This I-D should IMHO hook into the previous PQK versus OKP discussions.
Since we apparently need additional RFCs for each new crypto system, the only
gain with overloading OKP is saving one IANA registration.
In this particular case, I would strongly recommend defining "kty" as "BLS".
Code-wise this is close to a no-issue:
switch(keyType) {
case "EC":
...
case "RSA":
...
case "OKP":
case "BLS":
...
However, this is a big simplification because in object oriented platforms like
Java, BLS keys would anyway be represented by specific classes in the same way
as Ed25519/Ed448 and X25519/X448 are today. That is, possible code sharing
isn't for real, while confusion is.
Related:
https://mail.openjdk.java.net/pipermail/security-dev/2022-March/029495.html
thanx,
Anders
_______________________________________________
COSE mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/cose
