> On Jun 23, 2021, at 10:52 AM, John Mattsson > <[email protected]> wrote: > > > - The order of COSE_Countersignature0 processing at the receiver seems > undefined. The order should either be mandated or it should be stated that > the receiving part can process things in any order. > > I think that Jim intended the same set of steps to be used. For example, > Section 3.3, Step 3, says: "This field is omitted for the Countersignature0V2 > attribute." > > John: I was thinking about the order of decryption (in the case of > COSE_Encrypt) and signature verification. If the receiver starts doing > decryption or even using the plaintext before verifying the signature it > could lead to security problems.
John: In the context of CMS, we have had this discussion many times, and for every set of rules that have been proposed over the decades, a counter example has been found. So, I certainly agree with your goal, I am skeptical that there is a simple set of rules that we can include in the document. Russ
_______________________________________________ COSE mailing list [email protected] https://www.ietf.org/mailman/listinfo/cose
