Hi,
- Looking through the COSE Algorithms registry, I find that there are three different models for ECC signatures: 1. ES256 = ECDSA + SHA-256 ES384 = ECDSA + SHA-384 ES512 = ECDSA + SHA-512 Curve specified elsewhere. 2. EdDSA = EdDSA Curve specified elsewhere Hash algortithm determined by curve. 3. ES256K = ECDSA + SHA-256 + secp256k1 Curve and hash algorithm included. Is there any reason why ES256K was specified like this? My understanding is that 1. and 2. follow PKIX but not 3. My understanding is that that ECDSA + SHA-256 + secp256k1 in PKIX would be specified in the same way as ECDSA + SHA-256 + secp256r1 id-ecPublicKey + secp256k1 ecdsa-with-SHA256 - The COSE registries allow registration labels with a 1, 2, or 3 byte CBOR encoding. The registry differentiates between 2 and 3 byte encodings, but the registry does not differentiate between 1 and 2 byte encodings. Integers in the range [-24,23] have a one byte encoding. A lot of a algorithms not suitable for constrained IoT such as HMAC 512/512, A256GCM, A256KW, direct+HKDF-SHA-512, etc. have been given 1 byte identifiers. These should maybe have been saved for algorithms that constrained IoT will likely use. ECDSA25519 is targeting constrained IoT and should probably be given a 1 byte label, which is can't get unless the draft is changed to standards track. Cheers, John _______________________________________________ COSE mailing list [email protected] https://www.ietf.org/mailman/listinfo/cose
