This repository contains the IETF Internet-Draft specification for the Bottle and IDCard protocols.
Bottle is a secure message container protocol that provides:
- Multi-recipient encryption using AES-256-GCM
- Multiple digital signatures
- Recursive nesting for complex security arrangements (sign-then-encrypt, multi-layer encryption)
- Support for both CBOR and JSON encodings
IDCard is a cryptographic identity protocol that provides:
- Purpose-specific subkeys (signing, encryption, authentication)
- Key expiration and revocation
- Verifiable group memberships
- Self-signed identity containers
These protocols bridge the gap between JWT (limited to single signatures), COSE (separate structures without built-in nesting), and PGP (comprehensive but complex).
draft-karpeles-bottle-idcard-01.xml- RFCXML sourcedraft-karpeles-bottle-idcard-01.txt- Generated text format
To regenerate the text document from the XML source:
xml2rfc draft-karpeles-bottle-idcard-01.xmlRequires xml2rfc to be installed.
A reference implementation in Go is available at: https://github.com/KarpelesLab/cryptutil
This is an individual submission Internet-Draft. The current version is -01.
Mark Karpeles mark@klb.jp Karpeles Lab Inc. https://klb.jp
This Internet-Draft is subject to the IETF Trust Legal Provisions (TLP).