I agree regarding OKP and HSS-LMS key types, Ilari.
Kohei and I wanted to get an initial version out to the group to see
what others in the group think. Hence, we kept is short & simple.
Ciao
Hannes
Am 27.05.2023 um 17:25 schrieb Ilari Liusvaara:
On Sat, May 27, 2023 at 10:24:05AM +0200, Hannes Tschofenig wrote:
Kohei and I have been working on a small draft needed for TEEP and SUIT,
which re-use prior work done with RFC 7638 "JWT Thumbprint".
The abstract explains it:
This specification defines a method for computing a hash value over a
COSE Key. It defines which fields in a COSE Key structure are used in
the hash computation, the method of creating a canonical form of the
fields, and how to hash the byte sequence.
We would like the COSE working group to adopt this document.
Here is the link to the draft:
https://datatracker.ietf.org/doc/html/draft-isobe-cose-key-thumbprint
I think the draft should also add required fields for OKP and HSS-LMS
key types.
For OKP, the required fields are in order:
- kty (uint)
- crv (int/tstr)
- x (bstr)
For HSS-LMS, the required fields are in order:
- kty (uint)
- pub (bstr)
(There is also WalnutDSA, but that is probably horribly broken, and
it is not completely clear which fields are required.)
Then there is section 5:
- "For better readability, the example is first presented in JSON (with
the long line broken for display purposes only)." ... That does not
look like JSON, it looks like CBOR diagnostic format.
- Using '-3: false' might be better example, as it would involve key
decompression.
- Is the required order wrong way around? AFAICT, it is 1, -1, -2, -3,
like in the diagnostic format.
-Ilari
_______________________________________________
COSE mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/cose
_______________________________________________
COSE mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/cose
