The IESG has approved the following document: - 'COSE (CBOR Object Signing and Encryption) Receipts' (draft-ietf-cose-merkle-tree-proofs-17.txt) as Proposed Standard
This document is the product of the CBOR Object Signing and Encryption Working Group. The IESG contact persons are Paul Wouters and Deb Cooley. A URL of this Internet-Draft is: https://datatracker.ietf.org/doc/draft-ietf-cose-merkle-tree-proofs/ Technical Summary COSE (CBOR Object Signing and Encryption) Receipts prove properties of a verifiable data structure to a verifier. Verifiable data structures and associated proof types enable security properties, such as minimal disclosure, transparency and non-equivocation. Transparency helps maintain trust over time, and has been applied to certificates, end to end encrypted messaging systems, and supply chain security. This specification enables concise transparency oriented systems, by building on CBOR (Concise Binary Object Representation) and COSE. The extensibility of the approach is demonstrated by providing CBOR encodings for RFC9162. Working Group Summary There was broad consensus and no controversy. Note that One of the authors had initially indicated that the IPR disclosed in https://datatracker.ietf.org/ipr/6609/ should be relevant for this draft. Later they updated their statement and filed https://datatracker.ietf.org/ipr/6621/ stating that it should not apply based on further discussions with their lawyer: https://mailarchive.ietf.org/arch/msg/cose/uaXAo7zsnFg1XHOq1xoIKUR6ah8/. Document Quality There are at least 3 known implementations. It was reported that on -05 some of them have successfully tested interoperability. Stake holders from the SCITT working group have also reviewed this document. The CDDL has been checked. Personnel The Document Shepherd for this document is Ivaylo Petrov. The Responsible Area Director is Paul Wouters. _______________________________________________ COSE mailing list -- [email protected] To unsubscribe send an email to [email protected]
