Diff: rfc8769xml2.original.xml

	rfc8769xml2.original.xml	rfc8769.xml
	<?xml version='1.0' encoding='utf-8'?>	<?xml version='1.0' encoding='utf-8'?>

		<!DOCTYPE rfc SYSTEM "rfc2629-xhtml.ent">
	<?xml-stylesheet type="text/xsl" href="rfc2629.xslt" ?>	<?xml-stylesheet type="text/xsl" href="rfc2629.xslt" ?>

	<?rfc toc="yes"?>
	<?rfc symrefs="yes"?>	<rfc xmlns:xi="http://www.w3.org/2001/XInclude" ipr="trust200902"
	<?rfc sortrefs="yes"?>	docName="draft-schaad-cbor-content-02" category="info" version="3"
	<?rfc comments="yes"?>	submissionType="IETF" number="8769" consensus="true" symRefs="true"
	<rfc ipr="trust200902" docName="draft-schaad-cbor-content-02" category="info" ve	sortRefs="true" tocInclude="true" xml:lang="en">
	rsion="3" submissionType="IETF">
	<front>	<front>

	<title>Cryptographic Message System (CMS) Content Types for Concise Binary O
	bject Representation (CBOR)</title>	<title abbrev="CMS Content Types for CBOR">Cryptographic Message Syntax (CMS
		) Content Types for Concise Binary
		Object Representation (CBOR)</title>
		<seriesInfo name="RFC" value="8769" />
	<author initials="J." surname="Schaad" fullname="Jim Schaad">	<author initials="J." surname="Schaad" fullname="Jim Schaad">
	<organization>August Cellars</organization>	<organization>August Cellars</organization>
	<address>	<address>
	<email>ietf@augustcellars.com</email>	<email>ietf@augustcellars.com</email>
	</address>	</address>
	</author>	</author>

	<date/>	<date month="March" year="2020"/>
	<area>Security</area>	<area>Security</area>


	<abstract>	<abstract>
	<t>	<t>
	Concise Binary Object Representation (CBOR) is becoming a widely used me thod of doing content encoding.	Concise Binary Object Representation (CBOR) is becoming a widely used me thod of doing content encoding.

	Cryptographic Message System (CMS) is still a widely used method of doin g message-based security.	The Cryptographic Message Syntax (CMS) is still a widely used method of doing message-based security.
	This document defines a set of content types for CMS that hold CBOR cont ent.	This document defines a set of content types for CMS that hold CBOR cont ent.
	</t>	</t>
	</abstract>	</abstract>
	</front>	</front>
	<middle>	<middle>
	<section>	<section>
	<name>Introduction</name>	<name>Introduction</name>
	<t>	<t>

	Concise Binary Object Representation (CBOR) <xref target="RFC7049"/> is	Concise Binary Object Representation (CBOR) <xref target="RFC7049"/>
	a compact self-describing binary encoding formation that is starting to be used	is a compact self-describing binary encoding formation that is
	in many different applications.	starting to be used in many different applications.
	One of the primary uses of CBOR is in the Internet of Things where the c	One of the primary uses of CBOR is in the Internet of Things, the
	onstrained nature means that having minimal size of encodings becomes very impor	constrained nature of which means that having minimal size of
	tant.	encodings becomes very important.
	The use of the Cryptographic Message System (CMS) <xref target="RFC5652"	The Cryptographic Message Syntax (CMS) <xref
	/> is still one of the most common method for providing message-based security,	target="RFC5652"/> is still one of the most common methods for
	although in many cases the CBOR Object Signing and Encryption (COSE) <xref targe	providing message-based security, although in many cases, the CBOR
	t="RFC8152"/> message-based security system is starting to be used.	Object Signing and Encryption (COSE) <xref target="RFC8152"/>
	Given that CBOR is going to be transported using CMS, it makes sense to	message-based security system is starting to be used.
	define CMS content types for the purpose of denoting that the embedded content i	Given that CBOR is going to be transported using CMS, it makes sense
	s CBOR.	to define CMS content types for the purpose of denoting that the
	This document defines two new content types: CBOR Content Type and CBOR	embedded content is CBOR.
	Sequence Content Type <xref target="I-D.ietf-cbor-sequence"/>.	This document defines two new content types: CBOR content type and
		CBOR Sequence content type <xref target="RFC8742"/>.
	</t>	</t>
	</section>	</section>

	<section>	<section>
	<name>CBOR Content Type</name>	<name>CBOR Content Type</name>
	<t>	<t>
	<xref target="RFC7049"/> defines an encoded CBOR item.	<xref target="RFC7049"/> defines an encoded CBOR item.
	This section defines a new content type for wrapping an encoded CBOR ite m in a CMS object.	This section defines a new content type for wrapping an encoded CBOR ite m in a CMS object.
	</t>	</t>

	<t>	<t>
	The following object identifier identifies the CBOR content type:	The following object identifier identifies the CBOR content type:
	</t>	</t>

		<sourcecode type="asn.1"><![CDATA[
	<artwork>
	id-ct-cbor OBJECT IDENTIFIER ::= { iso(1) member-body(2) usa(840)	id-ct-cbor OBJECT IDENTIFIER ::= { iso(1) member-body(2) usa(840)

	rsadsi(113549) pkcs(1) pkcs9(9) smime(16) ct(1) TBD1 }	rsadsi(113549) pkcs(1) pkcs9(9) smime(16) ct(1) 44 }]]>
	</artwork>	</sourcecode>

	<t>	<t>
	The CBOR content type is intended to refer to a single object encoded us ing the CBOR encoding format <xref target="RFC7049"/>.	The CBOR content type is intended to refer to a single object encoded us ing the CBOR encoding format <xref target="RFC7049"/>.
	Nothing is stated about the specific CBOR object that is included.	Nothing is stated about the specific CBOR object that is included.

	CBOR can always be decoded to a tree as the encoding is self descriptive .	CBOR can always be decoded to a tree, as the encoding is self descriptiv e.
	</t>	</t>

	<t>	<t>

	The CBOR content type is intended to be encapsulated in the signed data	The CBOR content type is intended to be encapsulated in the signed
	and auth-enveloped data, but can be included in any CMS wrapper.	data and auth-enveloped data, but it can be included in any CMS wrapper.
	It cannot be predicted if the compressed CMS encapsulation will provide	It cannot be predicted whether the compressed CMS encapsulation will
	compression as the content may be binary rather than text.	provide compression, because the content may be binary rather than text.
	</t>	</t>

	<t>	<t>

	<xref target="RFC7193"/> defined an optional parameter "innerContent" to	<xref target="RFC7193"/> defined an optional parameter,
	allow for identification of what the inner content is for an application/cms me	"innerContent", to allow for identification of what the inner content
	dia type.	is for an application/cms media type.
	This document defines the string "cbor" as a new value that can be place	This document defines the string "cbor" as a new value that can be
	d here when a CBOR content type is used.	placed in this parameter when a CBOR content type is used.
	</t>	</t>

	</section>	</section>

	<section>	<section>
	<name>CBOR Sequence Content Type</name>	<name>CBOR Sequence Content Type</name>
	<t>	<t>

	<xref target="I-D.ietf-cbor-sequence"/> defines a CBOR Sequence as a con catenation of zero or more CBOR objects.	<xref target="RFC8742"/> defines a CBOR Sequence as a concatenation of z ero or more CBOR objects.
	This section defines a new content type for wrapping a CBOR Sequence in a CMS object.	This section defines a new content type for wrapping a CBOR Sequence in a CMS object.
	</t>	</t>

	<t>	<t>
	The following object identifier identifies the CBOR Sequence content typ e:	The following object identifier identifies the CBOR Sequence content typ e:
	</t>	</t>

	<artwork>
		<sourcecode type="asn.1"><![CDATA[
	id-ct-cborSequence OBJECT IDENTIFIER ::= { iso(1) member-body(2)	id-ct-cborSequence OBJECT IDENTIFIER ::= { iso(1) member-body(2)
	usa(840) rsadsi(113549) pkcs(1) pkcs9(9) smime(16) ct(1)	usa(840) rsadsi(113549) pkcs(1) pkcs9(9) smime(16) ct(1)

	TBD2 }	45 }]]>
	</artwork>	</sourcecode>

	<t>	<t>
	The CBOR Sequence content type is intended to refer to a sequence of obj ects encoded using the CBOR encoding format.	The CBOR Sequence content type is intended to refer to a sequence of obj ects encoded using the CBOR encoding format.
	The objects are concatenated without any markers delimiting the individu al CBOR objects.	The objects are concatenated without any markers delimiting the individu al CBOR objects.
	Nothing is stated about the specific CBOR objects that are included.	Nothing is stated about the specific CBOR objects that are included.

	CBOR can always be decoded to a tree as the encoding is self descriptive .	CBOR can always be decoded to a tree, because the encoding is self descr iptive.
	</t>	</t>

	<t>	<t>

	The CBOR Sequence content type is intended to be encapsulated in the sig	The CBOR Sequence content type is intended to be encapsulated in the
	ned data and auth-enveloped data, but can be included in any CMS wrapper.	signed data and auth-enveloped data, but it can be included in any CMS
	It cannot be predicted if the compressed CMS encapsulation will provide	wrapper. It cannot be predicted whether the compressed CMS encapsulation
	compression as the content may be binary rather than text.	will
		provide compression, because the content may be binary rather than text.
	</t>	</t>

	<t>	<t>

	<xref target="RFC7193"/> defined an optional parameter "innerContent" to	<xref target="RFC7193"/> defined an optional parameter, "innerContent",
	allow for identification of what the inner content is for an application/cms me	to allow for identification of what the inner content is for an application/cms
	dia type.	media type.
	This document defines the string "cborSequence" as a new value that can	This document defines the string "cborSequence" as a new value that
	be placed here when a CBOR Sequence content type is used.	can be placed in this parameter when a CBOR Sequence content type is used
		.
	</t>	</t>
	</section>	</section>

	<section>	<section>
	<name>ASN.1 Module</name>	<name>ASN.1 Module</name>

	<artwork>
		<sourcecode type="asn.1"><![CDATA[
	CborContentTypes { iso(1) member-body(2) usa(840)	CborContentTypes { iso(1) member-body(2) usa(840)
	rsadsi(113549) pkcs(1) pkcs9(9) smime(16) modules(0)	rsadsi(113549) pkcs(1) pkcs9(9) smime(16) modules(0)

	id-mod-cbor-2019(TBD3) }	id-mod-cbor-2019(71) }
	DEFINITIONS EXPLICIT TAGS ::=	DEFINITIONS EXPLICIT TAGS ::= BEGIN
	BEGIN
	IMPORTS


		IMPORTS
	CONTENT-TYPE	CONTENT-TYPE
	FROM CryptographicMessageSyntax-2010	FROM CryptographicMessageSyntax-2010
	{ iso(1) member-body(2) us(840) rsadsi(113549)	{ iso(1) member-body(2) us(840) rsadsi(113549)
	pkcs(1) pkcs-9(9) smime(16) modules(0) id-mod-cms-2009(58) }	pkcs(1) pkcs-9(9) smime(16) modules(0) id-mod-cms-2009(58) }
	;	;

	id-ct-cbor OBJECT IDENTIFIER ::= { iso(1) member-body(2)	id-ct-cbor OBJECT IDENTIFIER ::= { iso(1) member-body(2)
	us(840) rsadsi(113549) pkcs(1) pkcs9(9) smime(16) ct(1)	us(840) rsadsi(113549) pkcs(1) pkcs9(9) smime(16) ct(1)

	TBD1 }	44 }

	id-ct-cborSequence OBJECT IDENTIFIER ::= { iso(1) member-body(2)	id-ct-cborSequence OBJECT IDENTIFIER ::= { iso(1) member-body(2)
	us(840) rsadsi(113549) pkcs(1) pkcs9(9) smime(16) ct(1)	us(840) rsadsi(113549) pkcs(1) pkcs9(9) smime(16) ct(1)

	TBD2 }	45 }

	-- Content is encoded directly and does not have any ASN.1	-- Content is encoded directly and does not have any ASN.1
	-- structure	-- structure
	ct-Cbor CONTENT-TYPE ::= { IDENTIFIED BY id-ct-cbor }	ct-Cbor CONTENT-TYPE ::= { IDENTIFIED BY id-ct-cbor }

	-- Content is encoded directly and does not have any ASN.1	-- Content is encoded directly and does not have any ASN.1
	-- structure	-- structure
	ct-CborSequence CONTENT-TYPE ::= {	ct-CborSequence CONTENT-TYPE ::= {
	IDENTIFIED BY id-ct-cborSequence	IDENTIFIED BY id-ct-cborSequence
	}	}


	END	END]]>
	</artwork>	</sourcecode>

	</section>	</section>

	<section>	<section>
	<name>IANA Considerations</name>	<name>IANA Considerations</name>
	<t>	<t>

	In the "SMI Security for S/MIME Module Identifier" registry, create a ne	IANA has registered the following in the "SMI Security for S/MIME
	w entry to point to this document.	Module Identifier (1.2.840.113549.1.9.16.0)" subregistry within the
		SMI Numbers registry:
	</t>	</t>
	<table>	<table>
	<thead>	<thead>
	<tr>	<tr>

	<td>Decimal</td><td>Description</td><td>References</td>	<th>Decimal</th>
		<th>Description</th>
		<th>References</th>
	</tr>	</tr>
	</thead>	</thead>
	<tbody>	<tbody>
	<tr>	<tr>

	<td>TBD3</td><td>id-mod-cbor-2019</td><td>[[This Document]]</td>	<td>71</td><td>id-mod-cbor-2019</td><td>RFC 8769</td>
	</tr>	</tr>
	</tbody>	</tbody>
	</table>	</table>

	<t>	<t>

	In the "SMI Security for S/MIME Content Types" registry, add two new ent	IANA has registered the following in the
	ries for id-ct-cbor and id-ct-cborSequence that point to this document.	"SMI Security for S/MIME CMS Content Type (1.2.840.113549.1.9.16.1)"
		subregistry within the SMI Numbers registry:
	</t>	</t>

	<table>	<table>
	<thead>	<thead>
	<tr>	<tr>

	<td>Decimal</td><td>Description</td><td>References</td>	<th>Decimal</th><th>Description</th><th>References</th>
	</tr>	</tr>
	</thead>	</thead>
	<tbody>	<tbody>
	<tr>	<tr>

	<td>TBD1</td><td>id-ct-cbor</td><td>[[This Document]]</td>	<td>44</td><td>id-ct-cbor</td><td>RFC 8769</td>
	</tr>	</tr>
	<tr>	<tr>

	<td>TBD2</td><td>id-ct-cborSequence</td><td>[[This Document]]</td>	<td>45</td><td>id-ct-cborSequence</td><td>RFC 8769</td>
	</tr>	</tr>
	</tbody>	</tbody>
	</table>	</table>

	<t>	<t>

	In the table "CMS Inner Content Types" add two new entries:	IANA has registered the following in the "CMS Inner Content Types"
		subregistry within the "MIME Media Type Sub-Parameter Registries":
	</t>	</t>

	<table>	<table>
	<thead>	<thead>
	<tr>	<tr>

	<td>Name</td><td>Object Identifier</td><td>Reference</td>	<th>Name</th><th>Object Identifier</th><th>Reference</th>
	</tr>	</tr>
	</thead>	</thead>
	<tbody>	<tbody>
	<tr>	<tr>

	<td>cbor</td><td>1.2.840.113549.1.9.16.1.TBD1</td><td>[[This Document] ]</td>	<td>cbor</td><td>1.2.840.113549.1.9.16.1.44</td><td>RFC 8769</td>
	</tr>	</tr>
	<tr>	<tr>

	<td>cborSequence</td><td>1.2.840.113549.1.9.16.1.TBD2</td><td>[[This D ocument]]</td>	<td>cborSequence</td><td>1.2.840.113549.1.9.16.1.45</td><td>RFC 8769</ td>
	</tr>	</tr>
	</tbody>	</tbody>
	</table>	</table>
	</section>	</section>

	<section>	<section>
	<name>Security Considerations</name>	<name>Security Considerations</name>
	<t>	<t>

	This document only provides identification for content types, it does no	This document only provides identification for content types; it does
	t introduce any new security issues by itself.	not introduce any new security issues by itself.
	The new content types mean that id-data does not need to be used to iden	The new content types mean that id-data does not need to be used to
	tify these content types and thus can reduce confusion.	identify these content types; they can therefore reduce confusion.
	</t>	</t>
	</section>	</section>
	</middle>	</middle>
	<back>	<back>
	<displayreference target="RFC5652" to="CMS"/>	<displayreference target="RFC5652" to="CMS"/>
	<displayreference target="RFC7049" to="CBOR"/>	<displayreference target="RFC7049" to="CBOR"/>
	<displayreference target="RFC8152" to="COSE"/>	<displayreference target="RFC8152" to="COSE"/>

	<displayreference target="I-D.ietf-cbor-sequence" to="CBOR-SEQ"/>	<displayreference target="RFC8742" to="CBOR-SEQ"/>

	<references>	<references>
	<name>Normative References</name>	<name>Normative References</name>


	<?rfc include="reference.RFC.5652.xml" ?>	<xi:include
	<?rfc include="reference.RFC.7049.xml" ?>	href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.56
	<?rfc include="reference.RFC.8152.xml" ?>	52.xml"/>
	<?rfc include="reference.RFC.7193.xml" ?>
	<?rfc include="reference.I-D.ietf-cbor-sequence.xml" ?>	<xi:include
	</references>	href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.7049.xm
		l"/>

		<xi:include
		href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.8152.xm
		l"/>

		<xi:include
		href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.7193.xm
		l"/>

		<xi:include
		href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.87
		42.xml"/>

		</references>
	</back>	</back>
	</rfc>	</rfc>

End of changes. 38 change blocks.
	86 lines changed or deleted	116 lines changed or added
This html diff was produced by rfcdiff 1.45. The latest version is available from http://tools.ietf.org/tools/rfcdiff/