c/ietf-wimse-ect-cbor
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
ietf-wimse-ect-cbor/cbor-variant
History
Christian Nennemann ea188f1c22 Add CBOR/COSE/CWT serialization of WIMSE Execution Context Tokens 
Companion I-D to draft-nennemann-wimse-execution-context defining
ECT semantics mapped to CBOR encoding, COSE_Sign1 signing, and CWT
claims for constrained devices and non-HTTP transports (CoAP, MQTT,
raw binary). Aligned with JWT draft changes: jti/cti as unified
token+task ID (no separate tid), pol/pol_decision optional but paired.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-24 22:51:22 +01:00
..
claim-mapping.md
Add CBOR/COSE/CWT serialization of WIMSE Execution Context Tokens
2026-02-24 22:51:22 +01:00
draft-nennemann-wimse-execution-context-cbor-00.md
Add CBOR/COSE/CWT serialization of WIMSE Execution Context Tokens
2026-02-24 22:51:22 +01:00
README.md
Add CBOR/COSE/CWT serialization of WIMSE Execution Context Tokens
2026-02-24 22:51:22 +01:00

README.md

CBOR Serialization of Execution Context Tokens (ECT-CBOR)

draft-nennemann-wimse-execution-context-cbor-00

This Internet-Draft defines a CBOR/COSE/CWT serialization of Execution Context Tokens (ECTs) for the WIMSE working group.

Relationship to the JWT Draft

This document is a companion to draft-nennemann-wimse-execution-context, which defines the full ECT semantics using JSON/JOSE/JWT serialization.

  • JWT draft: Normative semantic definition (claims, DAG validation, verification, operational modes, security model)
  • CBOR draft (this document): CBOR/COSE/CWT serialization mapping, constrained-environment transports (CoAP, MQTT, raw binary)

The two drafts are designed for independent adoption: a deployment uses one or the other (or both in mixed-format mode), not both simultaneously for the same token.

Files

File Description
draft-nennemann-wimse-execution-context-cbor-00.md The complete Internet-Draft in kramdown-rfc format
claim-mapping.md Standalone claim mapping reference table
README.md This file

Building

Prerequisites

Build Commands

# Install tools (if not already installed)
gem install kramdown-rfc
pip install xml2rfc

# Generate XML from kramdown
kramdown-rfc2629 draft-nennemann-wimse-execution-context-cbor-00.md > draft-nennemann-wimse-execution-context-cbor-00.xml

# Generate text output
xml2rfc draft-nennemann-wimse-execution-context-cbor-00.xml --text

# Generate HTML output
xml2rfc draft-nennemann-wimse-execution-context-cbor-00.xml --html

Key Design Decisions

  1. UUIDs as 16-byte binary instead of 36-byte hyphenated text (saves 20 bytes per UUID)
  2. jti/cti as unified token+task ID — no separate tid claim (matching JWT draft)
  3. pol/pol_decision OPTIONAL but must be paired (matching JWT draft)
  4. Integer claim keys (300-316) instead of string claim names
  5. Structured hash arrays [alg_id, hash_bytes] instead of "algorithm:base64url" strings
  6. Integer enumerations for pol_decision (0/1/2) and regulated_domain (0/1/2)
  7. COSE_Sign1 (single signer) matching the JWT variant's JWS Compact Serialization model
  8. ~2.8x size reduction compared to JWT variant (~365 bytes vs ~1006 bytes for a typical ECT)

Author

Christian Nennemann Independent Researcher ietf@nennemann.de

Reference in New Issue View Git Blame Copy Permalink