F.Y.I. When a key is to be generated, the FIDO/WebAuthn "create" API provides a list of COSE signature algorithms. To save some bytes they overloaded EdDSA so that it would mean EdDSA with an Ed25519 key. Seen in retrospect this was obviously a mistake since this doesn't extend to Ed448.
However, I believe the mistake was really making EdDSA a signature algorithm. The "family" concept fits squarely with most cryptographic APIs that typically only deals with specific algorithms. I don't know how FIDO/WebAuthn will get out of this quagmire but personally I have "hijacked" the currently unassigned -9 for a signature scheme which follows what I have previously done in JSON. Here is the algorithm table for what I call COSE Signature Format (CSF): https://cyberphone.github.io/javaapi/org/webpki/cbor/package-summary.html#csf-algorithms Ideally, two new algorithm identifiers could be defined which are better aligned with the EC and RSA schemes which do not suffer from this problem. Thanx, Anders _______________________________________________ COSE mailing list [email protected] https://www.ietf.org/mailman/listinfo/cose
