On 2022-05-23, at 12:39, Maik Riechert <[email protected]> wrote: > > To clarify, this is not about extending OpenSSH or SSH signatures with COSE > support. The thread is really just to understand whether using SSH keys with > COSE signatures (in this case for SCITT) would introduce cross-protocol > confusion or not, and I think the answer is no.
Ah. I just wanted to mention that contaminating the SCITT space with actual SSH signatures would not be a good idea (even if these were meant for developers only, they will leak out, and cause interoperability issues till the end of the universe). Using SSH keys as a text-based (diagnostic/debugging) encapsulation of keys and key pairs is probably innocuous. We need to define what should usually come with the various kinds of keys (e.g., certificates) or key pairs; the SSH format won’t have that, while the COSE key containers can easily be extended with them. Grüße, Carsten _______________________________________________ COSE mailing list [email protected] https://www.ietf.org/mailman/listinfo/cose
