You may also consider "pluggable" crypto provider schemes. In such schemes, each core crypto system (RSA, EC, etc) have its own name space.
If you want COSE/JOSE keys to potentially become an integral part of pluggable crypto system architectures, unique, family specific, top level algorithm identifiers is a prerequisite. Are there any pluggable crypto systems out there? Not that I'm aware of but it would be possible to extend the (semi-pluggable) Java crypto system so that it could deal with external key representations in a fully transparent way instead of burden application and library developers with such details. This already works out of the box (in just about all crypto platforms), for public keys in X.509 certificates although current implementations are "hard coded". Cheers, Anders _______________________________________________ COSE mailing list [email protected] https://www.ietf.org/mailman/listinfo/cose
