> On 2022-03-21, at 11:36, Sipos, Brian J. <[email protected]> wrote: > > All, > I’m not able to attend the COSE time slot at this IETF but I would like to > bring up the X509 issue [1] that I noticed while using a similar typed-hash > structure for a different purpose. This is not just an editorial issue; it > does affect how a receiver is supposed to process algorithm identifier (when > it is a text string) by defining what it is supposed to compare with for hash > algorithm registrations.
RFC 8152 defines the Algorithms registry:
Name: A value that can be used to identify an algorithm in documents
for easier comprehension. The name SHOULD be unique. However,
the 'Value' field is what is used to identify the algorithm, not
the 'name' field.
Value: The value to be used to identify this algorithm. Algorithm
values MUST be unique. The value can be a positive integer, a
negative integer, or a string. Integer values between -256 and
255 and strings of length 1 are designated as "Standards Action".
Integer values from -65536 to 65535 and strings of length 2 are
designated as "Specification Required". Integer values greater
than 65535 and strings of length greater than 2 are designated as
"Expert Review". Integer values less than -65536 are marked as
private use.
So the “Value” can be a text string (RFC 8152 fails to say “text”, but that
should be obvious). That text string can be used in a protocol. The Name
cannot.
No current registry entries do define a text string for “Value”; they are all
integers. Defining a text string here is probably going to impede
interoperability, so I would not recommend that outside of defined environments
and experiments.
Grüße, Carsten
signature.asc
Description: Message signed with OpenPGP
_______________________________________________ COSE mailing list [email protected] https://www.ietf.org/mailman/listinfo/cose
