{noticing this is not CC'ed to SUIT or SACM or RATS}
Laurence Lundblade <[email protected]> wrote:
> I am observing how two different protocols that use COSE specify what the
COSE payload should be. I am interested because EAT must specify this too. I
noticed that they do it different:
> — CoSWID goes to a lot of trouble to use CDDL via a .cbor control
probably because CoSWID author (Henk) is also CDDL author, and therefore is
more expert at using CDDL.
> — SUIT just uses simple prose, not CDDL
I think that the question is what kind of advice CBOR and COSE WG should
provide to
other WGs about whether or not to explain things with .cbor controls.
> Here’s the link between for COSE payload for CoSWID. It is in blue in
this CDDL that is replicated from COSE. It occurs in section 7 of CoSWID.
<https://datatracker.ietf.org/doc/html/draft-ietf-sacm-coswid-19#section-7>
> COSE-Sign1-coswid<payload> = [
> protected: bstr .cbor protected-signed-coswid-header,
> unprotected: unprotected-signed-coswid-header,
> payload: bstr .cbor payload,
> signature: bstr,
> ]
...
> EAT inherits this from CWT so it doesn’t need to say it explicitly.
> However EAT uses CDDL so it is a possibility that EAT can do what CoSWID
did.
That seems like the right way to me.
It's unclear to me which direction will work better for people who are not
CDDL experts. Consider that a formal language like CDDL might actually be
easier to understand for non-native-english speakers!
-- ] Never tell me the odds! | ipv6 mesh networks [ ] Michael Richardson, Sandelman Software Works | IoT architect [ ] [email protected] http://www.sandelman.ca/ | ruby on rails [
signature.asc
Description: PGP signature
_______________________________________________ COSE mailing list [email protected] https://www.ietf.org/mailman/listinfo/cose
