> On Jun 23, 2021, at 9:42 AM, Mike Jones > <[email protected]> wrote: > > The WebAuthn and FIDO2 working group members had thought that the COSE > algorithm semantics were the same as those for JOSE, where algorithm > identifiers are not polymorphic. They were wrong, but that's water under the > bridge now. The FIDO/WebAuthn usage of the algorithm identifiers requires > that the identifiers used unambiguously specify all algorithm parameters. > (Note that FIDO/WebAuthn does not use COSE signatures - only COSE algorithm > identifiers.) They have done what they needed to do to remove the > ambiguities arising in practice from use of polymorphic algorithm identifiers > for their use cases. > > Note that by the time that we registered the ES256K algorithm for signing > with the secp256k1 curve in RFC 8812, we were aware of the problem and > intentionally made ES256K non-polymorphic - both for JOSE and for COSE. > > I believe that we should create a policy requiring that all future algorithm > registrations should be non-polymorphic. Furthermore, I believe we should > consider defining and registering new non-polymorphic algorithm identifiers > so that use of the existing polymorphic algorithm identifiers can be avoided > and deprecated.
This seems good to me. Going a bit further, the binding to a particular hash function seems important too. Aside from the security reasons, it makes means that an algorithm ID always selects a function that takes an arbitrary number of unstructured bytes to be signed/verified which makes implementation of crypto APIs cleaner and reduces code size. It also seems more convenient in protocols like FIDO. You only need to carry a single integer around. My recollection of ASN.1 is that the structure of an algorithm specifier varies by algorithm which makes writing code for it more complex. You have to decode a structure that specifies a hash rather than just switch on an integer. LL
_______________________________________________ COSE mailing list [email protected] https://www.ietf.org/mailman/listinfo/cose
