1. There are not standard-conform X509 certificates, but such certificates are usually not allowed in the public areas (e.g. CA/Browser Forum). If exists, only ignorable percent. 2. For the not standard-conform fields issuer, subject, and extensions, the CBOR-compressed version uses the DER-encoded bytes so that it can still be converted back.
> On 8. Oct 2025, at 23:19, Phillip Hallam-Baker <[email protected]> wrote: > > It is a feature that is going to impose a very high burden on developers, is > unlikely to work because of issues that are outside their control (i.e. > X.509v3 certs not necessarily using correct DER) and is going to prevent the > wider effort taking advantage of the opportunity to break backwards > compatibility and jettison some of the X.500 legacy.
_______________________________________________ COSE mailing list -- [email protected] To unsubscribe send an email to [email protected]
