Markdown Version | Session Recording

Session Date/Time: 11 Jan 2023 15:00

CBOR

Summary

This interim meeting of the CBOR Working Group provided updates on ongoing drafts and focused on a detailed discussion of Anders' "CBOR Object Type Extension (COTX)" proposal. The discussion explored the motivation behind COTX – enabling URI/URL-based identifiers within CBOR to facilitate transitions from XML/JSON and support high-level applications requiring dynamic, self-managed identifiers. Carsten presented a comprehensive overview of CBOR's existing tag extensibility mechanism, comparing it to other systems and case studies. A key outcome was the confirmation that the COTX registration request for its own CBOR tag (12102021) is considered valid by the designated experts, regardless of the broader working group discussion on the draft's content, which will continue on the mailing list.

Key Discussion Points

• Welcome and Logistics: Christian Andrews welcomed participants and reviewed meeting logistics, including the Note Well and minute-taking process.
• Agenda Overview (Non-Discussion Items):
  • Time Tag: A recent pull request is technically complete, awaiting editorial review. No major discussion was planned for this meeting.
  • PSL Resolver: No new updates; progress is blocked by general DNS work outside the WG.
  • CDDL 2.0: Implementation is in progress, with initial results expected within a week or so to help build opinion on its direction.
• CBOR Object Type Extension (COTX) - Anders:
  • Proposal Introduction: Anders presented COTX, aiming to integrate URL/URI-based identifiers into CBOR. The goal is to ease the transition from XML/JSON for applications that rely on these identifiers and to support high-level systems generating many objects with frequently revised identifiers, where IANA registration for each new identifier might be impractical. The core idea is simple: use two elements wrapped in a standard CBOR tag.
  • Carsten's Review of CBOR Extensibility:
    • Historical Context: CBOR's design in 2013 aimed for binary encoding and embracing extensibility/evolution via semantic tagging.
    • CBOR Tags: They are the primary extension point, used to build an "extended generic data model" by applying semantics to basic CBOR data items.
    • Tag Mechanism: New tags are registered through an IANA registry, using simple unsigned 64-bit numbers for efficiency and conciseness. The tag namespace is global (unlike ASN.1's application/context-specific tags).
    • Tag Allocation: The namespace is vast. Small tag numbers (0-23, 24-255) are curated, while larger numbers (e.g., OnePlus 2 range, 32768-65535) are often first-come-first-served and processed quickly by IANA.
    • Case Studies:
      • JSON-LD: Uses the @type map key for semantic typing, relying on URIs for namespaces, which presents challenges with dereferenceable identifiers.
      • RFC 9290 (Concise Problem Details): This existing spec for problem details (originally JSON/XML) uses URI references in a type key. An update (7807bis) is adding a registry. The CBOR concise version replaces URIs with IANA integers, providing URIs as a fallback.
    • COTX's Position: The COTX draft (Anders' proposal) uses text strings (typically URIs) for object type identification. Carsten noted the trade-offs: easy to create, but collision avoidance relies on URI owner stability. He highlighted that the native CBOR tag system has well-implemented registration and collision avoidance.
    • COTX Tag Registration (Tag 12102021): The draft itself uses the CBOR tag system for its own identification. Carsten affirmed this is a valid registration request. Designated experts (Carsten and Christian) concur that the registry can handle it. They generally believe I-Ds are acceptable for specification requirements, URIs are already "big" so an extra tag byte is fine, and the OnePlus 2 space is appropriate. Carsten noted the draft's text sometimes implies CBOR's native tagging system is deficient, which is a "presentation score" comment rather than a technical barrier to registration.
  • Anders' Response: Reaffirmed that COTX is an addition to the CBOR system, not a replacement. Its intent is to align CBOR with systems like Verified Credentials (VCs) and ISO 20022 that extensively use URIs/URLs, thereby making CBOR a more attractive option for these use cases and promoting its adoption.
  • Cris's Experience: Shared an experience from the Common Access Token work where CBOR is used. They encounter situations requiring alternate types (e.g., different ways to match a string) where a tag system would be appropriate, but the scope is too narrow for a global IANA tag. They currently use an array with the first element indicating the type, which is less elegant and wastes bytes.
  • Enum Tags: Christian mentioned a proposal for tags to be used for enums, which Cris vaguely recalled. Chris later identified allocated tag ranges: 101, 212127, and 1280-1400.

Decisions and Action Items

• Decision: The request to register the CBOR tag for the COTX definition (tag 12102021) is considered valid by the designated experts and can proceed independently of the working group's general discussion on the draft content.
• Action Item (Anders): Submit an email request to IANA for the assignment of a tag for the COTX specification itself, preferably in the OnePlus 2 range, using the provided form.
• Action Item (Working Group): All interested individuals are encouraged to review the COTX proposal draft and provide comments on the mailing list for text adjustments and technical feedback.
• Action Item (Chairs): Call for agenda items for the next interim meeting.

Next Steps

• The CBOR working group will continue discussions on the COTX proposal on the mailing list to refine the draft's content and wording.
• Anders will proceed with the IANA tag registration process for the COTX specification.
• The next interim meeting's agenda will be developed based on submitted topics.