search

ietf-rats-wg / draft-ietf-rats-msg-wrap

RATS conceptual messages wrapper
Other
0 stars 2 forks source link

Are examples realistic? #116

Open laurencelundblade opened 2 weeks ago

laurencelundblade commented 2 weeks ago

In the following, I don't think the example tokens are either real b64-encoded tokens or CBOR-encoded tokens. They probably should be to help people understand. For example, I don't know what 4c693475 is.

It would be a lot of work, but you could import EAT CDDL and use the .b64 and .cbor control operators to validate into them with the cddl tool. I did that with EAT and was able to make some useful corrections to my examples.

{
  "attester A": [
    30001,
    h'2347da55',
    4
  ],
  "attester B": 1668576818(h'2347da55'),
  "attester C": [
    "application/eat+jwt",
    h'4c693475',
    8
  ]
}
thomas-fossati commented 1 week ago

For example, I don't know what 4c693475 is.

it's ... base-64 encoded, i.e., the JWT delimiters.

To present something more realistic, we could replace it with the JSON claims-set from EAT's intro, sign it with HS256 and have:

eyJhbGciOiJIUzI1NiJ9.eyJlYXRfbm9uY2UiOiJNSURCTkgyOGlpb2lzalB5IiwidWVpZCI6IkFnQUVpenJLM1EiLCJvZW1pZCI6NzY1NDMsInN3bmFtZSI6IkFjbWUgSW9UIE9TIiwic3d2ZXJzaW9uIjoiMy4xLjQifQ.m_nRRsJIyNq_VT4qeL2SMfgOowkfi-34QtnjeglCU3w

It would be a lot of work, but you could import EAT CDDL and use the .b64 and .cbor control operators to validate into them with the cddl tool. I did that with EAT and was able to make some useful corrections to my examples.

I'd like to minimise this kind of work at this stage.

laurencelundblade commented 1 day ago

The b64 decoders I tried, two of them, don't decode 4c693475 to ... Encoding ... gives Li4uC

I know it's a lot of work (and you have many docs to worry about!). I did all this work for EAT.

If you don't do this, probably adding a note to indicate what they are so people don't try to interpret and get confused like I did.