ShuaiZhao
commented
3 years ago @mglt I was wondering if this is necessary. As you mentioned, details are in [I-D.ietf-drip-rid]. Can we simply refer to UAS RID draft?
Closed mglt closed 3 years ago
ShuaiZhao
commented
3 years ago @mglt I was wondering if this is necessary. As you mentioned, details are in [I-D.ietf-drip-rid]. Can we simply refer to UAS RID draft?
mglt
commented
3 years ago sure. If we want to say that our certificate are compacted, we can also mention explicitly the reason which is that very little information are provided (HHIT, timestamp and signature).
cardsw
commented
3 years ago Agreed, and that modern crypto is used to keep the signature short.
ShuaiZhao
commented
3 years ago A self-attestation of the HHIT RID can be done in as little as 84 bytes, by avoiding an explicit encoding technology like ASN.1 or Concise Binary Object Representation (CBOR {{RFC8949}}). This compressed attestation consists of only the HHIT, a timestamp, and the EdDSA signature on them.
> Editor-note 9: to be more specific regarding how HHIT can only use as little as 84 bytes to address the crypto concern.
mglt
commented
3 years ago I am not convinced that 84 bytes is very important not that we used a compressed attestation maybe something like this would be sufficient:
Attestation of the HHIT RID does not use encoding technology like ASN.1 or Concise Binary Object Representation (CBOR {{RFC8949}}) but instead uses a specific format that consists of the concatenation of HHIT, a timestamp, and the EdDSA signature on them.
ShuaiZhao
commented
3 years ago detailed discussion in the mailing list, improved text below:
A self-attestation of the HHIT RID can be done in as little as 84 bytes, by avoiding an explicit encoding technology like ASN.1 or Concise Binary Object Representation (CBOR {{RFC8949}}). This attestation consists of only the HHIT, a timestamp, and the EdDSA signature on them.
4.1. UAS Remote Identifiers Problem Space
""" A self-attestation of the HHIT RID can be done in as little as 84 bytes, by avoiding an explicit encoding technology like ASN.1 or Concise Binary Object Representation (CBOR [RFC8949]). This compressed attestation consists of only the HHIT, a timestamp, and the EdDSA signature on them. The HHIT prefix and suiteID provide """
If we are very specific with the number of bytes, I think we should detail the sizes of the HHIT, time stamp and EdDSA signature and make sure the addition makes 84. In addition, we should also specify the algorithm used - i.e Ed25519 since different EdDSA will result in different sizes.
crypto agility and implicit encoding rules. Similarly, a self- attestation of the Hierarchical registration of the RID (an attestation of a RID third-party registration "certificate") can be done in 200 bytes. Both these are detailed in UAS RID [I-D.ietf-drip-rid].