the item added to the charter here was a bug fix for that item accidentally removed during last chartering. The WG had already decided in the past the have it in the charter.
Paul Sent from my iPhone > On Sep 18, 2025, at 15:28, Anders Rundgren <[email protected]> > wrote: > > It may be premature counting out Embedded Signatures as a possible standard. > Compared to the existing COSE signature container, Embedded Signatures offer > several advantages: > > - Signs the entire message > - Retains the structure of the original message > > Applied to SD-CWT: > https://cyberphone.github.io/sd-experimental/doc/#holder-sd-cwt > > Basic spec: > https://www.ietf.org/archive/id/draft-rundgren-cbor-core-12.html#name-embedded-signatures > > Online: > https://test.webpki.org/csf-lab/create > > Anders > > >> On 2025-09-18 19:01, The IESG wrote: >> The CBOR Object Signing and Encryption (cose) WG in the Security Area of the >> IETF is undergoing rechartering. The IESG has not made any determination yet. >> The following draft charter was submitted, and is provided for informational >> purposes only. Please send your comments to the IESG mailing list >> ([email protected]) by 2025-09-28. >> CBOR Object Signing and Encryption (cose) >> ----------------------------------------------------------------------- >> Current status: Active WG >> Chairs: >> Ivaylo Petrov <[email protected]> >> Michael Jones <[email protected]> >> Assigned Area Director: >> Paul Wouters <[email protected]> >> Security Area Directors: >> Paul Wouters <[email protected]> >> Deb Cooley <[email protected]> >> Mailing list: >> Address: [email protected] >> To subscribe: https://www.ietf.org/mailman/listinfo/cose >> Archive: https://mailarchive.ietf.org/arch/browse/cose/ >> Group page: https://datatracker.ietf.org/group/cose/ >> Charter: https://datatracker.ietf.org/doc/charter-ietf-cose/ >> CBOR Object Signing and Encryption (COSE, RFC 9052) describes how to >> create and process signatures, message authentication codes, and >> encryption using Concise Binary Object Representation (CBOR, RFC 8949) >> for serialization. COSE additionally describes a representation for >> cryptographic keys. >> The COSE working group handles four types of (intended status Standard Track) >> documents: >> 1. Documents that describe the use of cryptographic algorithms in COSE. >> 2. Documents that describe additional attributes for COSE. >> 3. Documents that define header parameters to be used in COSE objects. >> 4. Documents that define COSE key representations. >> The WG will evaluate, and potentially adopt, documents dealing with >> algorithms >> that would fit the criteria of being IETF consensus algorithms. >> Potential candidates would include those algorithms that have been evaluated >> by the CFRG and algorithms which have gone through a public review and >> evaluation process such as was done for the NIST SHA-3 algorithms. >> Key management and binding of keys to identities are out of scope for >> the working group. The COSE WG will not innovate in terms of >> cryptography. The specification of algorithms in COSE is limited to >> those in RFCs, active CFRG or IETF WG documents, or algorithms which >> have been positively reviewed by the CFRG. >> The COSE WG will also work on a CBOR encoding of the certificate profile >> defined in RFC 5280. It is expected that the encoding works with RFC 7925. >> The main objective is to define a method of encoding current X.509 >> certificates that meet a specific profile into a smaller format. This >> encoding is invertible, so they can be expanded and normal X.509 certificate >> processing can be used. draft-mattsson-cose-cbor-cert-compress is expected >> to be a good starting point >> Milestones: >> _______________________________________________ >> COSE mailing list -- [email protected] >> To unsubscribe send an email to [email protected] > _______________________________________________ COSE mailing list -- [email protected] To unsubscribe send an email to [email protected]
