For the draft that I originally wrote, the truncated length is part of the algorithm identifier just like it is with the MAC algorithms. I will get it republished and make sure that it is ready to go. I can probably get an AD to pick it up in London.
Jim From: Carsten Bormann [mailto:[email protected]] Sent: Tuesday, February 27, 2018 10:10 PM To: Jim Schaad <[email protected]> Cc: [email protected] Subject: Re: [COSE] Digests (hashes) in COSE? In the specific case, there would be multiple hashes all under the same algorithm id, so the data structure would be pretty trivial... Maybe we just need the iana considerations for registering hash functions plus some text how to truncate. Sent from mobile On 28. Feb 2018, at 01:48, Jim Schaad <[email protected] <mailto:[email protected]> > wrote: I need to re-publish my document with hash algorithms, however I am not sure what needs to be placed in this structure in some ways. Is there something beyond MAC = [ Digest : bstr, Algorithm: alg_id ] If you start trying to carry the content you end up with problems because it is just as often pointed to. Not sure that putting the pointer in the digest computation would make sense as this value often chances as well. Are you thinking of something specific that should be part of this? I am not sure just how strong the demand is for parametrized hash algorithms is. I have used a couple in my lifetime, but always as cases to see what would happen and have never used one in the wild. Jim -----Original Message----- From: COSE [mailto:[email protected]] On Behalf Of Carsten Bormann Sent: Monday, February 26, 2018 9:01 AM To: [email protected] <mailto:[email protected]> Subject: [COSE] Digests (hashes) in COSE? I think that has come up before, but today in the SUIT WG Interim we briefly discussed a structure where it would be useful to contain multiple unkeyed digests (hashes) in one signed claim (*). In COSE, we have a registry for keyed MAC schemes, but not for hashes. We also don’t have a COSE_Digest structure (which would be quite simple, I believe) either (**). To avoid everyone defining their own way of describing hashes, should we be setting this up for COSE? We would have to be fast to be relevant for SUIT. Grüße, Carsten (*) https://tools.ietf.org/html/draft-moran-suit-manifest-01#section-4 (**) maybe a bit like CMS digestedData, but simpler of course _______________________________________________ COSE mailing list [email protected] <mailto:[email protected]> https://www.ietf.org/mailman/listinfo/cose
_______________________________________________ COSE mailing list [email protected] https://www.ietf.org/mailman/listinfo/cose
