On Thu, Aug 15, 2024 at 03:55:33PM -0700, [email protected] wrote: > Internet-Draft draft-ietf-cose-hash-envelope-00.txt is now available. It is a > work item of the CBOR Object Signing and Encryption (COSE) WG of the IETF. > > Title: COSE Hash Envelope > Authors: Orie Steele > Steve Lasker > Henk Birkholz > Name: draft-ietf-cose-hash-envelope-00.txt > Pages: 8 > Dates: 2024-08-15
Some stuff: - Should payload_hash_alg be required to be critical? - Assuming payload_hash_alg just causes content to be pre-hashed, then how do payload_preimage_content_type and 'content type' differ? - Maybe add protected header for preimage length. So that applications don't have to deal with over-large responses from HTTP servers (which could cause problems). Something like: &(payload_preimage_content_length: TBD_4) => uint If payload_hash_alg just causes prehashing, maybe call it 'content length' or something. - Picking the same hash function as the signature does not guarantee equal strength, because some signatures have internal collision mitigations (e.g., EdDSA, ML-DSA and SLH-DSA). - What is output length of SHAKE256? 64 bytes (as usual)? -Ilari _______________________________________________ COSE mailing list -- [email protected] To unsubscribe send an email to [email protected]
