On 29 Jan 2026, at 11:40, Christian Huitema wrote: > On 1/29/2026 9:49 AM, Paul Hoffman wrote: >>> Ok, so perhaps you mean something like "A CBOR text string containg a DNS >>> presentation format FQDN, using A-label >>> (punycode) as per RFC5890, without trailing dot" ? >> Something like that would be a good replacement. A more specific suggestion: >> >> "...encoded as a CBOR text string that contains an fully-qualified domain >> name with no trailing dot, where each label is an A-label as defined in >> [RFC5890]". > > There is a precedent for encoding DNS names in CBOR: RFC 8618, "Compacted-DNS > (C-DNS): A Format for DNS Packet Capture". The definition it uses is "theĀ > contents of a single NAME ... in wire format (of type byte string)."
That is the opposite of what is in the draft being discussed, and is completely different than the PKIX format being converted. The latter makes me think that it is likely that applications will do this wrong, and that the resulting certificates would be unusable. --Paul Hoffman _______________________________________________ COSE mailing list -- [email protected] To unsubscribe send an email to [email protected]
