On 2024-08-20 07:07, lgl island-resort.com wrote:
On Aug 19, 2024, at 1:04 PM, Anders Rundgren <[email protected]>
wrote:
On 2024-08-19 21:32, lgl island-resort.com wrote:
On Aug 19, 2024, at 12:25 PM, Anders Rundgren <[email protected]>
wrote:
No CBOR signing format needs determinism or canonicalization for the payload.
Pardon me, I managed to remove the > from your statement :(
Which do you mean?
1) No, I disagree with you.CBOR signing formats do need determinism.
2) Yes, I agree with you, Determinism is not need for signing formats.
None of this but as I wrote immediately below the mentioned line, signature
implementations that do not work directly with imput buffers depend on
determinism.
OK. I see. It's another form of “independent (re)construction”.
Indeed, there is no difference between construction and reconstruction, making
objects and associated implementations sharable between the encoder and decoder.
However, this is not something I've come up with; it is more or less a de-facto
standard for high-level tools.
Such systems typically also use the "builder" API pattern to further shield
application developers from implementation details:
https://github.com/cyberphone/CBOR.js/blob/main/test/xyz-encoder.js#L38
Anders
LL
_______________________________________________
COSE mailing list -- [email protected]
To unsubscribe send an email to [email protected]
