Skip to content

Commit

Permalink
incorporate Orie's diagrams from #31
Browse files Browse the repository at this point in the history
Signed-off-by: Thomas Fossati <[email protected]>
  • Loading branch information
thomas-fossati committed Sep 10, 2024
1 parent 87a1d12 commit c59ef67
Show file tree
Hide file tree
Showing 3 changed files with 59 additions and 4 deletions.
26 changes: 26 additions & 0 deletions ascii-art/ctt-alt.ascii-art
Original file line number Diff line number Diff line change
@@ -0,0 +1,26 @@
.--------. .-----.
| Signer | | TSA |
+--------+----------------------------------. +-----+-------------.
| .-------------. .-----------. .-------. | | .-------------. |
| / private-key / | protected | | datum | | | / private-key / |
| '-----+-------' '---+-------' '---+---' | | '------+------' |
| | | | | | | |
| +---------------+------------' | | | |
| | | | .+. |
| v .---------. | | | L | Clock |
| .---------. .----. | message | | | '+' |
| | Sign1 +->+ hash +->+ Imprint +-------->| | |
| '-+-------' '----' '---------' | | v |
| | .-------. | | .---------. |
| | | nonce +---------->| | timestamp | |
| | '-------' | | '---------' |
'----|--------------------------------------' '---------+---------'
| .-------------. |
+-------------+-----------+ | unprotected | |
| | | | .-----. | |
[protected] [payload] [signature] | | TST |<-----'
| | | | '-----' |
| v v '------+------'
| .-------+------------+-----. |
'--->+ rfc3161-ctt COSE +<-----'
'--------------------------'
27 changes: 27 additions & 0 deletions ascii-art/ttc-alt.ascii-art
Original file line number Diff line number Diff line change
@@ -0,0 +1,27 @@
.--------. .-----.
| Signer | | TSA |
+--------+----------------------------------. +-----+-------------.
| .-------------. .-------. | | .-------------. |
| / private-key / | nonce +--------->+ / private-key / |
| '-+-----------' '-------' | | '------+------' |
| | .---------. | | | |
| | .-------. .----. | message | | | |
| | + datum +->+ hash +->+ Imprint +------->+ .+. |
| | '-+-----' '----' '---------' | | | L | Clock |
| | | | | '+' |
| | | .-------------. | | | |
| v v | protected | | | v |
| .-------. | .-----. | | | .---------. |
| | Sign1 +<-----------+ | TST |<----------+ | timestamp | |
| '-+-----' | '-----' | | | '---------' |
| | '-------------' | | |
'----|--------------------------------------' '-------------------'
| .-------------.
+-------------+-----------+ | unprotected |
| | | | .-----. |
[protected] [payload] [signature] | | ... | |
| | | | '-----' |
| v v '------+------'
| .-------+------------+-----. |
'--->+ rfc3161-ttc COSE +<-----'
'--------------------------'
10 changes: 6 additions & 4 deletions draft-birkholz-cose-tsa-tst-header-parameter.md
Original file line number Diff line number Diff line change
Expand Up @@ -30,6 +30,10 @@ author:
contributor:
- name: Carsten Bormann
email: [email protected]
contribution: Carsten contributed part of the security considerations.
- name: Orie Steele
email: [email protected]
contribution: Orie contributed an improved version of the diagrams.

normative:
STD70:
Expand Down Expand Up @@ -81,8 +85,7 @@ A signed COSE message is then built as follows:
The message imprint sent to the TSA ({{Section 2.4 of -TSA}}) MUST be the hash of the payload field of the COSE signed object.

~~~ aasvg
{::include ascii-art/ttc.ascii-art}
{::include ascii-art/legenda.ascii-art}
{::include ascii-art/ttc-alt.ascii-art}
~~~
{: #fig-timestamp-then-cose artwork-align="center"
title="Timestamp, then COSE (TCC)"}
Expand All @@ -95,8 +98,7 @@ The obtained timestamp token is then added back as an unprotected header into th
This mode is utilized when a record of the timing of the signature operation is desired.

~~~ aasvg
{::include ascii-art/ctt.ascii-art}
{::include ascii-art/legenda.ascii-art}
{::include ascii-art/ctt-alt.ascii-art}
~~~
{: #fig-cose-then-timestamp artwork-align="center"
title="COSE, then Timestamp (CTT)"}
Expand Down

0 comments on commit c59ef67

Please sign in to comment.