Hi Rene, On Wed, Dec 01, 2021 at 05:16:33PM -0500, Rene Struik wrote: > Hi Ben: > > If one had wanted to be consistent in reasoning, one should also have > pulled draft-ietf-hash-algs out of the AUTH48 queue (since July 14, 2021
It's not necessary to specifically pull the document out of the AUTH48 queue in order to place a hold on its publication while a (potential) technical matter is resolved. I noted this topic as a github issue on that draft (https://github.com/cose-wg/X509/issues/42) and we will be making sure that the github issue list is empty before approving publication of that document. > [1]) and should not have assigned a iana cose code point for shake128 > (now, -18, see [2]). None of that happened either, despite these numbers > to be jealously treated as valuable assets. Perhaps it should not have gotten a codepoint, but un-issuing a codepoint is a very fraught operation. Almost universally we add additional references or notes rather than silently remove a registration. For example, the Russian GOST signature schemes should not have been assigned values in the TLS SignatureAlgorithm registry (https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-16), as the values were previously in state "reserved" (not "unassigned"), but since they had been assigned well before the error was discovered, it was not reasonable to retroactively "un-assign" them and so we have left them in place with a note about how they came to be (mis-)allocated. In other words, I have to deal with the facts on the ground, not what I would like them to be. > Ref: [1] https://datatracker.ietf.org/doc/draft-ietf-cose-hash-algs/history/ > [2] https://www.iana.org/assignments/cose/cose.xhtml#algorithms > > This being said, as already indicated I will do my own technical due > diligence (on the example E value computation), since do not base my own > findings on hearsay or unverified claims. Thank you! -Ben _______________________________________________ COSE mailing list [email protected] https://www.ietf.org/mailman/listinfo/cose
