On 2025-03-05 05:51, lgl island-resort.com wrote:
Hi Anders,
To be honest, your draft needs to be filled in a lot more to convince us of
anything.
Dear Laurence, I have neither any hope nor an ambition convincing You, Carsten,
or the IETF about the credibility of this work.
However, the Blockchain Commons folks which you (apparently) have [more] faith in, have come to the same
conclusion as I, namely, making deterministic encoding a "Selectable Feature" has NO PLACE in
high-level designs. Maybe CBOR for "light-bulb controllers" and CBOR for "enterprise
applications" could have slightly different requirements? Universal CBOR is (as declared) intended for
the latter.
Anyway, we have after 24 months(!) still no (credible) explanation to why
Gordian Envelopes need a specific encoding scheme. This makes ME somewhat less
convinced :)
The COSE issue is another story but again, the Blockchain Commons folks have arrived at
the same point as I: wrapping data-to-be signed in "bstr" destroys the
structure of messages. With DE wrapping becomes REDUNDANT.
Regards,
Anders
Also, I've got complaints about some parts of COSE and other IETF standards,
but not so much about COSE signatures. They seem reasonably universal to me.
LL
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
*From:* Anders Rundgren <[email protected]>
*Sent:* Tuesday, March 4, 2025 7:27 AM
*To:* Carsten Bormann <[email protected]>
*Cc:* CBOR <[email protected]>; cose <[email protected]>
*Subject:* [Cbor] Re: [COSE] New I-D: draft-rundgren-universal-cbor-00
Since there is no interest in discussing these topics in a more constructive way, I
might as well finish with https://www.json.org/fatfree.html
<https://www.json.org/fatfree.html>. This is (IMO) how you obtain ubiquity
(=universal).
It is OK (indirectly) claiming that Universal CBOR is c**p and its author is a
charlatan. However, Universal CBOR is [currently] the only show in town.
Hashing "raw" (non-wrapped [*]) CBOR is not a mystery and enveloped signatures
are featured in PDFs.
Anders
*] Linguistic issue: I managed confusing "unwrapped" and "non-wrapped". Fixed
in -02.
On 2025-03-04 10:04, Carsten Bormann wrote:
On 2025-03-04, at 09:06, Anders Rundgren <[email protected]> wrote:
The core is a profile of CBOR as defined by RFC 8949, designed to fit a specific
(but very big) "market”.
First of all, we don’t seem to have consensus we need a “profile”.
Second, if we do need another one, this profile should be explained in terms of
the CBOR documents we have; you seem to have an aversion to that.
And the spec certainly should not claim to be “universal”.
Grüße, Carsten
_______________________________________________
CBOR mailing list -- [email protected]
To unsubscribe send an email to [email protected]
_______________________________________________
COSE mailing list -- [email protected]
To unsubscribe send an email to [email protected]
