> -----Original Message-----
> From: Michael Richardson <mcr+i...@sandelman.ca>
> Sent: Friday, June 15, 2018 10:56 AM
> To: Jim Schaad <i...@augustcellars.com>
> Cc: anima@ietf.org
> Subject: sending raw public key over the wire
>
>
> Jim, in the situation where a COSE/CBOR voucher has been signed by a Raw
> Public Key (whether ECDSA or EdDSA), and the signing (public) key needs to
> be transfered, would you recommend:
>
> 1) use RFC8152, section 7.1 to describe the key.
> Same as you use in your Examples git tree.
> What MIME-TYPE would you use to transfer such a thing?
Per RFC8152 section 16.9.2 - application/cose-key or
application/cose-key-set depending on which of the COSE key structure that
are to be used.
>
> 2) use (Subject-)Public-Key-Info encoded
> as specified in RFC7250, section 3.
> What MIME-TYPE would you use to transfer such a thing?
The RPK is transferred as part of the DTLS negotiation. As such it is
transferred, but not trusted in DTLS. If you do FUD then that is
sufficient. If it is not sufficient then you could use the answer to 1 as
one of many different ways to transfer keys. Keys can be transferred as
COSE_Keys, JOSE_keys, PEMs or Certificates each of which defines a
Media-Type. Of course the PRK could also be baked into the device as well.
Jim
>
>
> --
> Michael Richardson <mcr+i...@sandelman.ca>, Sandelman Software Works
> -= IPv6 IoT consulting =-
>
>
_______________________________________________
Anima mailing list
Anima@ietf.org
https://www.ietf.org/mailman/listinfo/anima
