Hi Leonard, On Wed, 3 Jul 2024 at 16:21, Leonard Rosenthol <[email protected]> wrote: > > Just wanted to write this group, to let you know that the C2PA > (https://c2pa.org) has adopted this document as a normative reference for our > upcoming 2.1 version of our specification, to enable a stronger > counter-signature model than we currently offer. > > The relevant updated section of our document is: > > v2 time-stamps shall be stored in a COSE unprotected header whose label is > the string `sigTst2`. When present, the value of this header shall be a > `tstContainer` defined by <<tstContainer-CDDL>>. > > NOTE: A v2 time-stamp is equivalent to the "CTT" model of > https://datatracker.ietf.org/doc/draft-ietf-cose-tsa-tst-header-parameter/[COSE > Header parameter for RFC 3161 Time-Stamp Tokens Draft]. It requires that the > complete signature structure be completed prior to time-stamping, thus > enabling the time-stamp to serve as a countersignature on the entire > signature structure, including the actual certificate.
Thanks a lot for the feedback. This information is very helpful, especially since this draft hasn't received much feedback from the working group. > As such, I would strongly support the move of this document to WGLC. +1 cheers, t _______________________________________________ COSE mailing list -- [email protected] To unsubscribe send an email to [email protected]
