draft-ietf-ace-cbor-web-token-04.txt | draft-ietf-ace-cbor-web-token-05.txt | |||
---|---|---|---|---|
ACE Working Group M. Jones | ACE Working Group M. Jones | |||
Internet-Draft Microsoft | Internet-Draft Microsoft | |||
Intended status: Standards Track E. Wahlstroem | Intended status: Standards Track E. Wahlstroem | |||
Expires: October 15, 2017 | Expires: December 7, 2017 | |||
S. Erdtman | S. Erdtman | |||
Spotify AB | Spotify AB | |||
H. Tschofenig | H. Tschofenig | |||
ARM Ltd. | ARM Ltd. | |||
April 13, 2017 | June 5, 2017 | |||
CBOR Web Token (CWT) | CBOR Web Token (CWT) | |||
draft-ietf-ace-cbor-web-token-04 | draft-ietf-ace-cbor-web-token-05 | |||
Abstract | Abstract | |||
CBOR Web Token (CWT) is a compact means of representing claims to be | CBOR Web Token (CWT) is a compact means of representing claims to be | |||
transferred between two parties. CWT is a profile of the JSON Web | transferred between two parties. The claims in a CWT are encoded in | |||
Token (JWT) that is optimized for constrained devices. The claims in | the Concise Binary Object Representation (CBOR) and CBOR Object | |||
a CWT are encoded in the Concise Binary Object Representation (CBOR) | Signing and Encryption (COSE) is used for added application layer | |||
and CBOR Object Signing and Encryption (COSE) is used for added | security protection. A claim is a piece of information asserted | |||
application layer security protection. A claim is a piece of | about a subject and is represented as a name/value pair consisting of | |||
information asserted about a subject and is represented as a name/ | a claim name and a claim value. CWT is derived from JSON Web Token | |||
value pair consisting of a claim name and a claim value. | (JWT), but uses CBOR rather than JSON. | |||
Status of This Memo | Status of This Memo | |||
This Internet-Draft is submitted in full conformance with the | This Internet-Draft is submitted in full conformance with the | |||
provisions of BCP 78 and BCP 79. | provisions of BCP 78 and BCP 79. | |||
Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
Task Force (IETF). Note that other groups may also distribute | Task Force (IETF). Note that other groups may also distribute | |||
working documents as Internet-Drafts. The list of current Internet- | working documents as Internet-Drafts. The list of current Internet- | |||
Drafts is at http://datatracker.ietf.org/drafts/current/. | Drafts is at http://datatracker.ietf.org/drafts/current/. | |||
Internet-Drafts are draft documents valid for a maximum of six months | Internet-Drafts are draft documents valid for a maximum of six months | |||
and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
This Internet-Draft will expire on October 15, 2017. | This Internet-Draft will expire on December 7, 2017. | |||
Copyright Notice | Copyright Notice | |||
Copyright (c) 2017 IETF Trust and the persons identified as the | Copyright (c) 2017 IETF Trust and the persons identified as the | |||
document authors. All rights reserved. | document authors. All rights reserved. | |||
This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
Provisions Relating to IETF Documents | Provisions Relating to IETF Documents | |||
(http://trustee.ietf.org/license-info) in effect on the date of | (http://trustee.ietf.org/license-info) in effect on the date of | |||
publication of this document. Please review these documents | publication of this document. Please review these documents | |||
carefully, as they describe your rights and restrictions with respect | carefully, as they describe your rights and restrictions with respect | |||
to this document. Code Components extracted from this document must | to this document. Code Components extracted from this document must | |||
include Simplified BSD License text as described in Section 4.e of | include Simplified BSD License text as described in Section 4.e of | |||
the Trust Legal Provisions and are provided without warranty as | the Trust Legal Provisions and are provided without warranty as | |||
described in the Simplified BSD License. | described in the Simplified BSD License. | |||
Table of Contents | Table of Contents | |||
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 | 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 | |||
2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3 | 1.1. CBOR Related Terminology . . . . . . . . . . . . . . . . 3 | |||
2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 4 | ||||
3. Claims . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 | 3. Claims . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 | |||
3.1. Claim Names . . . . . . . . . . . . . . . . . . . . . . . 4 | 3.1. Claim Names . . . . . . . . . . . . . . . . . . . . . . . 4 | |||
3.1.1. iss (Issuer) Claim . . . . . . . . . . . . . . . . . 4 | 3.1.1. iss (Issuer) Claim . . . . . . . . . . . . . . . . . 5 | |||
3.1.2. sub (Subject) Claim . . . . . . . . . . . . . . . . . 5 | 3.1.2. sub (Subject) Claim . . . . . . . . . . . . . . . . . 5 | |||
3.1.3. aud (Audience) Claim . . . . . . . . . . . . . . . . 5 | 3.1.3. aud (Audience) Claim . . . . . . . . . . . . . . . . 5 | |||
3.1.4. exp (Expiration Time) Claim . . . . . . . . . . . . . 5 | 3.1.4. exp (Expiration Time) Claim . . . . . . . . . . . . . 5 | |||
3.1.5. nbf (Not Before) Claim . . . . . . . . . . . . . . . 5 | 3.1.5. nbf (Not Before) Claim . . . . . . . . . . . . . . . 5 | |||
3.1.6. iat (Issued At) Claim . . . . . . . . . . . . . . . . 5 | 3.1.6. iat (Issued At) Claim . . . . . . . . . . . . . . . . 5 | |||
3.1.7. cti (CWT ID) Claim . . . . . . . . . . . . . . . . . 5 | 3.1.7. cti (CWT ID) Claim . . . . . . . . . . . . . . . . . 6 | |||
4. Summary of the values, CBOR major types and encoded claim | 4. Summary of the values, value types, and encoded claim keys . 6 | |||
keys . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 | ||||
5. CBOR Tags and Claim Values . . . . . . . . . . . . . . . . . 6 | 5. CBOR Tags and Claim Values . . . . . . . . . . . . . . . . . 6 | |||
6. CWT CBOR Tag . . . . . . . . . . . . . . . . . . . . . . . . 6 | 6. CWT CBOR Tag . . . . . . . . . . . . . . . . . . . . . . . . 6 | |||
7. Creating and Validating CWTs . . . . . . . . . . . . . . . . 7 | 7. Creating and Validating CWTs . . . . . . . . . . . . . . . . 7 | |||
7.1. Creating a CWT . . . . . . . . . . . . . . . . . . . . . 7 | 7.1. Creating a CWT . . . . . . . . . . . . . . . . . . . . . 7 | |||
7.2. Validating a CWT . . . . . . . . . . . . . . . . . . . . 8 | 7.2. Validating a CWT . . . . . . . . . . . . . . . . . . . . 8 | |||
8. Security Considerations . . . . . . . . . . . . . . . . . . . 9 | 8. Security Considerations . . . . . . . . . . . . . . . . . . . 9 | |||
9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 9 | 9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 9 | |||
9.1. CBOR Web Token (CWT) Claims Registry . . . . . . . . . . 9 | 9.1. CBOR Web Token (CWT) Claims Registry . . . . . . . . . . 9 | |||
9.1.1. Registration Template . . . . . . . . . . . . . . . . 10 | 9.1.1. Registration Template . . . . . . . . . . . . . . . . 10 | |||
9.1.2. Initial Registry Contents . . . . . . . . . . . . . . 10 | 9.1.2. Initial Registry Contents . . . . . . . . . . . . . . 11 | |||
9.2. Media Type Registration . . . . . . . . . . . . . . . . . 12 | 9.2. Media Type Registration . . . . . . . . . . . . . . . . . 12 | |||
9.2.1. Registry Contents . . . . . . . . . . . . . . . . . . 12 | 9.2.1. Registry Contents . . . . . . . . . . . . . . . . . . 13 | |||
9.3. CoAP Content-Formats Registration . . . . . . . . . . . . 12 | 9.3. CoAP Content-Formats Registration . . . . . . . . . . . . 13 | |||
9.3.1. Registry Contents . . . . . . . . . . . . . . . . . . 12 | 9.3.1. Registry Contents . . . . . . . . . . . . . . . . . . 13 | |||
9.4. CBOR Tag registration . . . . . . . . . . . . . . . . . . 13 | 9.4. CBOR Tag registration . . . . . . . . . . . . . . . . . . 13 | |||
9.4.1. Registry Contents . . . . . . . . . . . . . . . . . . 13 | 9.4.1. Registry Contents . . . . . . . . . . . . . . . . . . 14 | |||
10. References . . . . . . . . . . . . . . . . . . . . . . . . . 13 | 10. References . . . . . . . . . . . . . . . . . . . . . . . . . 14 | |||
10.1. Normative References . . . . . . . . . . . . . . . . . . 13 | 10.1. Normative References . . . . . . . . . . . . . . . . . . 14 | |||
10.2. Informative References . . . . . . . . . . . . . . . . . 14 | 10.2. Informative References . . . . . . . . . . . . . . . . . 15 | |||
Appendix A. Examples . . . . . . . . . . . . . . . . . . . . . . 14 | Appendix A. Examples . . . . . . . . . . . . . . . . . . . . . . 15 | |||
A.1. Example CWT Claims Set . . . . . . . . . . . . . . . . . 14 | A.1. Example CWT Claims Set . . . . . . . . . . . . . . . . . 15 | |||
A.2. Example keys . . . . . . . . . . . . . . . . . . . . . . 15 | A.2. Example keys . . . . . . . . . . . . . . . . . . . . . . 16 | |||
A.2.1. 128-bit Symmetric Key as Hex Encoded String . . . . . 15 | A.2.1. 128-bit Symmetric Key as Hex Encoded String . . . . . 16 | |||
A.2.2. 256-bit Symmetric Key as Hex Encoded String . . . . . 15 | A.2.2. 256-bit Symmetric Key as Hex Encoded String . . . . . 16 | |||
A.2.3. ECDSA P-256 256-bit COSE Key . . . . . . . . . . . . 15 | A.2.3. ECDSA P-256 256-bit COSE Key . . . . . . . . . . . . 16 | |||
A.3. Example Signed CWT . . . . . . . . . . . . . . . . . . . 16 | A.3. Example Signed CWT . . . . . . . . . . . . . . . . . . . 17 | |||
A.4. Example MACed CWT . . . . . . . . . . . . . . . . . . . . 17 | A.4. Example MACed CWT . . . . . . . . . . . . . . . . . . . . 18 | |||
A.5. Example Encrypted CWT . . . . . . . . . . . . . . . . . . 17 | A.5. Example Encrypted CWT . . . . . . . . . . . . . . . . . . 18 | |||
A.6. Example Nested CWT . . . . . . . . . . . . . . . . . . . 18 | A.6. Example Nested CWT . . . . . . . . . . . . . . . . . . . 19 | |||
Appendix B. Acknowledgements . . . . . . . . . . . . . . . . . . 19 | A.7. Example MACed CWT with a floating-point value . . . . . . 20 | |||
Appendix C. Document History . . . . . . . . . . . . . . . . . . 19 | Appendix B. Acknowledgements . . . . . . . . . . . . . . . . . . 21 | |||
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 20 | Appendix C. Document History . . . . . . . . . . . . . . . . . . 21 | |||
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 22 | ||||
1. Introduction | 1. Introduction | |||
The JSON Web Token (JWT) [RFC7519] is a standardized security token | The JSON Web Token (JWT) [RFC7519] is a standardized security token | |||
format that has found use in OAuth 2.0 and OpenID Connect | format that has found use in OAuth 2.0 and OpenID Connect | |||
deployments, among other applications. JWT uses JSON Web Signature | deployments, among other applications. JWT uses JSON Web Signature | |||
(JWS) [RFC7515] and JSON Web Encryption (JWE) [RFC7516] to secure the | (JWS) [RFC7515] and JSON Web Encryption (JWE) [RFC7516] to secure the | |||
contents of the JWT, which is a set of claims represented in JSON. | contents of the JWT, which is a set of claims represented in JSON. | |||
The use of JSON for encoding information is popular for Web and | The use of JSON for encoding information is popular for Web and | |||
native applications, but it is considered inefficient for some | native applications, but it is considered inefficient for some | |||
skipping to change at page 3, line 39 ¶ | skipping to change at page 3, line 40 ¶ | |||
which is a compact means of representing secured claims to be | which is a compact means of representing secured claims to be | |||
transferred between two parties. CWT is closely related to JWT. It | transferred between two parties. CWT is closely related to JWT. It | |||
references the JWT claims and both its name and pronunciation are | references the JWT claims and both its name and pronunciation are | |||
derived from JWT. To protect the claims contained in CWTs, the CBOR | derived from JWT. To protect the claims contained in CWTs, the CBOR | |||
Object Signing and Encryption (COSE) [I-D.ietf-cose-msg] | Object Signing and Encryption (COSE) [I-D.ietf-cose-msg] | |||
specification is used. | specification is used. | |||
The suggested pronunciation of CWT is the same as the English word | The suggested pronunciation of CWT is the same as the English word | |||
"cot". | "cot". | |||
1.1. CBOR Related Terminology | ||||
In JSON, maps are called objects and only have one kind of map key: a | ||||
string. In COSE, we use strings, negative integers, and unsigned | ||||
integers as map keys. The integers are used for compactness of | ||||
encoding and easy comparison. The inclusion of strings allows for an | ||||
additional range of short encoded values to be used as well. | ||||
2. Terminology | 2. Terminology | |||
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", | The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", | |||
"SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and | "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and | |||
"OPTIONAL" in this document are to be interpreted as described in | "OPTIONAL" in this document are to be interpreted as described in | |||
"Key words for use in RFCs to Indicate Requirement Levels" [RFC2119]. | "Key words for use in RFCs to Indicate Requirement Levels" [RFC2119]. | |||
This document reuses terminology from JWT [RFC7519] and COSE | This document reuses terminology from JWT [RFC7519] and COSE | |||
[I-D.ietf-cose-msg]. | [I-D.ietf-cose-msg]. | |||
StringOrURI: | StringOrURI: | |||
The "StringOrURI" term has the same meaning, syntax, and | The "StringOrURI" term has the same meaning, syntax, and | |||
processing rules as the "StringOrUri" term defined in Section 2 of | processing rules as the "StringOrUri" term defined in Section 2 of | |||
JWT [RFC7519], except that a CWT StringOrURI uses CBOR major type | JWT [RFC7519], except that it uses a CBOR text string instead of a | |||
3 (text string) instead of a JSON string value. | JSON string value. | |||
NumericDate: | NumericDate: | |||
The "NumericDate" term has the same meaning, syntax, and | The "NumericDate" term has the same meaning, syntax, and | |||
processing rules as the "NumericDate" term defined in Section 2 of | processing rules as the "NumericDate" term defined in Section 2 of | |||
JWT [RFC7519], except that a CWT NumericDate uses one of the CBOR | JWT [RFC7519], except that the CBOR numeric date representation | |||
numeric types (0, 1, or 7 with subtypes 25, 26, or 27), instead of | (from Section 2.4.1 of [RFC7049]) is used. The encoding is | |||
a numeric JSON value. The numeric date values that can used for a | modified so that the leading tag (6.1 or 0xC1) MUST be omitted. | |||
CWT NumericDate are identical to the epoch-based date/time values | ||||
that are specified to follow the tag defined in Section 2.4.1 | ||||
(Date and Time) of [RFC7049], except that the tag itself need not | ||||
be present. | ||||
CBOR encoded claim key: | CBOR encoded claim key: | |||
The key used to identify a claim value. | The key used to identify a claim value. | |||
CWT Claims Set | CWT Claims Set | |||
A CBOR map that contains the claims conveyed by the CWT. | A CBOR map that contains the claims conveyed by the CWT. | |||
3. Claims | 3. Claims | |||
The set of claims that a CWT must contain to be considered valid is | The set of claims that a CWT must contain to be considered valid is | |||
context dependent and is outside the scope of this specification. | context dependent and is outside the scope of this specification. | |||
Specific applications of CWTs will require implementations to | Specific applications of CWTs will require implementations to | |||
understand and process some claims in particular ways. However, in | understand and process some claims in particular ways. However, in | |||
the absence of such requirements, all claims that are not understood | the absence of such requirements, all claims that are not understood | |||
by implementations MUST be ignored. | by implementations MUST be ignored. | |||
To keep CWTs as small as possible, the CBOR encoded claim keys are | To keep CWTs as small as possible, the CBOR encoded claim keys are | |||
represented using CBOR major type 0. Section 4 summarizes all keys | represented using integers or text strings. Section 4 summarizes all | |||
used to identify the claims defined in this document. | keys used to identify the claims defined in this document. | |||
3.1. Claim Names | 3.1. Claim Names | |||
None of the claims defined below are intended to be mandatory to use | None of the claims defined below are intended to be mandatory to use | |||
or implement. They rather provide a starting point for a set of | or implement. They rather provide a starting point for a set of | |||
useful, interoperable claims. Applications using CWTs should define | useful, interoperable claims. Applications using CWTs should define | |||
which specific claims they use and when they are required or | which specific claims they use and when they are required or | |||
optional. | optional. | |||
3.1.1. iss (Issuer) Claim | 3.1.1. iss (Issuer) Claim | |||
skipping to change at page 5, line 23 ¶ | skipping to change at page 5, line 32 ¶ | |||
The "aud" (audience) claim has the same meaning, syntax, and | The "aud" (audience) claim has the same meaning, syntax, and | |||
processing rules as the "aud" claim defined in Section 4.1.3 of JWT | processing rules as the "aud" claim defined in Section 4.1.3 of JWT | |||
[RFC7519], except that the format MUST be a StringOrURI. The CBOR | [RFC7519], except that the format MUST be a StringOrURI. The CBOR | |||
encoded claim key 3 MUST be used to identify this claim. | encoded claim key 3 MUST be used to identify this claim. | |||
3.1.4. exp (Expiration Time) Claim | 3.1.4. exp (Expiration Time) Claim | |||
The "exp" (expiration time) claim has the same meaning, syntax, and | The "exp" (expiration time) claim has the same meaning, syntax, and | |||
processing rules as the "exp" claim defined in Section 4.1.4 of JWT | processing rules as the "exp" claim defined in Section 4.1.4 of JWT | |||
[RFC7519], except that the format MUST be a CWT NumericDate. The | [RFC7519], except that the format MUST be a NumericDate. The CBOR | |||
CBOR encoded claim key 4 MUST be used to identify this claim. | encoded claim key 4 MUST be used to identify this claim. | |||
3.1.5. nbf (Not Before) Claim | 3.1.5. nbf (Not Before) Claim | |||
The "nbf" (not before) claim has the same meaning, syntax, and | The "nbf" (not before) claim has the same meaning, syntax, and | |||
processing rules as the "nbf" claim defined in Section 4.1.5 of JWT | processing rules as the "nbf" claim defined in Section 4.1.5 of JWT | |||
[RFC7519], except that the format MUST be a CWT NumericDate. The | [RFC7519], except that the format MUST be a NumericDate. The CBOR | |||
CBOR encoded claim key 5 MUST be used to identify this claim. | encoded claim key 5 MUST be used to identify this claim. | |||
3.1.6. iat (Issued At) Claim | 3.1.6. iat (Issued At) Claim | |||
The "iat" (issued at) claim has the same meaning, syntax, and | The "iat" (issued at) claim has the same meaning, syntax, and | |||
processing rules as the "iat" claim defined in Section 4.1.6 of JWT | processing rules as the "iat" claim defined in Section 4.1.6 of JWT | |||
[RFC7519], except that the format MUST be a CWT NumericDate. The | [RFC7519], except that the format MUST be a NumericDate. The CBOR | |||
CBOR encoded claim key 6 MUST be used to identify this claim. | encoded claim key 6 MUST be used to identify this claim. | |||
3.1.7. cti (CWT ID) Claim | 3.1.7. cti (CWT ID) Claim | |||
The "cti" (CWT ID) claim has the same meaning, syntax, and processing | The "cti" (CWT ID) claim has the same meaning, syntax, and processing | |||
rules as the "jti" claim defined in Section 4.1.7 of JWT [RFC7519], | rules as the "jti" claim defined in Section 4.1.7 of JWT [RFC7519], | |||
except that the format MUST be of major type 2, binary string. The | except that the format MUST be binary string. The CBOR encoded claim | |||
CBOR encoded claim key 7 MUST be used to identify this claim. | key 7 MUST be used to identify this claim. | |||
4. Summary of the values, CBOR major types and encoded claim keys | 4. Summary of the values, value types, and encoded claim keys | |||
/---------+------------------------+-------------------------------\ | ||||
| Claim | CBOR encoded claim key | CBOR major type of value | | ||||
|---------+------------------------+-------------------------------| | ||||
| iss | 1 | 3 | | ||||
| sub | 2 | 3 | | ||||
| aud | 3 | 3 | | ||||
| exp | 4 | 0, 1, or 7 with float subtype | | ||||
| nbf | 5 | 0, 1, or 7 with float subtype | | ||||
| iat | 6 | 0, 1, or 7 with float subtype | | ||||
| cti | 7 | 2 | | ||||
\---------+------------------------+-------------------------------/ | ||||
Figure 1: Summary of the values, CBOR major types and encoded claim | /---------+-----+----------------------------------\ | |||
keys. | | Name | Key | Value type | | |||
|---------+-----+----------------------------------| | ||||
| iss | 1 | text string | | ||||
| sub | 2 | text string | | ||||
| aud | 3 | text string | | ||||
| exp | 4 | integer or floating-point number | | ||||
| nbf | 5 | integer or floating-point number | | ||||
| iat | 6 | integer or floating-point number | | ||||
| cti | 7 | binary string | | ||||
\---------+-----+----------------------------------/ | ||||
Figure 1: Summary of the values, value types, and encoded claim keys | ||||
5. CBOR Tags and Claim Values | 5. CBOR Tags and Claim Values | |||
The use of CBOR tags to prefix any of the claim values defined in | The claim values defined in this specification MUST NOT be prefixed | |||
this specification is NOT RECOMMENDED. For instance, while CBOR tag | with any CBOR tag. For instance, while CBOR tag 6.1 (seconds-since- | |||
6.1 (seconds-since-the-epoch) could logically be prefixed to values | the-epoch) could logically be prefixed to values of the "exp", "nbf", | |||
of the "exp", "nbf", and "iat" claims, this is unnecessary, since the | and "iat" claims, this is unnecessary, since the representation of | |||
representation of the claim values is already specified by the claim | the claim values is already specified by the claim definitions. | |||
definitions. Tagging claim values would only take up extra space, | Tagging claim values would only take up extra space without adding | |||
without adding information. However, other claims defined by other | information. However, this does not prohibit future claim | |||
specifications can specify that a tag prefix the claim value, when | definitions from requiring the use of CBOR tags for those specific | |||
appropriate. | claims. | |||
6. CWT CBOR Tag | 6. CWT CBOR Tag | |||
How to determine that a CBOR data structure is a CWT is application- | How to determine that a CBOR data structure is a CWT is application- | |||
dependent. In some cases, this information is known from the | dependent. In some cases, this information is known from the | |||
application context, such as from the position of the CWT in a data | application context, such as from the position of the CWT in a data | |||
structure at which the value must be a CWT. One method of indicating | structure at which the value must be a CWT. One method of indicating | |||
that a CBOR object is a CWT is the use of the "application/cwt" | that a CBOR object is a CWT is the use of the "application/cwt" | |||
content type by a transport protocol. | content type by a transport protocol. | |||
skipping to change at page 7, line 49 ¶ | skipping to change at page 8, line 5 ¶ | |||
using the Message as the COSE_Mac/COSE_Mac0 Payload; all steps | using the Message as the COSE_Mac/COSE_Mac0 Payload; all steps | |||
specified in [I-D.ietf-cose-msg] for creating a COSE_Mac/ | specified in [I-D.ietf-cose-msg] for creating a COSE_Mac/ | |||
COSE_Mac0 object MUST be followed. | COSE_Mac0 object MUST be followed. | |||
* Else, if the CWT is a COSE_Encrypt/COSE_Encrypt0 object, | * Else, if the CWT is a COSE_Encrypt/COSE_Encrypt0 object, | |||
create a COSE_Encrypt/COSE_Encrypt0 using the Message as the | create a COSE_Encrypt/COSE_Encrypt0 using the Message as the | |||
plaintext for the COSE_Encrypt/COSE_Encrypt0 object; all steps | plaintext for the COSE_Encrypt/COSE_Encrypt0 object; all steps | |||
specified in [I-D.ietf-cose-msg] for creating a COSE_Encrypt/ | specified in [I-D.ietf-cose-msg] for creating a COSE_Encrypt/ | |||
COSE_Encrypt0 object MUST be followed. | COSE_Encrypt0 object MUST be followed. | |||
5. If a nested signing, MACing or encryption operation will be | 5. If a nested signing, MACing, or encryption operation will be | |||
performed, let the Message be the COSE_Sign/COSE_Sign1, COSE_Mac/ | performed, let the Message be the COSE_Sign/COSE_Sign1, COSE_Mac/ | |||
COSE_Mac0 or COSE_Encrypt/COSE_Encrypt0, and return to Step 3, | COSE_Mac0, or COSE_Encrypt/COSE_Encrypt0, add the matching COSE | |||
using a "content type" header value corresponding to the media | CBOR tag, and return to Step 3. | |||
type "application/cwt" in the new COSE Header created in that | ||||
step. | ||||
6. If needed by the application, add the appropriate COSE CBOR tag | 6. If needed by the application, add the appropriate COSE CBOR tag | |||
to the COSE object to indicate type of COSE object. If also | to the COSE object to indicate the type of the COSE object. If | |||
needed by the application, add the CWT CBOR tag to indicate that | needed by the application, add the CWT CBOR tag to indicate that | |||
the COSE object is a CWT. | the COSE object is a CWT. | |||
7.2. Validating a CWT | 7.2. Validating a CWT | |||
When validating a CWT, the following steps are performed. The order | When validating a CWT, the following steps are performed. The order | |||
of the steps is not significant in cases where there are no | of the steps is not significant in cases where there are no | |||
dependencies between the inputs and outputs of the steps. If any of | dependencies between the inputs and outputs of the steps. If any of | |||
the listed steps fail, then the CWT MUST be rejected -- that is, | the listed steps fail, then the CWT MUST be rejected -- that is, | |||
treated by the application as invalid input. | treated by the application as invalid input. | |||
1. Verify that the CWT is a valid CBOR object. | 1. Verify that the CWT is a valid CBOR object. | |||
2. If the object begins with the CWT CBOR tag, remove it and verify | 2. If the object begins with the CWT CBOR tag, remove it and verify | |||
that one of the COSE CBOR tags follows it. | that one of the COSE CBOR tags follows it. | |||
3. If the object is tagged with one of the COSE CBOR tags, remove it | 3. If the object is tagged with one of the COSE CBOR tags, remove it | |||
and verify that it corresponds to the structure of the following | and use it to determine the type of the CWT, COSE_Sign/ | |||
COSE object. | COSE_Sign1, COSE_Mac/COSE_Mac0, or COSE_Encrypt/COSE_Encrypt0. | |||
If the object does not have a COSE CBOR tag, the COSE message | ||||
type is determined from the application context. | ||||
4. Verify that the resulting COSE Header includes only parameters | 4. Verify that the resulting COSE Header includes only parameters | |||
and values whose syntax and semantics are both understood and | and values whose syntax and semantics are both understood and | |||
supported or that are specified as being ignored when not | supported or that are specified as being ignored when not | |||
understood. | understood. | |||
5. Use the CBOR tag to determine the type of the CWT, COSE_Sign/ | 5. Depending upon whether the CWT is a signed, MACed, or encrypted, | |||
COSE_Sign1, COSE_Mac/COSE_Mac0, or COSE_Encrypt/COSE_Encrypt0. | ||||
6. Depending upon whether the CWT is a signed, MACed, or encrypted, | ||||
there are three cases: | there are three cases: | |||
* If the CWT is a COSE_Sign/COSE_Sign1, follow the steps | * If the CWT is a COSE_Sign/COSE_Sign1, follow the steps | |||
specified in [I-D.ietf-cose-msg] Section 4 (Signing Objects) | specified in [I-D.ietf-cose-msg] Section 4 (Signing Objects) | |||
for validating a COSE_Sign/COSE_Sign1 object. Let the Message | for validating a COSE_Sign/COSE_Sign1 object. Let the Message | |||
be the COSE_Sign/COSE_Sign1 payload. | be the COSE_Sign/COSE_Sign1 payload. | |||
* Else, if the CWT is a COSE_Mac/COSE_Mac0, follow the steps | * Else, if the CWT is a COSE_Mac/COSE_Mac0, follow the steps | |||
specified in [I-D.ietf-cose-msg] Section 6 (MAC Objects) for | specified in [I-D.ietf-cose-msg] Section 6 (MAC Objects) for | |||
validating a COSE_Mac/COSE_Mac0 object. Let the Message be | validating a COSE_Mac/COSE_Mac0 object. Let the Message be | |||
the COSE_Mac/COSE_Mac0 payload. | the COSE_Mac/COSE_Mac0 payload. | |||
* Else, if the CWT is a COSE_Encrypt/COSE_Encrypt0 object, | * Else, if the CWT is a COSE_Encrypt/COSE_Encrypt0 object, | |||
follow the steps specified in [I-D.ietf-cose-msg] Section 5 | follow the steps specified in [I-D.ietf-cose-msg] Section 5 | |||
(Encryption Objects) for validating a COSE_Encrypt/ | (Encryption Objects) for validating a COSE_Encrypt/ | |||
COSE_Encrypt0 object. Let the Message be the resulting | COSE_Encrypt0 object. Let the Message be the resulting | |||
plaintext. | plaintext. | |||
7. If the COSE Header contains a "content type" header value | 6. If the Message begins with a COSE CBOR tag, then the Message is a | |||
corresponding to the media type "application/cwt", then the | CWT that was the subject of nested signing, MACing, or encryption | |||
Message is a CWT that was the subject of nested signing or | operations. In this case, return to Step 1, using the Message as | |||
encryption operations. In this case, return to Step 1, using the | the CWT. | |||
Message as the CWT. | ||||
8. Verify that the Message is a valid CBOR object; let the CWT | 7. Verify that the Message is a valid CBOR object; let the CWT | |||
Claims Set be this CBOR object. | Claims Set be this CBOR object. | |||
8. Security Considerations | 8. Security Considerations | |||
The security of the CWT is dependent on the protections offered by | The security of the CWT relies upon on the protections offered by | |||
COSE. Unless the claims in a CWT are protected, an adversary can | COSE. Unless the claims in a CWT are protected, an adversary can | |||
modify, add, or remove claims. Since the claims conveyed in a CWT | modify, add, or remove claims. | |||
may be used to make authorization decisions, it is not only important | ||||
to protect the CWT in transit but also to ensure that the recipient | Since the claims conveyed in a CWT may be used to make authorization | |||
can authenticate the party that assembled the claims and created the | decisions, it is not only important to protect the CWT in transit but | |||
CWT. Without trust of the recipient in the party that created the | also to ensure that the recipient can authenticate the party that | |||
CWT, no sensible authorization decision can be made. Furthermore, | assembled the claims and created the CWT. Without trust of the | |||
the creator of the CWT needs to carefully evaluate each claim value | recipient in the party that created the CWT, no sensible | |||
prior to including it in the CWT so that the recipient can be assured | authorization decision can be made. Furthermore, the creator of the | |||
of the validity of the information provided. | CWT needs to carefully evaluate each claim value prior to including | |||
it in the CWT so that the recipient can be assured of the validity of | ||||
the information provided. | ||||
While syntactically, the signing and encryption operations for Nested | ||||
CWTs may be applied in any order, if both signing and encryption are | ||||
necessary, normally producers should sign the message and then | ||||
encrypt the result (thus encrypting the signature). This prevents | ||||
attacks in which the signature is stripped, leaving just an encrypted | ||||
message, as well as providing privacy for the signer. Furthermore, | ||||
signatures over encrypted text are not considered valid in many | ||||
jurisdictions. | ||||
9. IANA Considerations | 9. IANA Considerations | |||
9.1. CBOR Web Token (CWT) Claims Registry | 9.1. CBOR Web Token (CWT) Claims Registry | |||
This section establishes the IANA "CBOR Web Token (CWT) Claims" | This section establishes the IANA "CBOR Web Token (CWT) Claims" | |||
registry. | registry. | |||
Values are registered on a Specification Required [RFC5226] basis, on | Values are registered on a Specification Required [RFC5226] basis | |||
the advice of one or more Designated Experts. However, to allow for | after a three-week review period on the cwt-reg-review@ietf.org | |||
the allocation of values prior to publication, the Designated Experts | mailing list, on the advice of one or more Designated Experts. | |||
may approve registration once they are satisfied that such a | However, to allow for the allocation of values prior to publication, | |||
specification will be published. | the Designated Experts may approve registration once they are | |||
satisfied that such a specification will be published. [[ Note to | ||||
the RFC Editor: The name of the mailing list should be determined in | ||||
consultation with the IESG and IANA. Suggested name: cwt-reg- | ||||
review@ietf.org. ]] | ||||
Registration requests sent to the mailing list for review should use | ||||
an appropriate subject (e.g., "Request to register claim: example"). | ||||
Registration requests that are undetermined for a period longer than | ||||
21 days can be brought to the IESG's attention (using the | ||||
iesg@ietf.org mailing list) for resolution. | ||||
Criteria that should be applied by the Designated Experts includes | Criteria that should be applied by the Designated Experts includes | |||
determining whether the proposed registration duplicates existing | determining whether the proposed registration duplicates existing | |||
functionality, whether it is likely to be of general applicability or | functionality, whether it is likely to be of general applicability or | |||
whether it is useful only for a single application, and whether the | whether it is useful only for a single application, and whether the | |||
registration description is clear. | registration description is clear. | |||
It is suggested that multiple Designated Experts be appointed who are | ||||
able to represent the perspectives of different applications using | ||||
this specification in order to enable broadly informed review of | ||||
registration decisions. In cases where a registration decision could | ||||
be perceived as creating a conflict of interest for a particular | ||||
Expert, that Expert should defer to the judgment of the other | ||||
Experts. | ||||
9.1.1. Registration Template | 9.1.1. Registration Template | |||
Claim Name: | Claim Name: | |||
The human-readable name requested (e.g., "iss"). | The human-readable name requested (e.g., "iss"). | |||
Claim Description: | Claim Description: | |||
Brief description of the claim (e.g., "Issuer"). | Brief description of the claim (e.g., "Issuer"). | |||
JWT Claim Name: | JWT Claim Name: | |||
Claim Name of the equivalent JWT claim, as registered in | Claim Name of the equivalent JWT claim, as registered in | |||
[IANA.JWT.Claims]. CWT claims should normally have a | [IANA.JWT.Claims]. CWT claims should normally have a | |||
corresponding JWT claim. If a corresponding JWT claim would not | corresponding JWT claim. If a corresponding JWT claim would not | |||
make sense, the Designated Experts can choose to accept | make sense, the Designated Experts can choose to accept | |||
registrations for which the JWT Claim Name is listed as "N/A". | registrations for which the JWT Claim Name is listed as "N/A". | |||
CBOR Key Value: | CBOR Key Value: | |||
Key value for the claim. The key value MUST be an integer in the | Integer values between -256 and 255 and strings of length 1 are | |||
range of 1 to 65536. | designated as Standards Track Document required. Integer values | |||
from -65536 to 65535 and strings of length 2 are designated as | ||||
Specification Required. Integer values of greater than 65535 and | ||||
strings of length greater than 2 are designated as expert review. | ||||
Integer values less than -65536 are marked as private use. | ||||
CBOR Major Type: | CBOR Major Type: | |||
CBOR major type and optional tag for the claim. | CBOR major type and optional tag for the claim. | |||
Change Controller: | Change Controller: | |||
For Standards Track RFCs, list the "IESG". For others, give the | For Standards Track RFCs, list the "IESG". For others, give the | |||
name of the responsible party. Other details (e.g., postal | name of the responsible party. Other details (e.g., postal | |||
address, email address, home page URI) may also be included. | address, email address, home page URI) may also be included. | |||
Specification Document(s): | Specification Document(s): | |||
Reference to the document or documents that specify the parameter, | Reference to the document or documents that specify the parameter, | |||
preferably including URIs that can be used to retrieve copies of | preferably including URIs that can be used to retrieve copies of | |||
the documents. An indication of the relevant sections may also be | the documents. An indication of the relevant sections may also be | |||
included but is not required. | included but is not required. | |||
9.1.2. Initial Registry Contents | 9.1.2. Initial Registry Contents | |||
o Claim Name: N/A | ||||
o Claim Description: This registration reserves the key value 0. | ||||
o JWT Claim Name: N/A | ||||
o CBOR Key Value: 0 | ||||
o CBOR Major Type: N/A | ||||
o Change Controller: IESG | ||||
o Specification Document(s): [[ this specification ]] | ||||
o Claim Name: "iss" | o Claim Name: "iss" | |||
o Claim Description: Issuer | o Claim Description: Issuer | |||
o JWT Claim Name: "iss" | o JWT Claim Name: "iss" | |||
o CBOR Key Value: 1 | o CBOR Key Value: 1 | |||
o CBOR Major Type: 3 | o CBOR Major Type: 3 | |||
o Change Controller: IESG | o Change Controller: IESG | |||
o Specification Document(s): Section 3.1.1 of [[ this specification | o Specification Document(s): Section 3.1.1 of [[ this specification | |||
]] | ]] | |||
o Claim Name: "sub" | o Claim Name: "sub" | |||
skipping to change at page 15, line 25 ¶ | skipping to change at page 16, line 25 ¶ | |||
Figure 4: Example CWT Claims Set in CBOR diagnostic notation | Figure 4: Example CWT Claims Set in CBOR diagnostic notation | |||
A.2. Example keys | A.2. Example keys | |||
This section contains the keys used to sign, MAC, and encrypt the | This section contains the keys used to sign, MAC, and encrypt the | |||
messages in this appendix. Line breaks are for display purposes | messages in this appendix. Line breaks are for display purposes | |||
only. | only. | |||
A.2.1. 128-bit Symmetric Key as Hex Encoded String | A.2.1. 128-bit Symmetric Key as Hex Encoded String | |||
8e82e68e61654ecb5a369fe8be7572dd | 231f4c4d4d3051fdc2ec0a3851d5b383 | |||
A.2.2. 256-bit Symmetric Key as Hex Encoded String | A.2.2. 256-bit Symmetric Key as Hex Encoded String | |||
403697de87af64611c1d32a05dab0fe1fcb715a86ab435f1ec99192d79569388 | 403697de87af64611c1d32a05dab0fe1fcb715a86ab435f1ec99192d79569388 | |||
A.2.3. ECDSA P-256 256-bit COSE Key | A.2.3. ECDSA P-256 256-bit COSE Key | |||
a622582060f7f1a780d8a783bfb7a2dd6b2796e8128dbbcef9d3d168db952997 | a622582060f7f1a780d8a783bfb7a2dd6b2796e8128dbbcef9d3d168db952997 | |||
1a36e7b92358206c1382765aec5358f117733d281c1c7bdc39884d04a45a1e6c | 1a36e7b92358206c1382765aec5358f117733d281c1c7bdc39884d04a45a1e6c | |||
67c858bc206c1903260102215820143329cce7868e416927599cf65a34f3ce2f | 67c858bc206c1903260102215820143329cce7868e416927599cf65a34f3ce2f | |||
skipping to change at page 16, line 16 ¶ | skipping to change at page 17, line 16 ¶ | |||
This section shows a signed CWT with a single recipient and a full | This section shows a signed CWT with a single recipient and a full | |||
CWT Claims Set. | CWT Claims Set. | |||
The signature is generated using the private key listed in | The signature is generated using the private key listed in | |||
Appendix A.2.3 and it can be validated using the public key from | Appendix A.2.3 and it can be validated using the public key from | |||
Appendix A.2.3. Line breaks are for display purposes only. | Appendix A.2.3. Line breaks are for display purposes only. | |||
d28443a10126a05850a70175636f61703a2f2f61732e6578616d706c652e636f6 | d28443a10126a05850a70175636f61703a2f2f61732e6578616d706c652e636f6 | |||
d02656572696b77037818636f61703a2f2f6c696768742e6578616d706c652e63 | d02656572696b77037818636f61703a2f2f6c696768742e6578616d706c652e63 | |||
6f6d041a5612aeb0051a5610d9f0061a5610d9f007420b7158401fe410abce650 | 6f6d041a5612aeb0051a5610d9f0061a5610d9f007420b715840b9b2821b6b2c2 | |||
effed497f05d7f9462de67d571384097de0d96f1e2514d284cdd85634f269af6c | f9d1d984b11854dcfcee1f219746800ce76112c21f58c45dea1d7f01cec1ab394 | |||
36c64f22e7691abb464bed2ff23176cdba9fd9e213f637d082 | 0f75c459305365210a23a9ed463b4f6fc984c2f1c08e504d90 | |||
Figure 7: Signed CWT as hex string | Figure 7: Signed CWT as hex string | |||
18( | 18( | |||
[ | [ | |||
/ protected / h'a10126' / { | / protected / h'a10126' / { | |||
/ alg / 1: -7 / ECDSA 256 / | / alg / 1: -7 / ECDSA 256 / | |||
} / , | } / , | |||
/ unprotected / {}, | / unprotected / {}, | |||
/ payload / h'a70175636f61703a2f2f61732e6578616d706c652e63 | / payload / h'a70175636f61703a2f2f61732e6578616d706c652e63 | |||
skipping to change at page 16, line 40 ¶ | skipping to change at page 17, line 40 ¶ | |||
68742e6578616d706c652e636f6d041a5612aeb0051a | 68742e6578616d706c652e636f6d041a5612aeb0051a | |||
5610d9f0061a5610d9f007420b71' / { | 5610d9f0061a5610d9f007420b71' / { | |||
/ iss / 1: "coap://as.example.com", | / iss / 1: "coap://as.example.com", | |||
/ sub / 2: "erikw", | / sub / 2: "erikw", | |||
/ aud / 3: "coap://light.example.com", | / aud / 3: "coap://light.example.com", | |||
/ exp / 4: 1444064944, | / exp / 4: 1444064944, | |||
/ nbf / 5: 1443944944, | / nbf / 5: 1443944944, | |||
/ iat / 6: 1443944944, | / iat / 6: 1443944944, | |||
/ cti / 7: h'0b71' | / cti / 7: h'0b71' | |||
} / , | } / , | |||
/ signature / h'1fe410abce650effed497f05d7f9462de67d571384 | / signature / h'b9b2821b6b2c2f9d1d984b11854dcfcee1f2197468 | |||
097de0d96f1e2514d284cdd85634f269af6c36c64f | 00ce76112c21f58c45dea1d7f01cec1ab3940f75c4 | |||
22e7691abb464bed2ff23176cdba9fd9e213f637d0 | 59305365210a23a9ed463b4f6fc984c2f1c08e504d | |||
82' | 90' | |||
] | ] | |||
) | ) | |||
Figure 8: Signed CWT in CBOR diagnostic notation | Figure 8: Signed CWT in CBOR diagnostic notation | |||
A.4. Example MACed CWT | A.4. Example MACed CWT | |||
This section shows a MACed CWT with a single recipient and a full CWT | This section shows a MACed CWT with a single recipient, a full CWT | |||
Claims Set. | Claims Set, and a CWT tag. | |||
The MAC is generated using the 256-bit symmetric key from | The MAC is generated using the 256-bit symmetric key from | |||
Appendix A.2.2 with a 64-bit truncation. Line breaks are for display | Appendix A.2.2 with a 64-bit truncation. Line breaks are for display | |||
purposes only. | purposes only. | |||
d83dd18443a10104a05850a70175636f61703a2f2f61732e6578616d706c652e | d83dd18443a10104a05850a70175636f61703a2f2f61732e6578616d706c652e | |||
636f6d02656572696b77037818636f61703a2f2f6c696768742e6578616d706c | 636f6d02656572696b77037818636f61703a2f2f6c696768742e6578616d706c | |||
652e636f6d041a5612aeb0051a5610d9f0061a5610d9f007420b7148093101ef | 652e636f6d041a5612aeb0051a5610d9f0061a5610d9f007420b7148093101ef | |||
6d789200 | 6d789200 | |||
skipping to change at page 18, line 9 ¶ | skipping to change at page 19, line 9 ¶ | |||
A.5. Example Encrypted CWT | A.5. Example Encrypted CWT | |||
This section shows an encrypted CWT with a single recipient and a | This section shows an encrypted CWT with a single recipient and a | |||
full CWT Claims Set. | full CWT Claims Set. | |||
The encryption is done with AES-CCM mode using the 128-bit symmetric | The encryption is done with AES-CCM mode using the 128-bit symmetric | |||
key from Appendix A.2.1 with a 64-bit tag and 13-byte nonce, i.e., | key from Appendix A.2.1 with a 64-bit tag and 13-byte nonce, i.e., | |||
COSE AES-CCM-16-64-128. Line breaks are for display purposes only. | COSE AES-CCM-16-64-128. Line breaks are for display purposes only. | |||
d08343a1010aa1054d3a869e378e72b77d077c29be025858d275ad9cd7df1b10 | d08343a1010aa1054d3d9624bfb90a612bdcfc5077c45858e06d4b57cf3b3c9d | |||
ba8cde785c74b1e1e6ada287e2baf1451b06862529b784d230b0111773b6c369 | a3a16325dadcb9d2a0748f00ecd728f4b79030b56a292ee9cc8cc75349c120fc | |||
1319aec4dcc379fe47115a5d62632727c05f4567fc84dd79554db86676a14978 | 1ba5d67ee29affde28df75a20f344812453ff68270ad5f46295660558168e1d1 | |||
42de805d8be93180af4d6ff3043886a0 | 85cb308226cdad0a50417dcd4a8d4b47 | |||
Figure 11: Encrypted CWT as hex string | Figure 11: Encrypted CWT as hex string | |||
16( | 16( | |||
[ | [ | |||
/ protected / h'a1010a' / { | / protected / h'a1010a' / { | |||
/ alg / 1: 10 / AES-CCM-16-64-128 / | / alg / 1: 10 / AES-CCM-16-64-128 / | |||
} /, | } /, | |||
/ unprotected / { | / unprotected / { | |||
/ iv / 5: h'3a869e378e72b77d077c29be02' | / iv / 5: h'3d9624bfb90a612bdcfc5077c4' | |||
}, | }, | |||
/ ciphertext / h'd275ad9cd7df1b10ba8cde785c74b1e1e6ada287e2b | / ciphertext / h'e06d4b57cf3b3c9da3a16325dadcb9d2a0748f00ecd | |||
af1451b06862529b784d230b0111773b6c3691319ae | 728f4b79030b56a292ee9cc8cc75349c120fc1ba5d6 | |||
c4dcc379fe47115a5d62632727c05f4567fc84dd795 | 7ee29affde28df75a20f344812453ff68270ad5f462 | |||
54db86676a1497842de805d8be93180af4d6ff30438 | 95660558168e1d185cb308226cdad0a50417dcd4a8d | |||
86a0' | 4b47' | |||
] | ] | |||
) | ) | |||
Figure 12: Encrypted CWT in CBOR diagnostic notation | Figure 12: Encrypted CWT in CBOR diagnostic notation | |||
A.6. Example Nested CWT | A.6. Example Nested CWT | |||
This section shows a Nested CWT, signed and then encrypted, with a | This section shows a Nested CWT, signed and then encrypted, with a | |||
single recipient and a full CWT Claims Set. | single recipient and a full CWT Claims Set. | |||
skipping to change at page 19, line 5 ¶ | skipping to change at page 20, line 5 ¶ | |||
from Appendix A.2.3. The encryption is done with AES-CCM mode using | from Appendix A.2.3. The encryption is done with AES-CCM mode using | |||
the 128-bit symmetric key from Appendix A.2.1 with a 64-bit tag and | the 128-bit symmetric key from Appendix A.2.1 with a 64-bit tag and | |||
13-byte nonce, i.e., COSE AES-CCM-16-64-128. The content type is set | 13-byte nonce, i.e., COSE AES-CCM-16-64-128. The content type is set | |||
to CWT to indicate that there are multiple layers of COSE protection | to CWT to indicate that there are multiple layers of COSE protection | |||
before finding the CWT Claims Set. The decrypted ciphertext will be a | before finding the CWT Claims Set. The decrypted ciphertext will be a | |||
COSE_sign1 structure. In this example, it is the same one as in | COSE_sign1 structure. In this example, it is the same one as in | |||
Appendix A.3, i.e., a Signed CWT Claims Set. Note that there is no | Appendix A.3, i.e., a Signed CWT Claims Set. Note that there is no | |||
limitation to the number of layers; this is an example with two | limitation to the number of layers; this is an example with two | |||
layers. Line breaks are for display purposes only. | layers. Line breaks are for display purposes only. | |||
d08346a203183d010aa1054d9120e5dc42c9f9aec05ebe8a4858a538be026c02 | d08343a1010aa1054dd3bdeeb4daaa50625a5b576cc458a3318af5c80a11e081 | |||
4a40b19d6dbea3ddb18b31021f874a097a05ff3cdaa4665bafc8e46a3d7f37ad | 91ca790b0793156451afc144e0f9f892679dff1d01cd52d7fe1e43ac8dabace0 | |||
f002fe57eee267f8f62a9c1621af75e1ecd742a3d801c2cc82358cf104a8d902 | f74af095f918197da1550a76d59c2a89db6331e12451fc87fef56f2ff179fb33 | |||
4d38a599ea6027d482dc2948a88fe83f9734804299c832401029e2d32a984789 | d6132ca34eb7fa8de0960d5f02a2b625792ccc8e5b3d59c0bede9d7438dc5c4f | |||
c8e9563e8d2a751323bb7e4462b549e0fa89ef93f78bf6425635fba76b4aa804 | e0c403c8fc32e874fbb7516c52edddfc09d4444a762dcd0cd486895131c343ae | |||
7908e89b3b7c3d59d8a80e22f70a1b6ee8c162c564341c2f15cec252d3da038c | 040620cdd4448c6ce0b7803022ff3d7877a83c345c05a57b36105a | |||
Figure 13: Signed and Encrypted CWT as hex string | Figure 13: Signed and Encrypted CWT as hex string | |||
16( | 16( | |||
[ | [ | |||
/ protected / h'a203183d010a' / { | / protected / h'a203183d010a' / { | |||
/ content type / 3: 61, / CWT / | ||||
/ alg / 1: 10 / AES-CCM-16-64-128 / | / alg / 1: 10 / AES-CCM-16-64-128 / | |||
} / , | } / , | |||
/ unprotected / { | / unprotected / { | |||
/ iv / 5: h'9120e5dc42c9f9aec05ebe8a48' | / iv / 5: h'd3bdeeb4daaa50625a5b576cc4' | |||
}, | }, | |||
/ ciphertext / h'38be026c024a40b19d6dbea3ddb18b31021f874a097 | / ciphertext / h'318af5c80a11e08191ca790b0793156451afc144e0f | |||
a05ff3cdaa4665bafc8e46a3d7f37adf002fe57eee2 | 9f892679dff1d01cd52d7fe1e43ac8dabace0f74af0 | |||
67f8f62a9c1621af75e1ecd742a3d801c2cc82358cf | 95f918197da1550a76d59c2a89db6331e12451fc87f | |||
104a8d9024d38a599ea6027d482dc2948a88fe83f97 | ef56f2ff179fb33d6132ca34eb7fa8de0960d5f02a2 | |||
34804299c832401029e2d32a984789c8e9563e8d2a7 | b625792ccc8e5b3d59c0bede9d7438dc5c4fe0c403c | |||
51323bb7e4462b549e0fa89ef93f78bf6425635fba7 | 8fc32e874fbb7516c52edddfc09d4444a762dcd0cd4 | |||
6b4aa8047908e89b3b7c3d59d8a80e22f70a1b6ee8c | 86895131c343ae040620cdd4448c6ce0b7803022ff3 | |||
162c564341c2f15cec252d3da038c' | d7877a83c345c05a57b36105a' | |||
] | ] | |||
) | ) | |||
Figure 14: Signed and Encrypted CWT in CBOR diagnostic notation | Figure 14: Signed and Encrypted CWT in CBOR diagnostic notation | |||
A.7. Example MACed CWT with a floating-point value | ||||
This section shows a MACed CWT with a single recipient and a simple | ||||
CWT Claims Set. The CWT Claims Set with a floating-point 'iat' value. | ||||
The MAC is generated using the 256-bit symmetric key from | ||||
Appendix A.2.2 with a 64-bit truncation. Line breaks are for display | ||||
purposes only. | ||||
d18443a10104a04ba106fb41d584367c20000048b8816f34c0542892 | ||||
Figure 15: MACed CWT with a floating-point value as hex string | ||||
17( | ||||
[ | ||||
/ protected / h'a10104' / { | ||||
/ alg / 1: 4 / HMAC 256/64 / | ||||
} / , | ||||
/ unprotected / {}, | ||||
/ payload / h'a106fb41d584367c200000' / { | ||||
/ iat / 6: 1443944944.5 | ||||
} / , | ||||
/ tag / h'b8816f34c0542892' | ||||
] | ||||
) | ||||
Figure 16: MACed CWT with a floating-point value in CBOR diagnostic | ||||
notation | ||||
Appendix B. Acknowledgements | Appendix B. Acknowledgements | |||
This specification is based on JSON Web Token (JWT) [RFC7519], the | This specification is based on JSON Web Token (JWT) [RFC7519], the | |||
authors of which also include Nat Sakimura and John Bradley. Ludwig | authors of which also include Nat Sakimura and John Bradley. It also | |||
Seitz and Goeran Selander have made contributions the specification. | incorporates suggestions made by many people, notably Carsten | |||
Bormann, Jim Schaad, Ludwig Seitz, and Goeran Selander. | ||||
Appendix C. Document History | Appendix C. Document History | |||
[[ to be removed by the RFC Editor before publication as an RFC ]] | [[ to be removed by the RFC Editor before publication as an RFC ]] | |||
-05 | ||||
o Addressed working group last call comments with the following | ||||
changes: | ||||
o Say that CWT is derived from JWT, rather than CWT is a profile of | ||||
JWT. | ||||
o Used CBOR type names in descriptions, rather than major/minor type | ||||
numbers. | ||||
o Clarified the NumericDate and StringOrURI descriptions. | ||||
o Changed to allow CWT claim names to use values of any legal CBOR | ||||
map key type. | ||||
o Changed to use the CWT tag to identify nested CWTs instead of the | ||||
CWT content type. | ||||
o Added an example using a floating-point date value. | ||||
o Acknowledged reviewers. | ||||
-04 | -04 | |||
o Specified that the use of CBOR tags to prefix any of the claim | o Specified that the use of CBOR tags to prefix any of the claim | |||
values defined in this specification is NOT RECOMMENDED. | values defined in this specification is NOT RECOMMENDED. | |||
-03 | -03 | |||
o Reworked the examples to include signed, MACed, encrypted, and | o Reworked the examples to include signed, MACed, encrypted, and | |||
nested CWTs. | nested CWTs. | |||
o Defined the CWT CBOR tag and explained its usage. | o Defined the CWT CBOR tag and explained its usage. | |||
-02 | -02 | |||
o Added IANA registration for the application/cwt media type. | o Added IANA registration for the application/cwt media type. | |||
o Clarified the nested CWT language. | o Clarified the nested CWT language. | |||
o Corrected nits identified by Ludwig Seitz. | o Corrected nits identified by Ludwig Seitz. | |||
-01 | -01 | |||
o Added IANA registration for CWT Claims. | o Added IANA registration for CWT Claims. | |||
o Added IANA registration for the application/cwt CoAP content- | o Added IANA registration for the application/cwt CoAP content- | |||
format type. | format type. | |||
o Added Samuel Erdtman as an editor. | o Added Samuel Erdtman as an editor. | |||
o Changed Erik's e-mail address. | o Changed Erik's e-mail address. | |||
-00 | -00 | |||
o Created the initial working group version based on draft- | o Created the initial working group version based on draft- | |||
wahlstroem-ace-cbor-web-token-00. | wahlstroem-ace-cbor-web-token-00. | |||
Authors' Addresses | Authors' Addresses | |||
Michael B. Jones | Michael B. Jones | |||
End of changes. 56 change blocks. | ||||
152 lines changed or deleted | 253 lines changed or added | |||
This html diff was produced by rfcdiff 1.45. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ |