All, I'm replying to myself rather than any of the discussion threads. It seems like attempting to support C509 things will require at least some kind of specialized profiling to nail down which C509-specific options are mandated and allowed. I was originally more naively thinking that an existing PKIX profile could be amended to say ". and also with C509." But there is enough nuance that this is probably not appropriate and would leave ambiguities (i.e. destroy interoperability) in what the C509 cert contents must look like.
Brian S. From: Sipos, Brian J. <[email protected]> Sent: Wednesday, October 8, 2025 9:00 AM To: [email protected] Subject: [EXT] Alert-Verify-Sender: [COSE] The term "PKIX" and C509 WG, >From the perspective of a user or a profile specification allowing the use of X509 and C509 in, for example, COSE messages has there been any discussion about terminology in the sense of the following: Is it expected that the term "PKIX" will exclusively refer to X.509 as defined in RFC 5280? Or will PKIX be an umbrella term to include C509 as an equivalent encoding of the same information model? Possibly "public key certificate" is a better general purpose term, though a little more narrow in scope (a single credential) than what PKIX would imply (the whole PKI). Any thoughts about this? Brian S.
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ COSE mailing list -- [email protected] To unsubscribe send an email to [email protected]
