Hi, We have made a small update to C509 following the IESG review.
The details are in #393<https://github.com/cose-wg/CBOR-certificates/issues/393>, #394<https://github.com/cose-wg/CBOR-certificates/issues/394>, #395<https://github.com/cose-wg/CBOR-certificates/issues/395>, here is a summary: * C509CertData (or an array of C509CertData) is the object being transported, and it is now defined as the byte string wrapped array C509Certificate, rather than byte string wrapped CBOR sequence ~C509Certificate. This is a simplification and a harmonization with existing definitions such as C509CertificationRequest and things yet to be defined such as C509CRL. Consequently, the C509 certificate hash is calculated over the array instead of the CBOR sequence, thereby avoiding the need to handle ~C509Certificate. * Added array wrapping to the test vectors. * Alignment with RFC 9360. Changing the definition of application/cose-c509-cert and using the name "application/cose-c509" to mean what application/cose-c509-cert used to mean. In this way the definitions of COSE headers c5u and c5u-sender becomes analogous to x5u and x5u-sender. * Added structured suffix “+cbor" to all media types (thanks Brian!). * Fixed bug in "Statement of Possession of a Private Key" attribute where the 'cert' field that previously contained C509Certificate is now replaced with C509CertData, thus allowing handling of certificate data without CBOR parsing. Göran From: [email protected] <[email protected]> Date: Tuesday, 30 June 2026 at 10:23 To: [email protected] <[email protected]> Cc: [email protected] <[email protected]> Subject: [COSE] I-D Action: draft-ietf-cose-cbor-encoded-cert-20.txt Internet-Draft draft-ietf-cose-cbor-encoded-cert-20.txt is now available. It is a work item of the CBOR Object Signing and Encryption (COSE) WG of the IETF. Title: CBOR Encoded X.509 Certificates (C509 Certificates) Authors: John Preuß Mattsson Göran Selander Shahid Raza Joel Höglund Martin Furuhed Lijun Liao Name: draft-ietf-cose-cbor-encoded-cert-20.txt Pages: 98 Dates: 2026-06-30 Abstract: This document specifies a CBOR encoding of X.509 certificates. The resulting certificates are called C509 certificates. The CBOR encoding supports a large subset of RFC 5280 and common certificate profiles, and it is extensible. Two types of C509 certificates are defined. One type is an invertible CBOR re-encoding of DER-encoded X.509 certificates with the signature field copied from the DER encoding. The other type is identical except that the signature is computed over the CBOR encoding instead of the DER encoding, thereby avoiding the use of ASN.1. Both types of certificates have the same semantics as X.509 while providing comparable size reduction. This document also specifies CBOR-encoded data structures for certification requests and certification request templates, new COSE headers, as well as a TLS certificate type and a file format for C509. This document updates RFC 6698 by extending the TLSA selectors registry to include C509 certificates. The IETF datatracker status page for this Internet-Draft is: https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdatatracker.ietf.org%2Fdoc%2Fdraft-ietf-cose-cbor-encoded-cert%2F&data=05%7C02%7Cgoran.selander%40ericsson.com%7Ce6a160cb4c9740ac9e6808ded680cea7%7C92e84cebfbfd47abbe52080c6b87953f%7C0%7C0%7C639184045910247437%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=M8SY3yhI%2BmkpwGgcpQiO64ZsKFiSnwXfL5rtiFYNTg4%3D&reserved=0<https://datatracker.ietf.org/doc/draft-ietf-cose-cbor-encoded-cert/> There is also an HTML version available at: https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf.org%2Farchive%2Fid%2Fdraft-ietf-cose-cbor-encoded-cert-20.html&data=05%7C02%7Cgoran.selander%40ericsson.com%7Ce6a160cb4c9740ac9e6808ded680cea7%7C92e84cebfbfd47abbe52080c6b87953f%7C0%7C0%7C639184045910359325%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=l4DG37e9xnaccruIyxOqiPzB3oWoJcHM1NgGRSHNv0w%3D&reserved=0<https://www.ietf.org/archive/id/draft-ietf-cose-cbor-encoded-cert-20.html> A diff from the previous version is available at: https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fauthor-tools.ietf.org%2Fiddiff%3Furl2%3Ddraft-ietf-cose-cbor-encoded-cert-20&data=05%7C02%7Cgoran.selander%40ericsson.com%7Ce6a160cb4c9740ac9e6808ded680cea7%7C92e84cebfbfd47abbe52080c6b87953f%7C0%7C0%7C639184045910457165%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=CbS3WixzvUAusArXO9BfbZdnytkS21CbsLruo%2Bzpy5Y%3D&reserved=0<https://author-tools.ietf.org/iddiff?url2=draft-ietf-cose-cbor-encoded-cert-20> Internet-Drafts are also available by rsync at: rsync.ietf.org::internet-drafts _______________________________________________ COSE mailing list -- [email protected] To unsubscribe send an email to [email protected]
_______________________________________________ COSE mailing list -- [email protected] To unsubscribe send an email to [email protected]
