> On Mar 8, 2023, at 12:50 PM, Christopher Allen
> <[email protected]> wrote:
>
> On Wed, Mar 8, 2023 at 12:19 PM Laurence Lundblade <[email protected]
> <mailto:[email protected]>> wrote:
> Have you looked at detached payloads in COSE? It’s not very prominent in the
> RFC, but it’s definitely there and works. It allows for signing something
> that is not included in the COSE message. It can produce nice compact CBOR
> structures that just hold the signature bytes, the algorithm ID and maybe a
> key ID. The SUIT draft makes very heavy use of detached payloads. t_cose
> supports them.
>
> With detached payloads you pretty much get to make up your own rules for what
> the detached payload is. The only requirement is that the verifier some how
> have the same payload bytes that signer signed. You seem to understand that
> requirement :-)
>
> I was aware that COSE RFC 9338 had an optional detached form, but I wasn't
> able to find a specific section about it. Is it defined further by another
> RFC or internet-draft?
Search for “detached” in RFC 9052.
There are not really any rules for detached stuff in 9052. It might be
transmitted parallel with the COSE_Sign or not. It might be data at rest. It
might not be CBOR. If it is CBOR it doesn’t have to be any type of CBOR. It
might be reconstructed from other data in some deterministic way… The only
thing is that the payload verifier must be able to somehow have the same bytes
as the signer. This is a good thing as it allows the application to do what
ever it needs to do. In your case it will be dCBOR. :-)
LL
_______________________________________________
COSE mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/cose
