Internet DRAFT - draft-ietf-cbor-date-tag
draft-ietf-cbor-date-tag
CBOR Working Group M. Jones
Internet-Draft Microsoft
Intended status: Standards Track A. Nadalin
Expires: March 14, 2021 Independent
J. Richter
pdv Financial Software GmbH
September 10, 2020
Concise Binary Object Representation (CBOR) Tags for Date
draft-ietf-cbor-date-tag-07
Abstract
The Concise Binary Object Representation (CBOR, RFC 7049) is a data
format whose design goals include the possibility of extremely small
code size, fairly small message size, and extensibility without the
need for version negotiation.
In CBOR, one point of extensibility is the definition of CBOR tags.
RFC 7049 defines two tags for time: CBOR tag 0 (RFC 3339 date/time
string) and tag 1 (Posix "seconds since the epoch"). Since then,
additional requirements have become known. This specification
defines a CBOR tag for an RFC 3339 date text string, for applications
needing a textual date representation within the Gregorian calendar
without a time. It also defines a CBOR tag for days since the date
1970-01-01 in the Gregorian calendar for applications needing a
numeric date representation without a time. This specification is
intended as the reference document for IANA registration of the CBOR
tags defined.
Status of This Memo
This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
This Internet-Draft will expire on March 14, 2021.
Jones, et al. Expires March 14, 2021 [Page 1]
Internet-Draft CBOR Tag for Date September 2020
Copyright Notice
Copyright (c) 2020 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(https://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2
1.1. Calendar Dates . . . . . . . . . . . . . . . . . . . . . 3
1.1.1. Example Date Representations . . . . . . . . . . . . 3
1.2. Comparing Dates . . . . . . . . . . . . . . . . . . . . . 4
1.3. Comparing Dates and Date/Time Values . . . . . . . . . . 4
2. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 4
2.1. Concise Binary Object Representation (CBOR) Tags
Registrations . . . . . . . . . . . . . . . . . . . . . . 4
3. Security Considerations . . . . . . . . . . . . . . . . . . . 5
4. References . . . . . . . . . . . . . . . . . . . . . . . . . 5
4.1. Normative References . . . . . . . . . . . . . . . . . . 5
4.2. Informative References . . . . . . . . . . . . . . . . . 5
Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . 5
Document History . . . . . . . . . . . . . . . . . . . . . . . . 6
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 7
1. Introduction
The Concise Binary Object Representation (CBOR) [RFC7049] provides
for the interchange of structured data without a requirement for a
pre-agreed schema. RFC 7049 defines a basic set of data types, as
well as a tagging mechanism that enables extending the set of data
types supported via an IANA registry.
This specification defines a CBOR tag for a text string representing
a date without a time. The tagged text string is represented as
specified by the RFC 3339 [RFC3339] "full-date" production. Per RFC
3339, this represents a date within the Gregorian calendar.
This specification also defines a CBOR tag for an integer
representing a date without a time. The tagged integer is an
Jones, et al. Expires March 14, 2021 [Page 2]
Internet-Draft CBOR Tag for Date September 2020
unsigned or negative value indicating the number of days since the
Gregorian calendar date 1970-01-01. As an implementation note, this
value has a constant offset from the Modified Julian Date value
(which is defined by the Smithsonian Astrophysical Observatory as the
number of days since November 17, 1858); this value is the Modified
Julian Date minus 40587.
Note that since both tags are for dates without times, times of day,
time zones, and leap seconds are not applicable to these values.
These tags are both for representations of Gregorian calendar dates.
1.1. Calendar Dates
Calendar dates are used for numerous human use cases, such as marking
the dates of significant events. For instance, John Lennon was born
on October 9, 1940 and died on December 8, 1980. One such use case
is driver's licenses, which typically include a date of birth. The
dates used in this specification use the Gregorian calendar, as do
those in RFC 3339 [RFC3339]. The time zones and actual times of
these events are intentionally not represented in the calendar date.
The epoch chosen for the second tag, which represents days since the
Gregorian calendar date 1970-01-01, is related to the IEEE Std
1003.1, 2013 Edition [POSIX.1] time epoch 1970-01-01T00:00:00Z UTC
only insofar as both contain the date 1970-01-01. This should not be
construed as indicating that dates using this tag represent either a
specific time of day and/or time zone.
The day of the week (Sunday, Monday, Tuesday, etc.) is not explicitly
represented in either of these date formats. However, deterministic
algorithms that are beyond the scope of this specification can be
used to derive the day of the week in the Gregorian calendar from
dates represented in both of these formats.
1.1.1. Example Date Representations
This table contains example representations for dates using both
tags.
+------------------+--------------+---------+
| Date | Tag 1004 | Tag 100 |
+------------------+--------------+---------+
| October 9, 1940 | "1940-10-09" | -10676 |
| December 8, 1980 | "1980-12-08" | 3994 |
+------------------+--------------+---------+
Jones, et al. Expires March 14, 2021 [Page 3]
Internet-Draft CBOR Tag for Date September 2020
1.2. Comparing Dates
Comparison of dates in "full-date" format can be accomplished by
normal string comparison, since by design, the digits representing
the date are in fixed format and ordered from most significant to
least significant. Comparison of numeric dates representing days
since 1970-01-01 can be performed by normal integer comparison.
Comparison of dates in other formats or using other calendars require
conversions that are beyond the scope of this specification.
Note that different dates may correspond to the same moment in time,
depending upon the time zone in which the date was determined. For
instance, at many times of the day, a conference call occurring on a
particular date in Japan will simultaneously occur on the previous
date in Hawaii; at many times of the day, Japan's Friday corresponds
with Hawaii's Thursday.
1.3. Comparing Dates and Date/Time Values
Comparing dates with date/time values, which represent a particular
moment in time, is beyond the scope of this specification. That
said, if a date is augmented with a time zone and time of day, a
specific date/time value can be determined and comparing that date/
time value to others becomes possible. For instance, if one were to
augment John Lennon's birth date of October 9, 1940 with the time of
day and time zone of his birth, then it would be possible to derive a
date/time at which he was born that could be compared with other
date/time values.
2. IANA Considerations
2.1. Concise Binary Object Representation (CBOR) Tags Registrations
This section registers the following values in the IANA "Concise
Binary Object Representation (CBOR) Tags" registry [IANA.cbor-tags].
o Tag: 1004
o Data Item: UTF-8 text string
o Semantics: RFC 3339 full-date string
o Reference: [[ this specification ]]
o Tag: 100 (ASCII 'd')
o Data Item: Unsigned or negative integer
o Semantics: Number of days since the epoch date 1970-01-01
o Reference: [[ this specification ]]
Jones, et al. Expires March 14, 2021 [Page 4]
Internet-Draft CBOR Tag for Date September 2020
3. Security Considerations
The security considerations of RFC 7049 apply; the tags introduced
here are not expected to raise security considerations beyond those.
A date, of course, has significant security considerations. These
include the exploitation of ambiguities where the date is security
relevant or where the date is used in access control decisions.
When using a calendar date for decision making, for example access
control, it needs to be noted that since calendar dates do not
represent a specific point in time, the results of the evaluation can
differ depending upon where the decision is made. For instance, a
person may have reached their 21st birthday in Japan while
simultaneously being a day short of their 21st birthday in Hawaii.
Similarly, it would be inappropriate to use only a date to trigger
certificate expiration, since a date corresponds to a range of times
worldwide, rather than a specific point in time that is independent
of geographic location.
4. References
4.1. Normative References
[RFC3339] Klyne, G. and C. Newman, "Date and Time on the Internet:
Timestamps", RFC 3339, DOI 10.17487/RFC3339, July 2002,
<https://www.rfc-editor.org/info/rfc3339>.
[RFC7049] Bormann, C. and P. Hoffman, "Concise Binary Object
Representation (CBOR)", RFC 7049, DOI 10.17487/RFC7049,
October 2013, <https://www.rfc-editor.org/info/rfc7049>.
4.2. Informative References
[IANA.cbor-tags]
IANA, "Concise Binary Object Representation (CBOR) Tags",
<http://www.iana.org/assignments/cbor-tags>.
[POSIX.1] IEEE, "The Open Group Base Specifications Issue 7",
IEEE Std 1003.1, 2013 Edition, 2013,
<http://pubs.opengroup.org/onlinepubs/9699919799/basedefs/
V1_chap04.html#tag_04_15>.
Acknowledgements
Thanks to Carsten Bormann for supporting creation of this
specification. Parts of the explanatory text in this specification
come from draft-bormann-cbor-time-tag-02.
Jones, et al. Expires March 14, 2021 [Page 5]
Internet-Draft CBOR Tag for Date September 2020
Thanks to these people for reviews of the specification: Henk
Birkholz, Carsten Bormann, Samita Chakrabarti, Roman Danyliw, Linda
Dunbar, Benjamin Kaduk, Erik Kline, Warren Kumari, Barry Leiba,
Thiago Macieira, Francesca Palombini, Michael Richardson, Kyle Rose,
Jim Schaad, Juergen Schoenwaelder, Eric Vyncke, Robert Wilton, and
Dale Worley.
Document History
[[ to be removed by the RFC Editor before publication as an RFC ]]
-07
o Acknowledged Linda Dunbar for her GenArt review and Samita
Chakrabarti for her IOT-Dir review, as well as IESG reviewers.
-06
o Addressed SecDir review comments by Kyle Rose.
o Updated Tony Nadalin's affiliation and contact information.
-05
o Incorporated additional suggestions by Carsten Bormann and Juergen
Schoenwaelder.
-04
o Addressed shepherd comments by Francesca Palombini.
o Addressed additional review comments by Jim Schaad and Michael
Richardson.
-03
o Added statement that these tags are both for representations of
calendar dates.
o Described consequences of using calendar dates in access control
decisions.
-02
o Addressed working group last call comments, including stating that
time zones are not applicable to these values.
-01
Jones, et al. Expires March 14, 2021 [Page 6]
Internet-Draft CBOR Tag for Date September 2020
o Changed "positive or negative" to "unsigned or negative".
o Added an implementation note about the relationship to Modified
Julian Dates.
-00
o Initial working group version based on draft-jones-cbor-date-
tag-01 with no normative changes.
Authors' Addresses
Michael B. Jones
Microsoft
Email: mbj@microsoft.com
URI: https://self-issued.info/
Anthony Nadalin
Independent
Email: nadalin@prodigy.net
Joerg Richter
pdv Financial Software GmbH
Email: joerg.richter@pdv-fs.de
Jones, et al. Expires March 14, 2021 [Page 7]