[COSE] Re: Help on making a real small CBOR sub-certificate

Robert Moskowitz Wed, 11 Feb 2026 15:24:42 -0800

Lijun,

Take a look at this test cert pem:

DISCLAMER: This is a TEST cert from a TEST CA. No commitment by FAA inthis is what they are or plan on doing. For example, it does notcontain any of the FAA's policy OIDs (and they have a bunch of them).

It is kind of what may be actually used, but way to big to sendin-band. It will be in the DNS per rfc9688. This one does not have theSAN IPv4, but you can figure out what that is.


Anyway what I am trying is to subset this cert's c509 to only have:


 * Validity dates
 * issuerAltName (IAN) IPv6 (issuer's DET per rfc9374)
 * subjectAltName (SAN) IPv6 (aircraft's DET per rfc9374)
 * subjectAltName (SAN) IPv4 (aircraft's 24-bit number prefixed with ZERO)
 * Aircraft's EdDSA25519 public key

And a specific CBOR sig of only these fields, not the cert's sig.

This much info allows for DNS lookup of the full certs for Internetconnect systems. For non-connected systems that have the Issuer's cert(and back to root) cached, they can validate this object and use its PKto validate the TESLA signed key.


So, this is the challenge.

I have to live within what the CivilAviationAuthorities (e.g. FAA) willdo for aircraft certs. Have those available, but only send a smallpiece over the air.

Not your "normal" c509 cert work. But then, for starters, I have todeal with CAAs following the ICAO CP for big winged things.


:)

On 2/11/26 5:25 PM, Lijun Liao wrote:

Robert,

If you use C509 certificate, one solution is:

c509CertificateType: 1 byte
certificateSerialNumber: 1 + n bytes (for n bytes bitint)
issuerSignatureAlgorithm: 1 byte
issuer: CN=issuer’s DET (1 + k bytes: k=len(IPv6))
validityNotBefore: 1 + 4 bytes
validityNotAfter: 1 + 4 bytes
subject: DET=aircraft’s DET (1 + k bytes: k=len(IPv6))
subjectPublicKeyAlgorithm: 1 bytes
subjectPublicKey: 1 + 32 bytes
extensions: 8 bytes
   SAN: aircraft’s IPv4 DET:
issuerSignatureValue: 1 + 64 bytes

Count it together, you need sum = 122 + n + k + k bytes.
Let n = 8, k = 16, then sum = 162 bytes = 1296 bits = 3 * 385 + 141 bits.

Cheer
Lijun
On 11. Feb 2026, at 16:32, Robert Moskowitz<[email protected]> wrote:
I have to squeeze only those fields into as few 385-bit pieces tovalidate a TESLA Key Disclouser.
Ugh.
So "all" I need from the aircraft full certificate (ignore all thosepolicy OIDs and other odds and ends!) is:
  * Validity dates
  * issuerAltName (IAN) IPv6 (issuer's DET per rfc9374)
  * subjectAltName (SAN) IPv6 (aircraft's DET per rfc9374)
  * subjectAltName (SAN) IPv4 (aircraft's 24-bit number prefixed with
    ZERO) - note I have not figured out any better/smaller OID (in
    subject or SAN) for the 24-bit aircraft number.  Using IPv4 is a
    hack at best.
  * Aircraft's EdDSA25519 public key
  * CBOR sig of these by issuer's EdDSA25519 key
Note that the issuer DET's SuiteID provides the algorithm for thesignature.
I am trying to use cbor.me to expand some test cbor c509 certs to getsizes, but I am not good enough with cbor to figure this out. Plusthat sig would probably be a "regular" cbor object signature, not thec509 sig.
I am under a deadline with a bunch of other writing that this is justone important part, so any help is greatly appreciated.
Each 385-bit message costs 120ms of channel capacity. The fewer thebetter...
Bob

_______________________________________________
COSE mailing list -- [email protected]
To unsubscribe send an email to [email protected]
_______________________________________________
COSE mailing list [email protected]
To unsubscribe send an email [email protected]

_______________________________________________
COSE mailing list -- [email protected]
To unsubscribe send an email to [email protected]

[COSE] Re: Help on making a real small CBOR sub-certificate

Reply via email to