Authors, I know that it is still a repo issue [1] but I'm relaying to the mailing list as a reminder: If full parity to X509 is desired in COSE, there should be "c5t-sender" "c5c-sender" "c5u-sender" equivalent alg-specific header parameters allocated by the C509 document. Without these, the ECDH-SS algorithms cannot refer to sender C509 certs.
Thanks for consideration, Brian S. [1] https://github.com/cose-wg/CBOR-certificates/issues/288 > -----Original Message----- > From: [email protected] <[email protected]> > Sent: Monday, March 2, 2026 5:08 PM > To: [email protected] > Cc: [email protected] > Subject: [EXT] [COSE] I-D Action: draft-ietf-cose-cbor-encoded-cert-17.txt > > APL external email warning: Verify sender [email protected] > before clicking links or attachments > > Internet-Draft draft-ietf-cose-cbor-encoded-cert-17.txt is now available. It > is > a work item of the CBOR Object Signing and Encryption (COSE) WG of the > IETF. > > Title: CBOR Encoded X.509 Certificates (C509 Certificates) > Authors: John Preuß Mattsson > Göran Selander > Shahid Raza > Joel Höglund > Martin Furuhed > Name: draft-ietf-cose-cbor-encoded-cert-17.txt > Pages: 88 > Dates: 2026-03-02 > > Abstract: > > This document specifies a CBOR encoding of X.509 certificates. The > resulting certificates are called C509 certificates. The CBOR > encoding supports a large subset of RFC 5280, common certificate > profiles and is extensible. > > Two types of C509 certificates are defined. One type is an > invertible CBOR re-encoding of DER-encoded X.509 certificates with > the signature field copied from the DER encoding. The other type is > identical except that the signature is over the CBOR encoding instead > of the DER encoding, avoiding the use of ASN.1. Both types of > certificates have the same semantics as X.509 and the same reduced > size compared to X.509. > > The document also specifies CBOR encoded data structures for > certificate (signing) requests and certificate request templates, new > COSE headers, as well as a TLS certificate type and a file format for > C509. This document updates RFC 6698; the TLSA selectors registry is > extended to include C509 certificates. > > The IETF datatracker status page for this Internet-Draft is: > https://datatracker.ietf.org/doc/draft-ietf-cose-cbor-encoded-cert/ > > There is also an HTML version available at: > https://www.ietf.org/archive/id/draft-ietf-cose-cbor-encoded-cert-17.html > > A diff from the previous version is available at: > https://author-tools.ietf.org/iddiff?url2=draft-ietf-cose-cbor-encoded-cert- > 17 > > Internet-Drafts are also available by rsync at: > rsync.ietf.org::internet-drafts > > > _______________________________________________ > COSE mailing list -- [email protected] > To unsubscribe send an email to [email protected]
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ COSE mailing list -- [email protected] To unsubscribe send an email to [email protected]
