I don't have a strong opinion on this topic (we didn't implement C-CSR). I have a slight preference for the beginning, so it matches the C509 structure.
-derek On Tue, June 18, 2024 11:58 am, G�ran Selander wrote: > Another C509 issue where input is welcome. > > Previously on this list we had a discussion about location of the > signature algorithm in C509 certificates. Considering the strong opinions > in that case, we also want to bring up the question of the location of the > signature algorithm in the Certification Request (a.k.a. Certificate > Signing Request, CSR). The two candidate locations are: at the beginning > or at the end of TBSCertificateRequest. > > > * At the end matches the location in CSR as used with X.509 (RFC 2986) > * At the beginning matches the location of signature in the current > default C509 format > > Any opinions? > > PR #170 puts the signature at the beginning. > https://github.com/cose-wg/CBOR-certificates/pull/170 > > G�ran > > _______________________________________________ > COSE mailing list -- [email protected] > To unsubscribe send an email to [email protected] > -- Derek Atkins 617-623-3745 [email protected] www.ihtfp.com Computer and Internet Security Consultant _______________________________________________ COSE mailing list -- [email protected] To unsubscribe send an email to [email protected]
