All, > On Apr 13, 2025, at 10:11 PM, Carsten Bormann <[email protected]> wrote: > > Embedded signatures require more than deterministic encoding (and, strictly > speaking, not even that): > They require transforms for embedding and then erasing the signature(s), and > that’s where there are “interesting" problems. > Signing (or digesting!) data at rest requires a good dose of ALDR rules plus > deterministic encoding to derive the signing/digesting inputs from the data > at rest; CBOR has the deterministic encoding covered for you if you want to > tackle that problem area [and you may never need to see actual CBOR-encoded > data on the wire].
It is these sort of challenges that Gordian Envelope [1] [2] [3] (built on dCBOR) is designed to address, where structured binary data of arbitrary complexity may be signed, countersigned, multi-signed, and partially (or completely) elided or encrypted after the fact by the holder, with signatures remaining verifiable. No separate canonicalization steps are ever required. ~ Wolf [1] https://youtu.be/uDI5ihfTB2Y [1] https://www.blockchaincommons.com/introduction/Envelope-Intro/ [2] https://datatracker.ietf.org/doc/draft-mcnally-envelope/
_______________________________________________ COSE mailing list -- [email protected] To unsubscribe send an email to [email protected]
