On Wed, Oct 07, 2020 at 09:52:26AM -0600, Matthew Miller wrote:
>
> > On Oct 7, 2020, at 7:14 AM, Carsten Bormann <[email protected]> wrote:
> >
> > On 2020-10-07, at 07:33, Benjamin Kaduk via Datatracker <[email protected]>
> > wrote:
> >>
> >> It seems that https://www.rfc-editor.org/errata/eid5066 needs to be
> >> incorporated still (and the report verified, presuming it is correct).
> >
> > COSE_KDF_Context is defined in -algs, not -struct.
> >
> > -algs has Section 9, which implements the addition intended by the errata.
> > (-struct has its own Section 9, covering the other structures).
> >
> > So it seems the errata report is applied in -algs.
> > It could also be verified for RFC 8152.
> >
> > Grüße, Carsten
> >
>
>
> Carsten's interpretation of this errata looks correct to me: -rfc1852bis-algs
> defines the COSE_KDF_Context struct and § 9 discusses the encoding
> restrictions for that structure.
>
> This erratum should be marked verified.
Thanks for confirming, and thanks Carsten for pointing out that it went to
-algs.
I will go ahead and mark it as verified.
I did take a look at the respective parts of -algs and -struct, which shows
a bit of skew:
-Encoding MUST be done using definite lengths and values MUST be the
minimum possible length. This means that the integer 1 is encoded as "0x01"
and not "0x1801".
+Encoding MUST be done using definite lengths and the length of the MUST be
the minimum possible length. This means that the integer 1 is encoded as
"0x01" and not "0x1801".
("values" vs "the length of the")
I think that -algs should be adjusted to match -struct.
-Ben
_______________________________________________
COSE mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/cose
