Michael,
On Mon, September 26, 2022 2:28 pm, Michael Richardson wrote:
>
> Derek Atkins <[email protected]> wrote:
> > I just perused the LAMPS archives for the last 6 weeks (back to
> August
> > 12) and do not see anything related to multiple keys and/or multiple
> > signatures in a certificate. Or at least none of the conversations
> or
> > document titles are obviously on that topic.
>
> > Could you please point me to the discussion thread?
>
> I think that it's the entire PQ certificate progress discussion.
> There is nothing really C509 specific at this point.
>
> I think that Russ is thinking that whatever we do in X509 ASN.1 extensions
> should be 1:1 with what you want, but OTH, I think you want to do
> something sooner.
>
> I think you should write some running code, submit an individual ID, and
> then tell us how it went :-)
I am happy to go this route (the running code will be the easiest part,
and honestly I'll have to do that anyway regardless of the approach
because it's our own implementation of C509). However, I really wouldn't
want to spend the time on an I-D if there isn't at least someone who would
support a C509-native-only approach that may not be 1:1 compatible with
X509, especially as I'm pretty sure X.509 is not going to take the route
of "all parsers need to be updated for this to work at all".
-derek
--
Derek Atkins 617-623-3745
[email protected] www.ihtfp.com
Computer and Internet Security Consultant
_______________________________________________
COSE mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/cose
