Hello,
Section 3. Terminology of
https://datatracker.ietf.org/doc/draft-ietf-cose-merkle-tree-proofs/08/ defines
VDP as:
Verifiable Data Structure Parameters (VDP): Parameters to a
verifiable data structure that are used to prove properties, such
as authentication, inclusion, consistency, and freshness.
Parameters can include multiple proofs of a given type, or
multiple types of proof (inclusion and consistency). This
property is conceptually similar to COSE Header Parameter "epk"
(-1) or CBOR Web Token (CWT) claim "cnf" (8), it is applied to a
verifiable data structure, to confirm a property. For example an
encrypted message might be decrypted using epk and a private key,
a digital signature for authentication might be verified using cnf
and the (CWT) claim "nonce" and "audience", and an inclusion proof
for a binary merkle tree might be verified with VDP and some entry
that is being tested or inclusion in the tree.
But every other use of VDP in the document is expanded to "proof" instead,
including 1. Introduction:
Different VDS can produce different verifiable datastructure proofs (VDP).
This is inconsistent and confusing, and leaves the document in a state where
"Verifiable Datastructure Proof" is effectively undefined. Could this
discrepancy be resolved before RFC?
Orie Steele has suggested that VDP should be Parameter everywhere, to follow
IETF conventions, and that "proof" should not be used in the final document. I
have no opinion, I would only like consistency one way or another.
I am very happy to do a PR if that is acceptable.
Thank you,
Amaury
_______________________________________________
COSE mailing list -- [email protected]
To unsubscribe send an email to [email protected]
