►
From YouTube: COSE WG Interim Meeting, 2020-04-02
Description
COSE WG Interim Meeting, 2020-04-02
A
We'll
get
started
here
in
just
a
minute.
One
of
our
chairs
is
having
some
technical.
A
A
B
C
B
Okay,
wonderful,
sorry
for
this
slide
today,
I
guess
when
I
stopped
my
camera,
something
happened.
I
have
no
idea
okay,
so
this
is
the
cozy
virtual
meeting.
B
It's
an
official
idf
meeting
and
as
such,
do
not
well
applies.
B
You
can
ask
that
yours,
if
you
have
any
questions
about
it,
so
with
that
this
is
our
agenda,
I
will
be
presenting
the
status
of
current
drafts
and
then
we'll
see
some
new
work
that
will
be
followed
by
discussions
about
rechartering
as
usual.
The
presence
will
be
noted
for
this
we'll
be
using
theater
part
and
the
minutes
will
be
taken.
A
B
Okay,
so
now
the
status
of
the
charts
we
have
the
hash
seek
track
that
is
still
in
drc.
Editor
queue.
B
Then
we
have
the
web
authentic
algorithms
draft
that
one
has.
It
had
some
issue
with
the
data
tracker
that
is
now
fixed
and
we
are
waiting
for
80
evaluation
and
go
ahead.
B
B
So
with
that,
I
guess
here
there's
not
more
to
be
said
for
the
hash
alex
and
the
x519.
They
are
currently
waiting
for
shepherd
to
review.
B
B
F
I
thought
it
was
in
there
yeah
okay
great,
so
this
is
presentation
of
the
new
draft
we
submitted
a
couple
of
weeks
ago
and
take
next
slide.
F
So
x509
so
they've
got
sticks
they
when
used.
They
take
up
a
quite
large
number
large
part
of
the
total
number
of
bytes
when
used
in
code
c
and
also
in
other
security
protocols
like
els
and
best
practice
is
now
to
encrypt
all
the
identities
and
private
information,
and
this
means
that
a
lot
of
old,
prag
iut
practice
to
compress
things
in
gateways
and
decompress.
The
gateways
doesn't
really
work
and
will
not
work
in
the
future.
F
Instead,
any
compression
needs
to
be
done
in
the
protocol
itself,
so
drought,
matzon
register
a
new
attribute
cbochain,
similar
to
x5
chain,
to
convey
x509
certificate
chain
compressed
with
c
bore.
F
F
F
7925
is
a
certificate
profile
for
dls,
but
it
feels
like
a
quite
good
start
profile
also
for
other
iut
protocols
and
environments,
and
as
we
have,
we
have
seen
that
applying
general
compression
general
compression
algorithms,
at
least
without
the
dictionary
we
are
not
trident
dictionaries,
you're,
basically
not
able
to
compress
highly
profiled
that
it
gets
at
all
or
in
best
case,
very
very,
very
little.
F
F
As
an
example
we
have
taken,
we
have
made
the
rfc
7925x
509
certificate.
F
It
stands
up
with
314
bytes
when
we
try
to
compress
this
with
said
lib,
which
is
a
quite
common
compression
algorithms
and
one
of
the
compression
algorithms
standardized
in
the
tls
significant
compression
that
then
you
only
get
nine
percent
compression,
and
that
is
this
is
definitely
not
chosen
to
get
bad
results
for.
F
Sadly,
in
fact,
a
lot
of
the
a
lot
of
the
example
the
divides,
with
only
small
changes
to
the
one
we
used
here
then,
sadly,
actually
increase
the
size
and
with
our
seaborg
compression
algorith,
we
get
a
compression
of
57
resulting
in
136
bytes
in
total.
So
obviously
this
can
compact
make
highly
profile.
F
F
Next
slide-
and
this
is
just
the
example
certificate
that
we
used-
we
think
it's
a
quite
good
example
difficult
for
iot
use
case
and
on
the
right.
You
see
the
seaborg
compressed
compression,
which
is
a
seaboard
sequence
and
in
the
draft
draw,
so
you
can
also
find
the
significant
as
a
byte
string.
If
you
want
to
try
some
other
compression
algorithm
next
slide.
F
F
I
have
missed
it
and
we
think
that
it
seems
this
is
a
would
be
a
very
good
fit
for
koci,
as
it
can
compress
the
iot
profile
certificates.
Quite
much
now,
the
question
is:
is
rfc
7925
profile
useful
for
code?
0
is
something
missing.
Other
follow-up
questions
is
what
kind
of
headers
shouldn't
be
supported
or
compression.
B
I
mean
for
now
I
think
we
are
very
small
number
of
people.
So
if
anyone
has
comments,
I
think
it's
okay
to
directly
start
talking.
If
we
see
that
we
have
problems,
we
can
always
switch
to
the
plus
q
minus
q.
I
think
that
have
been
used
in
some
other
meetings.
G
Michael
richardson
should
be
one
document,
or
should
it
be
merged
in
with
the
with
the
ac
or
certificate
document.
F
Yeah,
that's
a
good
question,
that's
a
possible
thing
that
could
be
done
and
also,
I
guess.
If,
if
if
people
wants
to
do
compression,
another
question
is:
should
the
x
5
0
9
be
changing
that
it's
already
in
our
array
or
something.
E
D
Be
not
too
happy
with
changing
the
current
x5
online
document
for
something
that
is
speculative
in
terms
of
is
it
going
to
be
done?
Where
is
it
going
to
be
done?
Points
are
relatively
cheap,
the
only
fun
part
would
be.
D
D
G
I
think,
and
given
how
short
your
document
is,
I
think
that
it
would
just
be
seen,
as
you
know,
more
more
isg
turn
for
less
no
additional
light.
E
I
a
little
bit
wonder
if
there
is
going
to
be
a
sort
of
more
generic
way
to
apply
the
same
type
of
compression
to
other
asm1.
Durer
encoded
objects,
as
I
think
was,
was
mentioned
in
the
jabber,
but
I
don't
think
we
need
to
worry
too
much
about
that
generic
problem
right
now,
because
the
specific
nature
of
the
static
context
is
indicated
by
the
seabor
field,
name
that
we're
using,
and
so
if
we
do
end
up
doing
something
else
in
the
future,
that's
more
generic.
D
H
G
G
F
G
Tables
what
if
you
propose
to
extend
the
in
a
pickaxe
registry
with
a
new
column.
C
F
Seems
like
people
are
quite
positive.
I
haven't
heard
any
negative
opinion
and
where
would
this
do
the
ada
have
any
suggestion
where
this
merged
draft
containing
both
the
algorithm
and
the
iana
registration
for
protocols
would
belong.
E
I
would
have
to
take
a
little
bit
closer
look.
I
it
might
belong
here.
H
D
E
I
was
thinking
about
that
as
well,
but
I
I'm
not
sure
if
ctls
is
going
to
end
up
actually
using
cbor
versus
some
other
custom
encoding
format.
H
Messing
with
this
and
saving
another
bit
somewhere
by
by
deviating
from
sibo,
so
I
would
feel
much
better
if
we
could
keep
this
in
a
working
group.
That
actually
knows
something
about
zebra.
A
Yeah,
so
our
our
current
charter
was
very
specific
and
very
limited
on
what
it
was,
what
what
was
in
scope
for
the
working
group
and
if
there
was
to
be
anything
else,
we
would
need
to
recharge,
and
so
this
this
is
snippets
from
the
from
the
current
charter,
where
it's,
where
it
does
pretty
quickly
say:
a152,
bis,
hash,
signatures,
hash,
algorithms
and
x,
five
or
nine
and
the
web
opt-in.
A
A
Recharge
so
the
next
slide,
please.
A
A
Certainly
this
working
group
I
mean
it-
has
the
it-
has
the
people
that
evaluate
these
things,
so
the
question
is:
is
there
anything
you
know
is?
Is
this
something
the
working
group
is
interested
in
doing?
Is
there
anything
else
we
maybe
want
to
be
looking
for.
D
Moskowitz
has
asked
for
some
of
the
kmac
stuff
at
one
point
in
time,
as
an
additional
algorithm
set.
I
kind
of
want
to
do
that
just
to
screw
up
all
the
erickson
people
over
in
ace.
I
think
that
the
only
kdf
is
hmac
based,
but
that's
just
a
personal
quirk
of
mine.
B
H
F
H
So,
right
now
to
to
do
to
use
one
of
these
compressed
seba
threads,
you
need
to
the
the
receiver
needs
to
re-encode
it
into
asn,
1dr
and
compute.
The
the
check,
the
signature
based
on
that
and
for
for
many
applications.
It
would
be
nice
if
that
step
could
be
omitted.
C
F
So
one
example
is
draft
rosa.
Actually,
the
first
bit
the
int
see
there
is
a
one
for
compression
and
zero
for
a
native
certificate.
You
know
there
are
other
suggestions
for
sea
bird
certificates.
I
have
not
been
talking
about
that,
but
dr
rosa
is
co-authored
by
a
swedish
ca
that
says
that
they
would
be
willing
to
implement
this
kind
of
thing
if
needed,
for
iot.
H
A
E
Yeah,
I
think
my
take
from
the
discussion
on
emu
with
ryan
was
more
along.
The
lines
of
you
need
someone
who's
willing
to
pay
the
certificate
authority
operators
a
sizable
chunk
of
money
in
order
to
get
them
to
actually
do
something
using
it,
but
they
are
perfectly
happy
to
do
new
things
if
you
pay
them
enough.
C
B
B
That's
that's
it!
So
if
we
decide
to
do
this
additional
work,
yeah
I
mean
if
bendy
sets
so
so
that
it's
a
good
fit.
E
B
A
This
is
matthew
I
so
I
think
one
additional
question
is:
do
we
still
want
to
be
as
constrained
as
we
are
today,
meaning
with
this
recharter?
We
are
picking
up
specific
work
and
if
we
are
to
pick
up
anything
else
after
that
would
require
yet
another
recharter.
B
D
I
think
I
would
like
to
see
us
very
constrained
on
anything
that
is
not
new
algorithms,
so
that
we
have
to
really
think
about
whether
it's
work
we
want
to
do.
I'm
less
worried
about
being
really
constrained
on
saying.
Oh
we've.
E
D
E
A
Okay,
so
I
just
to
reiterate
what
I
think
I'm
hearing
is,
so
we
should
continue
to
be
constrained
for
anything,
that's
not
an
algorithm.
We
should
be
a
little.
We
should
be
more
open
for
accepting
anything
that
is
defining
or
bringing
an
algorithm
that
is
bringing
an
algorithm
into
disposing.
Is
that
correct.
D
A
D
A
A
Uc
speaking
as
chair,
I
think
what
what
I'm
hearing
is
that
there's
there's
definitely
interest.
We
chairs
will
solicit
on
the
list
very
shortly
about
about
text.
We
are
at
least
with
this
group.
We
are.
A
A
Questions
the
chairs,
we'll
submit
we'll,
submit
the
question
to
the
list
to
get
confirmation
and
start
working
on
text.
Is
anybody
on
this
call
going
to
help
define
that
text.
C
A
A
G
A
A
We'll
confirm
on
the
list
and
maybe
see
if
that's
listening
to
others,
so
I
think
we
can
move
on.