Hi Anders,
I am not sure if I should get involved in this conversation, but you
wrote something that I would like you to elaborate about, specifically:
wrapping data-to-be signed in "bstr" destroys the structure of messages.
I am not following.
Viele Grüße,
Henk
On 05.03.25 08:45, Anders Rundgren wrote:
On 2025-03-05 05:51, lgl island-resort.com wrote:
Hi Anders,
To be honest, your draft needs to be filled in a lot more to convince
us of anything.
Dear Laurence, I have neither any hope nor an ambition convincing You,
Carsten, or the IETF about the credibility of this work.
However, the Blockchain Commons folks which you (apparently) have [more]
faith in, have come to the same conclusion as I, namely, making
deterministic encoding a "Selectable Feature" has NO PLACE in high-level
designs. Maybe CBOR for "light-bulb controllers" and CBOR for
"enterprise applications" could have slightly different requirements?
Universal CBOR is (as declared) intended for the latter.
Anyway, we have after 24 months(!) still no (credible) explanation to
why Gordian Envelopes need a specific encoding scheme. This makes ME
somewhat less convinced :)
The COSE issue is another story but again, the Blockchain Commons folks
have arrived at the same point as I: wrapping data-to-be signed in
"bstr" destroys the structure of messages. With DE wrapping becomes
REDUNDANT.
Regards,
Anders
Also, I've got complaints about some parts of COSE and other IETF
standards, but not so much about COSE signatures. They seem reasonably
universal to me.
LL
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
*From:* Anders Rundgren <[email protected]>
*Sent:* Tuesday, March 4, 2025 7:27 AM
*To:* Carsten Bormann <[email protected]>
*Cc:* CBOR <[email protected]>; cose <[email protected]>
*Subject:* [Cbor] Re: [COSE] New I-D: draft-rundgren-universal-cbor-00
Since there is no interest in discussing these topics in a more
constructive way, I might as well finish with
https://www.json.org/fatfree.html
<https://www.json.org/fatfree.html>. This is (IMO) how you obtain
ubiquity (=universal).
It is OK (indirectly) claiming that Universal CBOR is c**p and its
author is a charlatan. However, Universal CBOR is [currently] the
only show in town.
Hashing "raw" (non-wrapped [*]) CBOR is not a mystery and enveloped
signatures are featured in PDFs.
Anders
*] Linguistic issue: I managed confusing "unwrapped" and
"non-wrapped". Fixed in -02.
On 2025-03-04 10:04, Carsten Bormann wrote:
On 2025-03-04, at 09:06, Anders Rundgren
<[email protected]> wrote:
The core is a profile of CBOR as defined by RFC 8949, designed to
fit a specific (but very big) "market”.
First of all, we don’t seem to have consensus we need a “profile”.
Second, if we do need another one, this profile should be explained
in terms of the CBOR documents we have; you seem to have an aversion
to that.
And the spec certainly should not claim to be “universal”.
Grüße, Carsten
_______________________________________________
CBOR mailing list -- [email protected]
To unsubscribe send an email to [email protected]
_______________________________________________
CBOR mailing list -- [email protected]
To unsubscribe send an email to [email protected]
_______________________________________________
COSE mailing list -- [email protected]
To unsubscribe send an email to [email protected]
