On 2025-03-16 10:43, Carsten Bormann wrote:
Hi Anders,
I think you are doing great work documenting your implementation work.
I would love to have documents like this reviewed, fixed, and be published as
informational documents from the CBOR WG.
Me too.
Unfortunately, you are dressing this as “UNIVERSAL CBOR”, which it isn’t.
I did not expect any positive input from you, but let me just briefly respond.
- CBOR tools built according this specification target the bulk (95%+) of the
developer market [*]. This lot have no deeper interests in CBOR. For them
UNIVERSAL may fit the bill but if you have a better term, I'm all ears.
- "Object Encapsulation" is pretty much the de-facto standard for similar tools
for XML, JSON, ASN.1. For the intended market [*] NB... This concept does [much] more
than support signatures.
- Regarding the [non-normative] signature scheme, would it be possible to
provide some more nuanced critique?
Letting the crippled nature of JSON dictate CBOR isn't cool and will make the
transition to CBOR (that I'm advocating for), slow and uncertain.
FYI: I'm going to exploit the stalemate introduced by your SPRIND/OIDF friends
https://github.com/openid/OpenID4VP/issues/342#issuecomment-2638920357
for pushing this stuff. Wish me luck :) wallets is the s***.
Cheers,
Anders
*] If "market" is a problematic term in the IETF, replace it with whatever you
feel is appropriate. BTW, my work is entirely non-commercial.
You are also not citing the normative documents that are the basis of this work.
The weird semi-retaining signature concept in Appendix B might have its
applications, but it mostly combines the disadvantages of the retaining and
non-retaining approaches to object signatures. This part is most definitely
not UNIVERSAL. Giving it grandiose, official-sounding names such as CSF and
CEF doesn’t help either.
I don’t know why you are pursuing this false advertising.
It sincerely doesn’t help your work.
Instead it is simply devaluing it.
Grüße, Carsten
_______________________________________________
COSE mailing list -- [email protected]
To unsubscribe send an email to [email protected]
