Henk Birkholz <[email protected]> wrote:
    > if I get that correctly, your proposal is to send YANG modeled JSON
    > that includes b64url encoded CMS, wrapped in a CBOR byte string signed
    > via COSE?

No.

draft-ietf-anima-constrained-voucher maps the YANG model to CBOR signed by COSE.
It does this with draft-ietf-core-sid and draft-ietf-core-yang-cbor.
No JSON or CMS would be involved.
That format is only *one* possible serialization of the YANG in RFC8366.


    > On 03.02.21 18:21, Michael Richardson wrote:
    >>
    >> Carsten Bormann <[email protected]> wrote: > On 31. Jan 2021, at 23:54,
    >> Blumenthal, Uri - 0553 - MITLL > <[email protected]> wrote:
    >> >>
    >> >> I do not get the “re-certify the certificate” part.
    >>
    >> > In the Web PKI, the assumption is that every participant knows all
    >> root > certificates and updates that set eagerly.  In the IoT world,
    >> that > doesn’t work.
    >>
    >> > So people are looking at alternative ways of validating a
    >> certificate.  > If there is a big brother/little brother relationship,
    >> the little
    >>
    >> The RFC8366 voucher does exactly this.  (And you can use it entirely
    >> outside of BRSKI, as SZTP does)
    >>
    >> It can be serialized as COSE signed CBOR.  Let's not try to mix things
    >> up here, or re-invent things.
    >>
    >> So I am opposed to cose-x509 doing anything other than doing anything
    >> other than conveying certificates.
    >>
    >> --
    >> Michael Richardson <[email protected]> . o O ( IPv6 IøT consulting
    >> ) Sandelman Software Works Inc, Ottawa and Worldwide
    >>
    >>
    >>
    >>
    >>
    >> _______________________________________________ COSE mailing list
    >> [email protected] https://www.ietf.org/mailman/listinfo/cose
    >>

--
Michael Richardson <[email protected]>   . o O ( IPv6 IøT consulting )
           Sandelman Software Works Inc, Ottawa and Worldwide




Attachment: signature.asc
Description: PGP signature

_______________________________________________
COSE mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/cose

Reply via email to