On Dec 1, 2025, at 15:23, Amaury Chamayou <[email protected]> wrote: > > So this bit of CDDL would seemingly allow a COSE_Key with labels 2 to 5 set > to basically any value, according to > https://www.rfc-editor.org/rfc/rfc8610#section-3.5.4, which seems unlikely to > be the intent.
The whole CDDL line * label => values may be used to encode values that are unlikely to be the intent: E.g., I can send label 17 with a poem by the German psychiatrist Heinrich Hoffmann as the value. In practice, this wildcard line assumes that the recipient has ways to validate matching map entries by means that are not described in the CDDL. (CDDL does have sockets, which can be used to give the extensibility more structure, but they are not used here.) What a cut can change here as per the definition in Section 3.5.4 of RFC 8610 is to not accept this wildcard definition in those cases where a map key already matched a previous definition. In many cases, this is better than accepting it when the value didn’t match; i.e., we limit the extensibility to new cases with new labels, and don’t allow the wildcard to accept additional values for a new case with an existing label. Grüße, Carsten _______________________________________________ COSE mailing list -- [email protected] To unsubscribe send an email to [email protected]
