Push update for 24

cose-wg · Nov 22, 2016 · afb8903 · afb8903
1 parent e924404
commit afb8903
Showing 1 changed file with 70 additions and 69 deletions.
diff --git a/draft-ietf-cose-msg.xml b/draft-ietf-cose-msg.xml
@@ -620,9 +620,10 @@ empty_or_serialized_map = bstr .cbor header_map / bstr .size 0
               The value is taken from the "COSE Algorithms" Registry (see <xref target="cose-algorithm-registry"/>).
 
               New messed up text -->
-              This parameter isused to indicate the algorithm used for the security processing.
-              This parameter MUST be authenticiated when support is provided by the algorithm (AEAD algorithms) or construction (sign and mac).
-              This authentication can be done either by placing the header in the protected header bucket or by supplying it as part of the applications external data.
+              This parameter is used to indicate the algorithm used for the security processing.
+              This parameter MUST be authenticated where the ability to do so exists.
+              This support is provided by AEAD algorithms or construction (COSE_Sign, COSE_Sign0, COSE_Mac and COSE_Mac0).
+              This authentication can be done either by placing the header in the protected header bucket or as part of the externally supplied data.
               The value is taken from the "COSE Algorithms" Registry (see <xref target="cose-algorithm-registry"/>).
             </t>
 
@@ -3926,20 +3927,20 @@ encryptedKey = KeyWrap(KDF(DH-Shared, context), CEK)
         <!--  FOR IANA
              
              
-name || label || type || algorithm || description
+name || label || type || algorithm || description  **
 
-ephemeral key || -1 || COSE_Key || ECDH-ES+HKDF-256, ECDH-ES+HKDF-512, ECDH-ES+A128KW, ECDH-ES+A192KW, ECDH-ES+A256KW || Ephemeral Public key for the sender
-static key || -2 || COSE_Key || ECDH-SS+HKDF-256, ECDH-SS+HKDF-512, ECDH-SS+A128KW, ECDH-SS+A192KW, ECDH-SS+A256KW  || Static Public key for the sender
-static key id  || -3 || bstr || ECDH-SS+HKDF-256, ECDH-SS+HKDF-512, ECDH-SS+A128KW, ECDH-SS+A192KW, ECDH-SS+A256KW  || Static Public key identifier for the sender
+ephemeral key || -1 || COSE_Key || ECDH-ES+HKDF-256, ECDH-ES+HKDF-512, ECDH-ES+A128KW, ECDH-ES+A192KW, ECDH-ES+A256KW || Ephemeral Public key for the sender  **
+static key || -2 || COSE_Key || ECDH-SS+HKDF-256, ECDH-SS+HKDF-512, ECDH-SS+A128KW, ECDH-SS+A192KW, ECDH-SS+A256KW  || Static Public key for the sender  **
+static key id  || -3 || bstr || ECDH-SS+HKDF-256, ECDH-SS+HKDF-512, ECDH-SS+A128KW, ECDH-SS+A192KW, ECDH-SS+A256KW  || Static Public key identifier for the sender  **
 
-salt || -20 || bstr || direct+HKDF-SHA-256, direct+HKDF-SHA-512, direct+HKDF-AES-128, direct+HKDF-AES-256, ECDH-ES+HKDF-256, ECDH-ES+HKDF-512, ECDH-SS+HKDF-256, ECDH-SS+HKDF-512, ECDH-ES+A128KW, ECDH-ES+A192KW, ECDH-ES+A256KW, ECDH-SS+A128KW, ECDH-SS+A192KW, ECDH-SS+A256KW  || Random salt
+salt || -20 || bstr || direct+HKDF-SHA-256, direct+HKDF-SHA-512, direct+HKDF-AES-128, direct+HKDF-AES-256, ECDH-ES+HKDF-256, ECDH-ES+HKDF-512, ECDH-SS+HKDF-256, ECDH-SS+HKDF-512, ECDH-ES+A128KW, ECDH-ES+A192KW, ECDH-ES+A256KW, ECDH-SS+A128KW, ECDH-SS+A192KW, ECDH-SS+A256KW  || Random salt  **
 
-PartyU identity || -21 || bstr || direct+HKDF-SHA-256, direct+HKDF-SHA-512, direct+HKDF-AES-128, direct+HKDF-AES-256, ECDH-ES+HKDF-256, ECDH-ES+HKDF-512, ECDH-SS+HKDF-256, ECDH-SS+HKDF-512, ECDH-ES+A128KW, ECDH-ES+A192KW, ECDH-ES+A256KW, ECDH-SS+A128KW, ECDH-SS+A192KW, ECDH-SS+A256KW  || Party U identity Information
-PartyU nonce || -22 || bstr / int || direct+HKDF-SHA-256, direct+HKDF-SHA-512, direct+HKDF-AES-128, direct+HKDF-AES-256, ECDH-ES+HKDF-256, ECDH-ES+HKDF-512, ECDH-SS+HKDF-256, ECDH-SS+HKDF-512, ECDH-ES+A128KW, ECDH-ES+A192KW, ECDH-ES+A256KW, ECDH-SS+A128KW, ECDH-SS+A192KW, ECDH-SS+A256KW  || Party U provided nonce
-PartyU other || -23 || bstr || direct+HKDF-SHA-256, direct+HKDF-SHA-512, direct+HKDF-AES-128, direct+HKDF-AES-256, ECDH-ES+HKDF-256, ECDH-ES+HKDF-512, ECDH-SS+HKDF-256, ECDH-SS+HKDF-512, ECDH-ES+A128KW, ECDH-ES+A192KW, ECDH-ES+A256KW, ECDH-SS+A128KW, ECDH-SS+A192KW, ECDH-SS+A256KW  || Party U other provided information
-PartyV identity || -24 || bstr || direct+HKDF-SHA-256, direct+HKDF-SHA-512, direct+HKDF-AES-128, direct+HKDF-AES-256, ECDH-ES+HKDF-256, ECDH-ES+HKDF-512, ECDH-SS+HKDF-256, ECDH-SS+HKDF-512, ECDH-ES+A128KW, ECDH-ES+A192KW, ECDH-ES+A256KW, ECDH-SS+A128KW, ECDH-SS+A192KW, ECDH-SS+A256KW  || Party V identity Information
-PartyV nonce || -25 || bstr / int || direct+HKDF-SHA-256, direct+HKDF-SHA-512, direct+HKDF-AES-128, direct+HKDF-AES-256, ECDH-ES+HKDF-256, ECDH-ES+HKDF-512, ECDH-SS+HKDF-256, ECDH-SS+HKDF-512, ECDH-ES+A128KW, ECDH-ES+A192KW, ECDH-ES+A256KW, ECDH-SS+A128KW, ECDH-SS+A192KW, ECDH-SS+A256KW
-Party V provided nonce || PartyV other || -26 || bstr || direct+HKDF-SHA-256, direct+HKDF-SHA-512, direct+HKDF-AES-128, direct+HKDF-AES-256, ECDH-ES+HKDF-256, ECDH-ES+HKDF-512, ECDH-SS+HKDF-256, ECDH-SS+HKDF-512, ECDH-ES+A128KW, ECDH-ES+A192KW, ECDH-ES+A256KW, ECDH-SS+A128KW, ECDH-SS+A192KW, ECDH-SS+A256KW  || Party V other provided information
+PartyU identity || -21 || bstr || direct+HKDF-SHA-256, direct+HKDF-SHA-512, direct+HKDF-AES-128, direct+HKDF-AES-256, ECDH-ES+HKDF-256, ECDH-ES+HKDF-512, ECDH-SS+HKDF-256, ECDH-SS+HKDF-512, ECDH-ES+A128KW, ECDH-ES+A192KW, ECDH-ES+A256KW, ECDH-SS+A128KW, ECDH-SS+A192KW, ECDH-SS+A256KW  || Party U identity Information  **
+PartyU nonce || -22 || bstr / int || direct+HKDF-SHA-256, direct+HKDF-SHA-512, direct+HKDF-AES-128, direct+HKDF-AES-256, ECDH-ES+HKDF-256, ECDH-ES+HKDF-512, ECDH-SS+HKDF-256, ECDH-SS+HKDF-512, ECDH-ES+A128KW, ECDH-ES+A192KW, ECDH-ES+A256KW, ECDH-SS+A128KW, ECDH-SS+A192KW, ECDH-SS+A256KW  || Party U provided nonce  **
+PartyU other || -23 || bstr || direct+HKDF-SHA-256, direct+HKDF-SHA-512, direct+HKDF-AES-128, direct+HKDF-AES-256, ECDH-ES+HKDF-256, ECDH-ES+HKDF-512, ECDH-SS+HKDF-256, ECDH-SS+HKDF-512, ECDH-ES+A128KW, ECDH-ES+A192KW, ECDH-ES+A256KW, ECDH-SS+A128KW, ECDH-SS+A192KW, ECDH-SS+A256KW  || Party U other provided information  **
+PartyV identity || -24 || bstr || direct+HKDF-SHA-256, direct+HKDF-SHA-512, direct+HKDF-AES-128, direct+HKDF-AES-256, ECDH-ES+HKDF-256, ECDH-ES+HKDF-512, ECDH-SS+HKDF-256, ECDH-SS+HKDF-512, ECDH-ES+A128KW, ECDH-ES+A192KW, ECDH-ES+A256KW, ECDH-SS+A128KW, ECDH-SS+A192KW, ECDH-SS+A256KW  || Party V identity Information  **
+PartyV nonce || -25 || bstr / int || direct+HKDF-SHA-256, direct+HKDF-SHA-512, direct+HKDF-AES-128, direct+HKDF-AES-256, ECDH-ES+HKDF-256, ECDH-ES+HKDF-512, ECDH-SS+HKDF-256, ECDH-SS+HKDF-512, ECDH-ES+A128KW, ECDH-ES+A192KW, ECDH-ES+A256KW, ECDH-SS+A128KW, ECDH-SS+A192KW, ECDH-SS+A256KW  **
+Party V provided nonce || PartyV other || -26 || bstr || direct+HKDF-SHA-256, direct+HKDF-SHA-512, direct+HKDF-AES-128, direct+HKDF-AES-256, ECDH-ES+HKDF-256, ECDH-ES+HKDF-512, ECDH-SS+HKDF-256, ECDH-SS+HKDF-512, ECDH-ES+A128KW, ECDH-ES+A192KW, ECDH-ES+A256KW, ECDH-SS+A128KW, ECDH-SS+A192KW, ECDH-SS+A256KW  || Party V other provided information  **
 
 
 -->
@@ -3999,66 +4000,66 @@ Party V provided nonce || PartyV other || -26 || bstr || direct+HKDF-SHA-256, di
           Expert reviewers should consider this practice, but are not expected to be restricted by this precedent.
         </t>
 
-<!--  FOR IANA
+<!--  FOR IANA  **
 
-name || value || description
+name || value || description  **
 
-Reserved || 0 || Reserved
+Reserved || 0 || Reserved  **
 
-AES-CCM-16-64-128 || 10 || AES-CCM mode 128-bit key, 64-bit tag, 13-byte nonce
-AES-CCM-16-64-256 || 11 || AES-CCM mode 256-bit key, 64-bit tag, 13-byte nonce
-AES-CCM-64-64-128 || 12 || AES-CCM mode 128-bit key, 64-bit tag, 7-byte nonce
-AES-CCM-64-64-256 || 13 || AES-CCM mode 256-bit key, 64-bit tag, 7-byte nonce
-AES-CCM-16-128-128 || 30 || AES-CCM mode 128-bit key, 128-bit tag, 13-byte nonce
-AES-CCM-16-128-256 || 31 || AES-CCM mode 256-bit key, 128-bit tag, 13-byte nonce
-AES-CCM-64-128-128 || 32 || AES-CCM mode 128-bit key, 128-bit tag, 7-byte nonce
-AES-CCM-64-128-256 || 33 || AES-CCM mode 256-bit key, 128-bit tag, 7-byte nonce
+AES-CCM-16-64-128 || 10 || AES-CCM mode 128-bit key, 64-bit tag, 13-byte nonce  **
+AES-CCM-16-64-256 || 11 || AES-CCM mode 256-bit key, 64-bit tag, 13-byte nonce  **
+AES-CCM-64-64-128 || 12 || AES-CCM mode 128-bit key, 64-bit tag, 7-byte nonce  **
+AES-CCM-64-64-256 || 13 || AES-CCM mode 256-bit key, 64-bit tag, 7-byte nonce  **
+AES-CCM-16-128-128 || 30 || AES-CCM mode 128-bit key, 128-bit tag, 13-byte nonce  **
+AES-CCM-16-128-256 || 31 || AES-CCM mode 256-bit key, 128-bit tag, 13-byte nonce  **
+AES-CCM-64-128-128 || 32 || AES-CCM mode 128-bit key, 128-bit tag, 7-byte nonce  **
+AES-CCM-64-128-256 || 33 || AES-CCM mode 256-bit key, 128-bit tag, 7-byte nonce  **
 
-A128GCM || 1 || AES-GCM mode w/ 128-bit key, 128-bit tag
-A192GCM || 2 || AES-GCM mode w/ 192-bit key, 128-bit tag
-A256GCM || 3 || AES-GCM mode w/ 256-bit key, 128-bit tag
+A128GCM || 1 || AES-GCM mode w/ 128-bit key, 128-bit tag  **
+A192GCM || 2 || AES-GCM mode w/ 192-bit key, 128-bit tag  **
+A256GCM || 3 || AES-GCM mode w/ 256-bit key, 128-bit tag  **
 
-ChaCha20/Poly1305 || 24 || ChaCha20/Poly1305 w/ 256-bit key, 128-bit tag
+ChaCha20/Poly1305 || 24 || ChaCha20/Poly1305 w/ 256-bit key, 128-bit tag  **
 
-ES256 || -7 || ECDSA w/ SHA-256
-ES384 || -35 || ECDSA w/ SHA-384
-ES512 || -36 || ECDSA w/ SHA-512
+ES256 || -7 || ECDSA w/ SHA-256  **
+ES384 || -35 || ECDSA w/ SHA-384  **
+ES512 || -36 || ECDSA w/ SHA-512  **
 
-HMAC 256/64 || 4 || HMAC w/ SHA-256 truncated to 64 bits
-HMAC 256/256 || 5 || HMAC w/ SHA-256
-HMAC 384/384 || 6 || HMAC w/ SHA-384
-HMAC 512/512 || 7 || HMAC w/ SHA-512
+HMAC 256/64 || 4 || HMAC w/ SHA-256 truncated to 64 bits  **
+HMAC 256/256 || 5 || HMAC w/ SHA-256  **
+HMAC 384/384 || 6 || HMAC w/ SHA-384  **
+HMAC 512/512 || 7 || HMAC w/ SHA-512  **
 
-AES-MAC 128/64 || 14 || AES-MAC 128 bit key, 64-bit tag
-AES-MAC 256/64 || 15 || AES-MAC 256 bit key, 64-bit tag
-AES-MAC 128/128 || 25 || AES-MAC 128 bit key, 128-bit tag
-AES-MAC 256/128 || 26 || AES-MAC 256 bit key, 128-bit tag
+AES-MAC 128/64 || 14 || AES-MAC 128 bit key, 64-bit tag  **
+AES-MAC 256/64 || 15 || AES-MAC 256 bit key, 64-bit tag  **
+AES-MAC 128/128 || 25 || AES-MAC 128 bit key, 128-bit tag  **
+AES-MAC 256/128 || 26 || AES-MAC 256 bit key, 128-bit tag  **
 
-direct || -6 || Direct use of CEK
+direct || -6 || Direct use of CEK  **
 
-direct+HKDF-SHA-256 || -10 || Shared secret w/ HKDF and SHA-256
-direct+HKDF-SHA-512 || -11 || Shared secret w/ HKDF and SHA-512
-direct+HKDF-AES-128 || -12 || Shared secret w/ AES-MAC 128-bit key
-direct+HKDF-AES-256 || -13 || Shared secret w/ AES-MAC 256-bit key
+direct+HKDF-SHA-256 || -10 || Shared secret w/ HKDF and SHA-256  **
+direct+HKDF-SHA-512 || -11 || Shared secret w/ HKDF and SHA-512  **
+direct+HKDF-AES-128 || -12 || Shared secret w/ AES-MAC 128-bit key  **
+direct+HKDF-AES-256 || -13 || Shared secret w/ AES-MAC 256-bit key  **
 
-A128KW || -3 || AES Key Wrap w/ 128-bit key
-A192KW || -4 || AES Key Wrap w/ 192-bit key
-A256KW || -5 || AES Key Wrap w/ 256-bit key
+A128KW || -3 || AES Key Wrap w/ 128-bit key  **
+A192KW || -4 || AES Key Wrap w/ 192-bit key  **
+A256KW || -5 || AES Key Wrap w/ 256-bit key  **
 
-EdDSA || -8 || EdDSA
+EdDSA || -8 || EdDSA  **
 
 
-ECDH-ES + HKDF-256 || -25 || ECDH ES w/ HKDF - generate key directly
-ECDH-ES + HKDF-512 || -26 || ECDH ES w/ HKDF - generate key directly
-ECDH-SS + HKDF-256 || -27 || ECDH SS w/ HKDF - generate key directly
-ECDH-SS + HKDF-512 || -28 || ECDH SS w/ HKDF - generate key directly
+ECDH-ES + HKDF-256 || -25 || ECDH ES w/ HKDF - generate key directly  **
+ECDH-ES + HKDF-512 || -26 || ECDH ES w/ HKDF - generate key directly  **
+ECDH-SS + HKDF-256 || -27 || ECDH SS w/ HKDF - generate key directly  **
+ECDH-SS + HKDF-512 || -28 || ECDH SS w/ HKDF - generate key directly  **
 
-ECDH-ES + A128KW || -29 || ECDH ES w/ Concat KDF and AES Key wrap w/ 128 bit key
-ECDH-ES + A192KW || -30 || ECDH ES w/ Concat KDF and AES Key wrap w/ 192 bit key
-ECDH-ES + A256KW || -31 || ECDH ES w/ Concat KDF and AES Key wrap w/ 256 bit key
-ECDH-SS + A128KW || -32 || ECDH SS w/ Concat KDF and AES Key wrap w/ 128 bit key
-ECDH-SS + A192KW || -33 || ECDH SS w/ Concat KDF and AES Key wrap w/ 192 bit key
-ECDH-SS + A256KW || -34 || ECDH SS w/ Concat KDF and AES Key wrap w/ 256 bit key
+ECDH-ES + A128KW || -29 || ECDH ES w/ Concat KDF and AES Key wrap w/ 128 bit key  **
+ECDH-ES + A192KW || -30 || ECDH ES w/ Concat KDF and AES Key wrap w/ 192 bit key  **
+ECDH-ES + A256KW || -31 || ECDH ES w/ Concat KDF and AES Key wrap w/ 256 bit key  **
+ECDH-SS + A128KW || -32 || ECDH SS w/ Concat KDF and AES Key wrap w/ 128 bit key  **
+ECDH-SS + A192KW || -33 || ECDH SS w/ Concat KDF and AES Key wrap w/ 192 bit key  **
+ECDH-SS + A256KW || -34 || ECDH SS w/ Concat KDF and AES Key wrap w/ 256 bit key  **
 
 -->
 
@@ -4159,20 +4160,20 @@ ECDH-SS + A256KW || -34 || ECDH SS w/ Concat KDF and AES Key wrap w/ 256 bit key
           The specification column for all of these entries will be this document.
         </t>
 
-        <!--  FOR IANA
+        <!--  FOR IANA  **
 
-name || key type || label || type || description
+name || key type || label || type || description  **
 
-crv || 2 || -1 || int / tstr || EC Curve identifier - Taken from the COSE Curves registry
-x || 2 || -2 || bstr || X Coordinate
-y || 2 || -3 || bstr / bool || Y Coordinate
-d || 2 || -4 || bstr || Private key
+crv || 2 || -1 || int / tstr || EC Curve identifier - Taken from the COSE Curves registry  **
+x || 2 || -2 || bstr || X Coordinate  **
+y || 2 || -3 || bstr / bool || Y Coordinate  **
+d || 2 || -4 || bstr || Private key  **
 
-crv || 1 || -1 || int / tstr || EC Curve identifier - Taken from the COSE Key Common Parameters registry
-x || 1 || -2 || bstr || X Coordinate
-d || 1 || -4 || bstr || Private key
+crv || 1 || -1 || int / tstr || EC Curve identifier - Taken from the COSE Key Common Parameters registry  **
+x || 1 || -2 || bstr || X Coordinate  **
+d || 1 || -4 || bstr || Private key  **
 
-k || 4 || -1 || bstr || Key Value
+k || 4 || -1 || bstr || Key Value  **
 
 -->