Laurence Lundblade <[email protected]> wrote: > For example, I find what CoSWID does awkward: > - Replicating code and definitions generally seems poor practice > - It excludes the possibility for encryption > - It doesn’t define what EAT needs, a signed or unsigned message that > is always a tag, somewhat motivating me to replicate/author CoSWID CDDL > in EAT.
I think that this is because we haven't gotten a library/public-include system for CDDL. So the urge is to make documents self-contained. Given the audience for CoSWID is largely outside of the IETF, in a sector of the industry that is, at present, very immature, I think that CoSWID did the right thing. EAT is a bit more inward facing (given TEEP, SUIT, etc. customers), or at least, the external audience is a lot more mature (TCG, CCC, ...), so perhaps the outgoing references are really a sign of the direction we should be going. As Carsten said, the CBOR WG needs to think about how exactly to use CDDL. -- Michael Richardson <[email protected]> . o O ( IPv6 IøT consulting ) Sandelman Software Works Inc, Ottawa and Worldwide
signature.asc
Description: PGP signature
_______________________________________________ COSE mailing list [email protected] https://www.ietf.org/mailman/listinfo/cose
