128 -18 >> SHAKE256 -45 >> >> >> Jim >> >> > > ___ > COSE mailing list > COSE@ietf.org > https://urldefense.com/v3/__https://www.ietf.org/mailman/listinfo/cose__;!U11cABxz5NU!l1Wgt4J1m7vpUmVAJc210eIq0w2nX3wx4mddkqAX-AXr5yijD3btkT8QN5cqdYkQdfhP1OAe$ > > > ___ > COSE mailing list > COSE@ietf.org > https://www.ietf.org/mailman/listinfo/cose > ___ COSE mailing list COSE@ietf.org https://www.ietf.org/mailman/listinfo/cose
Re: [COSE] [IANA #1148103] Early Code Point Assignments
As a Chair, I approve of this early assignment. - m Matthew A. Miller On 19/07/31 09:51, Sabrina Tanamal via RT wrote: > Hi Jim, all, > > Before we can make RFC 7120 early allocations for the registrations listed > below, we need approval from a chair and an AD. > > Because these are Standards Action with Expert Review registries, we'll have > to ask the designated experts for approval as well. > > Best regards, > > Sabrina Tanamal > Senior IANA Services Specialist > > On Mon Jul 29 14:52:02 2019, i...@augustcellars.com wrote: >> Following the meeting in Montreal where I asked for the ability to do early >> point assignment for documents in the working group and got permission, >> these are the code points that I am assigning. I am only assigning points >> that I know people are asking for now, some points will be setup later. >> >> For draft-ietf-cose-x509 (https://tools.ietf.org/html/draft-ietf-cose-x509): >> >> Table COSE Header Parameters >> https://www.iana.org/assignments/cose/cose.xhtml#header-parameters >> >> Name Value >> x5bag32 >> x5chain 33 >> x5t 34 >> x5u 35 >> >> For draft-ietf-cose-hash-algs >> (https://tools.ietf.org/html/draft-ietf-cose-hash-algs): >> >> Table COSE Algorithms >> https://www.iana.org/assignments/cose/cose.xhtml#algorithms >> >> Name Value >> >> SHA-1-14 >> SHA-256/64 -15 >> SHA-256 -16 >> SHA-384 -43 >> SHA-512 -44 >> SHA-512/256 -17 >> SHAKE128 -18 >> SHAKE256 -45 >> >> >> Jim >> >> > ___ COSE mailing list COSE@ietf.org https://www.ietf.org/mailman/listinfo/cose
[COSE] Minutes from IETF 106 Session
Hello WG, The draft minutes from our session at IETF 106 are in Datatracker: < https://datatracker.ietf.org/meeting/106/materials/minutes-106-cose-00.txt > Please send any corrections to the chairs or this list. Thank you, - Ivaylo and Matthew COSE WG Chairs ___ COSE mailing list COSE@ietf.org https://www.ietf.org/mailman/listinfo/cose
Re: [COSE] Call for Consensus: Begin Recharter of COSE WG
Hello All, There's a couple days left on comments regarding rechartering. So far we have: * no objections to rechartering * no additional proposed work on non-algorithms (beyond cert compression) If you have objections to rechartering, or have additional non-algorithm work items that should be considered, please send in your comments by this Friday, 04-17. Thank you, - COSE WG Chairs Ivaylo and Matthew signature.asc Description: OpenPGP digital signature ___ COSE mailing list COSE@ietf.org https://www.ietf.org/mailman/listinfo/cose
Re: [COSE] Call for Consensus: Begin Recharter of COSE WG
With no hat ... Being a little less specific on the profile details in the charter seems worthwhile to me. I don't want it to be an open invitation to come up with a third profile, though. - m Matthew A. Miller On 20/04/17 01:30, Joel Höglund wrote: > Hi all, > > I support the charter, with the addition/comment below made by John > Mattsson about also keeping the RFC 7925 profile, as it is relevant for > the IoT scenarios we are working on. > > Best Regards > > Joel Höglund > >>> I just learned that IETF 6TiSCH is relying on IEEE 802.11AR profiled > X.509 >>> certificates instead of RFC 7925 profiled X.509 certificates. It > might be that the >>> CBOR compression should support both. This could be done with small >>> additions as the profiles are quite similar. I think the charter > should leave the >>> scope a bit more open on this point. > > ___ > COSE mailing list > COSE@ietf.org > https://www.ietf.org/mailman/listinfo/cose > ___ COSE mailing list COSE@ietf.org https://www.ietf.org/mailman/listinfo/cose
[COSE] Call for Consensus: Begin Recharter of COSE WG
Hello All, This message is to confirm the in-meeting consensus to recharter the COSE Working Group. Given the strong consensus in the meeting, we are most concerned with objections to rechartering. With all of the chartered work effectively complete, the question is raised about what to do next. In the virtual meeting today (2020-04-02), there was much support to keep the COSE Working Group open and recharter. Jim Schaad has drafted an initial revised [CHARTER]. The executive summary of that discussion: The working group will recharter to accept a limited set of work: * Algorithm definitions with IETF-level consensus and the WG's approval * A specific (to-be-determined) set of non-algorithm items (currently "compressed certificate encoding") If you have objections to rechartering, or have additional items for the Working Group to consider in its recharter, Please respond with the objections or suggestions the < cose@ietf.org > mailing list by April 17. Thank you, - COSE WG Chairs Ivaylo and Matthew ___ COSE mailing list COSE@ietf.org https://www.ietf.org/mailman/listinfo/cose
[COSE] WGLC Results on 8152bis Documents
Apologies for the extreme delay here. The WGLC for draft-ietf-cose-rfc8152bis drafts (-struct[1] and -algs[2]) has been bespoke closed for a while now. Thank you all that provided review and feedback. The chairs read that we have consensus to publish, and the latest revisions address the comments received. A request to the IESG for publication will be forthwith. Thank you again, - COSE WG Chairs Ivaylo and Matthew [1]: < https://datatracker.ietf.org/doc/draft-ietf-cose-rfc8152bis-struct > [2]> < https://datatracker.ietf.org/doc/draft-ietf-cose-rfc8152bis-algs > ___ COSE mailing list COSE@ietf.org https://www.ietf.org/mailman/listinfo/cose
Re: [COSE] Publication has been requested for draft-ietf-cose-rfc8152bis-algs-07
I believe I can do this still, and will do so, and update the shepherd write-up. - m Matthew A. Miller On 20/03/31 12:41, Benjamin Kaduk wrote: > I can change it in the datatracker as needed, too. > > -Ben > > On Tue, Mar 31, 2020 at 11:40:26AM -0700, Jim Schaad wrote: >> It has been pointed out to me that my intention was for this document to be >> informational and not an Internet Standard. I messed up the string at the >> top of the document and need to correct that. >> >> Jim >> >> >> -Original Message- >> From: COSE On Behalf Of Matthew Miller via >> Datatracker >> Sent: Tuesday, March 31, 2020 10:38 AM >> To: ka...@mit.edu >> Cc: linuxwolf+i...@outer-planes.net; cose-cha...@ietf.org; >> iesg-secret...@ietf.org; cose@ietf.org >> Subject: [COSE] Publication has been requested for >> draft-ietf-cose-rfc8152bis-algs-07 >> >> Matthew Miller has requested publication of >> draft-ietf-cose-rfc8152bis-algs-07 as Internet Standard on behalf of the >> COSE working group. >> >> Please verify the document's state at >> https://datatracker.ietf.org/doc/draft-ietf-cose-rfc8152bis-algs/ >> >> >> ___ >> COSE mailing list >> COSE@ietf.org >> https://www.ietf.org/mailman/listinfo/cose >> >> ___ >> COSE mailing list >> COSE@ietf.org >> https://www.ietf.org/mailman/listinfo/cose ___ COSE mailing list COSE@ietf.org https://www.ietf.org/mailman/listinfo/cose
[COSE] CBOR Object Signing and Encryption (cose) WG Virtual Meeting: 2020-04-02 (TOMORROW)
A reminder that our session is tomorrow at 17:00 UTC (10:00 PDT, 18:00 CEST) over Webex: URL: https://ietf.webex.com/ietf/j.php?MTID=m65dc99c8fcf80c2ad60c4bcc24f22477 Meeting Number: 318 487 000 Meeting Password: DkuJ2VDMK79 Our Agenda (with more details): 1. Administrivia (Chairs) - 5 minutes - Note Well - blue sheets (etherpad) - Minutes: https://etherpad.ietf.org:9009/p/notes-ietf-107-cose?useMonospaceFont=true - Jabber: c...@jabber.ietf.org 2. Update on drafts status (Chairs) - 15 Minutes - draft-ietf-cose-hash-sisgs - draft-ietf-cose-webauthn-algorithms - draft-ietf-cose-rfc8152bis-struct - draft-ietf-cose-rfc8152bis-algs - draft-ietf-cose-hash-algs - draft-ietf-cose-x509 3. Cert Compression (John Mattsson) - 10 Minutes - draft-mattsson-cose-cbor-cert-compress 4. Rechartering Discussion (Chairs) - 30 Minutes - draft-schaad-cose-more-algs - draft-mattsson-cose-cbor-cert-compress - Others? 5. AOB - COSE WG Chairs Ivaylo and Matthew ___ COSE mailing list COSE@ietf.org https://www.ietf.org/mailman/listinfo/cose
[COSE] [CLOSED] Call for Consensus Confirmation: Progressing rfc8152bis-struct and Countersignatures
Having no objections, we'll proceed with the previously proposed actions. Jim, at your convenience, please publish the indicated changes to -rfc8152bis-struct. Also please submit the countersignatures v2 document as a working group document. Thank you all, -Ivaylo and Matthew COSE WG Chairs > On Aug 26, 2020, at 13:58, Matthew A. Miller > wrote: > > Hello COSE WG, > > The interim meeting today focused on countersignatures, and there was > rough consensus on a proposed plan. The chairs are seeking any > objections for a proposed breakdown to move forward countersignatures. > > 1) The working group will have two documents: rfc8152bis-struct for the > current state of the art, and a separate (still to be written) document > that describes the improved countersignatures (colloquially V2). > -rfc8152bis-struct will include an informative reference to this new > document in order to progress. Please inform the WG if you object to > separating countersignatures into a separate document. > > 2) The current countersignatures algorithm will be removed from > -rfc8152bis-struct, and in its place will be the rationale for > deprecating the "v1" countersignatures; readers will be directed to RFC > 8152 for information on implementing them. Please inform the WG if you > object to dropping "Countersignatures v1" from -rfc8152bis-struct. > > Please respond to this message with your objection to (1) and/or (2) > above. This call expires in approximately one week, on September 2. > Please be sure to respond with objections before then. > > > Thank you, > - Ivaylo and Matthew > COSE WG Chairs ___ COSE mailing list COSE@ietf.org https://www.ietf.org/mailman/listinfo/cose
[COSE] Virtual Interim 2020-08-26 -- Recording and Minutes and Next
The recording for last week's session can be found here: < https://ietf.webex.com/ietf/ldr.php?RCID=ce4a477b56724b0ea5873646358c7e7b > The minutes have been uploaded to datatracker: < https://www.ietf.org/proceedings/interim-2020-cose-02/minutes/minutes-interim-2020-cose-02-202008261600-00 > Please note there is another interim scheduled in one week, 9 September 2020 at 16:00 UTC. Thank you again to Francesca for capturing decisions and actions, and thank you to everyone that participated in the last interim. - Ivaylo and Matthew COSE WG Chairs ___ COSE mailing list COSE@ietf.org https://www.ietf.org/mailman/listinfo/cose
[COSE] Virtual Interim Meeting 2020-08-26
Hello all, We have an interim meeting Wednesday, 26 August 2020 at 16:00 UTC. The agenda is to progress a new CounterSignature mechanism that addresses the discovered defects. This interim will be conducted via Webex < https://ietf.webex.com/ietf/j.php?MTID=m5528e10375ba600e61b9133f1f8bcfa7 >. The fuller proposed agenda is below and is located in datatracker. The meeting iCalendar event is attached. " # COSE WG @ 2020-08-26 Interim Agenda Where: Webex When: 2020-08-26 @ 16:00 - 17:00 UTC * Notes/Minutes: < TBD @ codimd > * Jabber: < xmpp:c...@jabber.ietf.org?join > * Webex: https://ietf.webex.com/ietf/j.php?MTID=m5528e10375ba600e61b9133f1f8bcfa7 ## 0. Administrivia (Chairs) - 5 minutes (16:00 - 16:05) * Bluesheets (see notes) * Note taker(s) * Jabber scribe * Agenda + Bartering ## 1. Countersignature Recap (Chairs) - 5 minutes (16:05 - 16:10) ## 1. Progression of -8152bis-struct (Jim Schaad) - 20 minutes (16:10 - 16:30) * Mail thread < https://mailarchive.ietf.org/arch/msg/cose/SdW-ployB8TCtD54RU5IZg5uQVo/ > ## 2. CounterSignature v2 Proposal (Jim Schaad) - 25 minutes (16:30 - 16:55) * Mail thread < https://mailarchive.ietf.org/arch/msg/cose/6-vyoetZboIdrwwEYoYlj9QY_3Q/ > * -rfc1852bis-struct § 5 < https://tools.ietf.org/html/draft-ietf-cose-rfc8152bis-struct-12#section-5 > ## 3. Wrap-up (Chairs) - 5 minutes (16:55 - 17:00) * Next steps * Next meeting? (2020-09-09 @ 16:00) " -- Ivaylo and Matthew COSE WG BEGIN:VCALENDAR PRODID:-//Microsoft Corporation//Outlook 10.0 MIMEDIR//EN VERSION:2.0 METHOD:REQUEST BEGIN:VTIMEZONE TZID:Europe/Brussels TZURL:http://tzurl.org/zoneinfo-outlook/Europe/Brussels X-LIC-LOCATION:Europe/Brussels BEGIN:DAYLIGHT TZOFFSETFROM:+0100 TZOFFSETTO:+0200 TZNAME:CEST DTSTART:19700329T02 RRULE:FREQ=YEARLY;BYMONTH=3;BYDAY=-1SU END:DAYLIGHT BEGIN:STANDARD TZOFFSETFROM:+0200 TZOFFSETTO:+0100 TZNAME:CET DTSTART:19701025T03 RRULE:FREQ=YEARLY;BYMONTH=10;BYDAY=-1SU END:STANDARD END:VTIMEZONE BEGIN:VEVENT DTSTAMP:20200811T150947Z ATTENDEE;CN="COSE Working Group";ROLE=REQ-PARTICIPANT;RSVP=FALSE:MAILTO:cose-cha...@ietf.org ORGANIZER;CN="Cisco Webex":MAILTO:messen...@webex.com DTSTART;TZID=Europe/Brussels:20200826T18 DTEND;TZID=Europe/Brussels:20200826T19 LOCATION:https://ietf.webex.com/ietf/j.php?MTID=m5528e10375ba600e61b9133f1f8bcfa7 TRANSP:OPAQUE SEQUENCE:1597158587 UID:51e88c5d-618c-4f70-b8fc-7f991a70 DESCRIPTION:\n\nJOIN WEBEX MEETING\nhttps://ietf.webex.com/ietf/j.php?MTID=m5528e10375ba600e61b9133f1f8bcfa7\nMeeting number (access code): 171 745 9639\n\n\nMeeting password: 6YZbzJ9U6d9\n\n\n\nTAP TO JOIN FROM A MOBILE DEVICE (ATTENDEES ONLY)\n+1-650-479-3208,,1717459639## tel:%2B1-650-479-3208,,*01*1717459639%23%23*01* Call-in toll number (US/Canada)\n\n\nJOIN BY PHONE\n1-650-479-3208 Call-in toll number (US/Canada)\n\nGlobal call-in numbers\nhttps://ietf.webex.com/ietf/globalcallin.php?MTID=ma2817d3dce48bb0eb88c7fdf0c76d188\n\n\nJOIN FROM A VIDEO SYSTEM OR APPLICATION\nDial sip:1717459...@ietf.webex.com\nYou can also dial 173.243.2.68 and enter your meeting number.\n\n\nJoin using Microsoft Lync or Microsoft Skype for Business\nDial sip:1717459639.i...@lync.webex.com\n\n\n\nIf you are a host, click here to view host information:\nhttps://ietf.webex.com/ietf/j.php?MTID=mc4b2df631d7ba6352e1aa998e22affcd\n\n\n\nCan't join the meeting? Contact support here:\nhttps://ietf.webex.com/ietf/mc\n\n\nIMPORTANT NOTICE: Please note that this Webex service allows audio and other information sent during the session to be recorded, which may be discoverable in a legal matter. You should inform all meeting attendees prior to recording if you intend to record the meeting.\n X-ALT-DESC;FMTTYPE=text/html:\ntable {\n border-collapse: separate; width =100%; border: 0; border-spacing: 0;}\n\ntr {\n line-height: 18px;}\n\na, td {\n font-size: 14px; font-family: Arial; color: #333; word-wrap: break-word; word-break: normal; padding: 0;}\n\n.title {\n font-size: 28px;}\n\n.image {\n width: auto; max-width: auto;}\n\n.footer {\n width: 604px;}\n\n.main {\n\n}@media screen and (max-device-width: 800px) {\n .title {\n font-size: 22px !important; }\n .image {\n width: auto !important; max-width: 100% !important; }\n .footer {\n width: 100% !important; max-width: 604px !important\n }\n .main {\n width: 100% !important; max-width: 604px !important\n }\n}\n\n\n\n \n \n \n \n\n\n\n \n\n \n When it's time, join the Webex meeting here.\n \n\n\n\n \n Meeting number (access code): 171 745 9639\n \n\n \n Meeting password:6YZbzJ9U6d9\n\n\n \n \n\n \n \n https://ietf.webex.com/ietf/j.php?MTID=m5528e10375ba600e61b9133f1f8bcfa7; style="color:#FF; font-size:20px; text-decoration:none;">Join meeting\n \n \n\n \n \n\n \n\n\n Tap to join from a mobile device (attendees only) +1-650-479-3208,,1717459639## Call-in toll number (US/Canada) Join by phone 1-650-479-3208 Call-in
[COSE] Call for Consensus Confirmation: Progressing rfc8152bis-struct and Countersignatures
Hello COSE WG, The interim meeting today focused on countersignatures, and there was rough consensus on a proposed plan. The chairs are seeking any objections for a proposed breakdown to move forward countersignatures. 1) The working group will have two documents: rfc8152bis-struct for the current state of the art, and a separate (still to be written) document that describes the improved countersignatures (colloquially V2). -rfc8152bis-struct will include an informative reference to this new document in order to progress. Please inform the WG if you object to separating countersignatures into a separate document. 2) The current countersignatures algorithm will be removed from -rfc8152bis-struct, and in its place will be the rationale for deprecating the "v1" countersignatures; readers will be directed to RFC 8152 for information on implementing them. Please inform the WG if you object to dropping "Countersignatures v1" from -rfc8152bis-struct. Please respond to this message with your objection to (1) and/or (2) above. This call expires in approximately one week, on September 2. Please be sure to respond with objections before then. Thank you, - Ivaylo and Matthew COSE WG Chairs ___ COSE mailing list COSE@ietf.org https://www.ietf.org/mailman/listinfo/cose
Re: [COSE] New option going forward for COSE struct
Speaking with no hat ... My personal preference would be to deprecate counter-signatures from -struct so it can progress, and document the v2 in a separate document. I have small personal preference for deprecating the v1 counter-signature in -struct while keeping its process documented, but it's a small preference. I'm in favor of two documents, but not three. For me, I think that means either counter-signatures are consolidated into a single document, or the v1 is left in RFC 8152. As a radical opinion, maybe consider leaving the v1 mechanism behind in RFC 8152 and only discuss its deprecation in -struct. - m Matthew A. Miller On 20/08/24 10:17, Jim Schaad wrote: > At the virtual IETF meeting where had a long discussion on how the structure > document should progress without getting any type of final conclusions. > Since that time I have come up with a new option which I think should be > added to the discussion. > > 1. Have a single document with the new countersignature algorithm added. > This has the advantage that everything is in one place, it is easy to tag > the current countersignature algorithm header parameters as deprecated > because there is a new replacement in the document. > > 2. Have two documents (version 1): Fix the description of the current > countersignature algorithm in the bis document and progress that. Create a > new document which contains the new countersignature algorithm. This would > be an odd choice because I am not sure how the current countersignature > algorithm should be tagged. Not deprecating seems wrong but trying to > deprecate later also seems to be a strange thing to do. > > 3. Have two documents (version 2): Pull the current countersignature > algorithm out of the core document and allow it to progress to full standard > without a countersignature algorithm at all. Create a new document with > both the new and old countersignature algorithms tagging the old one as > deprecated. This can then be added to the STD number in the future. > > 4. Have two documents (version 3): Pull the current countersignature > algorithm out of the core document and add the new countersignature > algorithm to it. Create new document which contains the old > countersignature algorithm and publish it as historical. This is cleaner in > many respects as the deprecated version of the countersignature algorithm > would be in a document which is clearly marked as not being what is to be > used. > > 5. Have three documents: Pull the current countersignature algorithm out of > the core document and advance it to full standard. Create two new > documents, one for each of the countersignature algorithms. The old > countersignature algorithm would be published as historic and the new > document can be cycled as needed until it is ready and then added to the STD > number as a second document. > > I suggested the last option to the chairs in a private email mostly as an > option that exists but I was not really serious about it. However, in > retrospect I am starting to warmup to the way of doing things as it has > several advantages. The current structure document can progress without any > big problems. (Yes I still need to deal with Ben's discuss, but it is kind > of meta.) It also means that the two countersignature algorithms are > separated and clearly marked in the RFCs themselves as to what there > statuses are. There are no issues with having multiple documents in the > full standard so adding the countersignature v2 document later is not a > problem. > > Jim > > > ___ > COSE mailing list > COSE@ietf.org > https://www.ietf.org/mailman/listinfo/cose > signature.asc Description: OpenPGP digital signature ___ COSE mailing list COSE@ietf.org https://www.ietf.org/mailman/listinfo/cose
Re: [COSE] Secdir last call review of draft-ietf-cose-webauthn-algorithms-06
Hello Linda, Thanks for the review. Speaking on the author's behalf, SHA-2 is defined as the collection of hash algorithms, including all of those cited (SHA-256, SHA-384, SHA-512). Do you believe it is critical to call this out explicitly? - m Matthew A. Miller On 20/05/26 17:51, Linda Dunbar via Datatracker wrote: > Reviewer: Linda Dunbar > Review result: Not Ready > > I have reviewed this document as part of the security directorate's ongoing > effort to review all IETF documents being processed by the IESG. These > comments were written primarily for the benefit of the security area > directors. > Document editors and WG chairs should treat these comments just like any > other > last call comments. > > This document is to list down the COSE Algorithms to be registered to > IANA. But it seems the description is not complete. In the Section 2: among > the > 4 algorithms listed under RSASSA-PKCS1-v1_5, three are NOT recommended, one is > deprecated. Under the Security Consideration (Section 5), Section 5.2 > describes > why SHA-2 is "Not Recommended", Section 5.3 describes why SHA-1 is > "Deprecated". What about the description on why SHA-512, SHA-384, and > SHA-256 > are not recommended? Is the missing description intended? > > Best Regards, > > Linda Dunbar > > > ___ COSE mailing list COSE@ietf.org https://www.ietf.org/mailman/listinfo/cose
[COSE] Call for Consensus: CounterSignature Discussion
This message is to confirm consensus to deprecate the current CounterSignature feature and replace it with one that best accounts for all COSE message types. At the synchronous WG meeting on July 29, the issue with countersignatures was heavily discussed. In summary, the currently-defined CounterSignature mechanism is not processed with the cryptographic content for certain COSE message types. The consensus from the meeting is to mark the current CounterSignature process and structure deprecated in rfc8152bis and define a new one that properly accounts for the cryptographic. Further consensus leaned toward an aggressive approach, incorporating all bstr elements in the target structure when computing the signature. To complete the new CounterSignature method, the sense in the meeting is to have a series of virtual interims. The details of the new method and where it fits as working group items is still to be determined. Jim Schaad posted a starting proposal for a method[1], and an initial discussion on how to approach this as a working group item[2]. Given the participation in the meeting is very close to the participation on the list, we are only seeking objections. If you have objections, please inform the list and why you object. A following message will propose times for interims, ideally starting this month (August). Thank you, - Ivaylo and Matthew COSE WG Chairs -- [1]: < https://mailarchive.ietf.org/arch/msg/cose/6-vyoetZboIdrwwEYoYlj9QY_3Q/ > [2]: < https://mailarchive.ietf.org/arch/msg/cose/8Mxcnsq9sm_pXQAm-2bexKxpaMU/ > ___ COSE mailing list COSE@ietf.org https://www.ietf.org/mailman/listinfo/cose
[COSE] Fwd: [108all] Final reminder: IETF 108 meeting survey
If you participated in last weeks festivities and have not filled out the meeting survey, please consider doing so. The survey is at: < https://www.surveymonkey.com/r/T3SL7JF > Thanks! - Ivaylo and Matthew COSE WG Chairs On 20/08/05 04:30, IETF Executive Director wrote: > Thank you very much to the ~230 people who have filled in the IETF 108 > meeting survey as this data is crucial to helping us plan future meetings. > We could still use another 70 or so responses and so this is a final reminder > to please help us by taking a few minutes to complete the survey: > > https://www.surveymonkey.com/r/T3SL7JF > > Thanks in advance > ___ COSE mailing list COSE@ietf.org https://www.ietf.org/mailman/listinfo/cose
Re: [COSE] IETF-108 Session - REQUESTING VOLUNTEERS
As you may have noticed, the schedule is a little tight. To help get going more quickly, we are soliciting volunteers now for: * taking notes/minutes (grab action items) * scribing to Jabber (relay "MIC" comments from Jabber to meetecho, Please message < cose-cha...@ietf.org > if you can help. Thank you! - Ivaylo and Matthew COSE WG Chairs ___ COSE mailing list COSE@ietf.org https://www.ietf.org/mailman/listinfo/cose
[COSE] IETF-108 Session - 2020-07-29 @ 13:00 UTC
Hello COSE WG, A reminder the session is Wednesday (tomorrow)! Where: Meetecho When: 2020-07-29 @ 13:00-13:50 UTC * Notes: https://codimd.ietf.org/notes-ietf-108-cose * Jabber: xmpp:c...@jabber.ietf.org?join * Meetecho: https://meetings.conf.meetecho.com/ietf108/?group=cose==1 The updated agenda is below and at: https://www.ietf.org/proceedings/108/agenda/agenda-108-cose-03 Some Meetecho tips we recommend, based on our experiences: * If you want to queue “at the mic”, always Request Audio - Request Video is optional * If you are speaking, first state your name * If you are taking or tracking notes, open in a new tab/window - Windows (Chrome/Firefox/Edge): CTRL + left_click - MacOS (Chrome/Firefox/Safari): ⌘ + left_click - Linux (Chrome/Firefox): CTRL + left_click """ ## 0. Administrivia (Chairs) - 5 minutes (13:00 - 13:05) * ~Bluesheets~ * Note taker(s) * Jabber Scribe * Agenda + Bartering ## 1. Document Status (Chairs) - 5 minutes (13:05 - 13:10) * https://datatracker.ietf.org/doc/draft-ietf-cose-webauthn-algorithms/ * https://datatracker.ietf.org/doc/draft-ietf-cose-x509/ * https://datatracker.ietf.org/doc/draft-ietf-cose-hash-algs/ * https://datatracker.ietf.org/doc/draft-ietf-cose-rfc8152bis-algs/ ### 1.1 Struct Discuss (Jim Schaad) - 10 minutes (13:10 - 13:20) * https://datatracker.ietf.org/doc/draft-ietf-cose-rfc8152bis-struct/ * https://mailarchive.ietf.org/arch/msg/cose/yjKTObY8Gb387p6V4gwAFHts72g/ ## 2. Cert Compression (Joel Höglund) - 10 minutes (13:20 - 13:30) * https://tools.ietf.org/html/draft-mattsson-cose-cbor-cert-compress-01 ## 3. More Algorithms (Jim Schaad) - 5 minutes (13:30 - 13:35) * https://tools.ietf.org/html/draft-schaad-cose-more-algs-01 ## 4. Chartering (Chairs) - 15 minutes (13:35 - 13:50) * (WIP) https://github.com/cose-wg/Charter/blob/master/Charter.md """ - Ivaylo & Matthew COSE WG Chairs ___ COSE mailing list COSE@ietf.org https://www.ietf.org/mailman/listinfo/cose
[COSE] COSE WG @ IETF-108 Minutes
Minutes from the COSE WG @ IETF-108 session are uploaded to datatracker. Please send any corrections and the minutes will be updated. * Minutes: < https://www.ietf.org/proceedings/108/minutes/minutes-108-cose-01.txt > A big thank you to Francesca Palombini for taking minutes. -- Ivaylo and Matthew COSE WG Chairs ___ COSE mailing list COSE@ietf.org https://www.ietf.org/mailman/listinfo/cose
[COSE] Preliminary Agenda and Call for Items @ IETF 108
This is well overdue, but here is a preliminary agenda based on activities. If anyone has more to discuss, please alert the chairs. The COSE WG session is scheduled for 50 minutes on Wednesday, 20 July at 11:00 UTC. Note this is quite early for those of located in western North America (including a document author and a co-chair); bear with any grogginess. < https://www.ietf.org/proceedings/108/agenda/agenda-108-cose-00.txt > """ COSE WG Agenda IETF 108 - Virtual/Meetecho 2020-07-29 @ 11:00 UTC ## 0. Administrivia (Chairs) - 5 minutes * NOTE WELL * Bluesheets * Jabber + Minutes * Agenda Bartering ## 1. Document Status (Chairs) - 10 minutes * https://datatracker.ietf.org/doc/draft-ietf-cose-webauthn-algorithms/ * https://datatracker.ietf.org/doc/draft-ietf-cose-rfc8152bis-struct/ * https://datatracker.ietf.org/doc/draft-ietf-cose-rfc8152bis-algs/ * https://datatracker.ietf.org/doc/draft-ietf-cose-hash-algs/ * https://datatracker.ietf.org/doc/draft-ietf-cose-x509/ ## 2. Cert Compression (Joel Höglund) - 10 minutes * https://tools.ietf.org/html/draft-mattsson-cose-cbor-cert-compress-01 ## 3. Chartering (Chairs) - 20 minutes * (WIP) https://github.com/cose-wg/Charter/blob/master/Charter.md ## 4. AOB """ -- Ivaylo and Matthew COSE Chairs ___ COSE mailing list COSE@ietf.org https://www.ietf.org/mailman/listinfo/cose