The IESG has approved the following document: - 'COSE and JOSE Registrations for WebAuthn Algorithms' (draft-ietf-cose-webauthn-algorithms-08.txt) as Proposed Standard
This document is the product of the CBOR Object Signing and Encryption Working Group. The IESG contact persons are Murray Kucherawy, Benjamin Kaduk and Roman Danyliw. A URL of this Internet Draft is: https://datatracker.ietf.org/doc/draft-ietf-cose-webauthn-algorithms/ Technical Summary The W3C Web Authentication (WebAuthn) specification and the FIDO Alliance Client to Authenticator Protocol (CTAP) specification use CBOR Object Signing and Encryption (COSE) algorithm identifiers. This specification registers the following algorithms in the IANA "COSE Algorithms" registry, which are used by WebAuthn and CTAP implementations: RSASSA-PKCS1-v1_5 using SHA-256, SHA-384, SHA-512, and SHA-1, and ECDSA using the secp256k1 curve and SHA-256. It registers the secp256k1 elliptic curve in the IANA "COSE Elliptic Curves" registry. Also, for use with JSON Object Signing and Encryption (JOSE), it registers the algorithm ECDSA using the secp256k1 curve and SHA-256 in the IANA "JSON Web Signature and Encryption Algorithms" registry and the secp256k1 elliptic curve in the IANA "JSON Web Key Elliptic Curve" registry. Working Group Summary Consensus to publish appears to be firm, and a number of specific people were identified as having provided reviews, all of which have been addressed. Document Quality The document has had clear working group consensus for publication and it has been reviewed by a few working group participants since its adoption. Personnel Ivaylo Petrov is the document shepherd. Murray Kucherawy is the responsible Area Director. _______________________________________________ COSE mailing list [email protected] https://www.ietf.org/mailman/listinfo/cose
