It remains a bit of a mystery how standards groups like JOSE/COSE and
FIDO/WebAuthn could end-up with a screw-up like EdDSA, while the PKIX WG got it
right from the very start[*].
OTOH, after seeing the CBOR WG trying to create TWO mutually incompatible
deterministic encoding standards, I guess anything goes :(
Regarding draft-ietf-jose-fully-specified-algorithms I don't fully see the
point of introducing algorithm identifiers that are not recommended. As a
COSE/JOSE implementer I don't even understand what to do. Implement? Warn?
Reject?
Anders
*]
0: SEQUENCE {
4: SEQUENCE {
8: [0] {
10: INTEGER 2
}
13: INTEGER 3d e7 44 0d 5c 83 7e d1 55 d6 ff 55 7e 01 83 12 18 db d6 3c
35: SEQUENCE {
37: OBJECT IDENTIFIER Ed25519 (1.3.101.112)
}
42: SEQUENCE {
44: SET {
46: SEQUENCE {
48: OBJECT IDENTIFIER countryName (2.5.4.6)
53: PrintableString 'AU'
}
}
57: SET {
59: SEQUENCE {
61: OBJECT IDENTIFIER stateOrProvinceName (2.5.4.8)
66: UTF8String 'Some-State'
}
}
78: SET {
80: SEQUENCE {
82: OBJECT IDENTIFIER organizationName (2.5.4.10)
87: UTF8String 'Internet Widgits Pty Ltd'
}
}
}
113: SEQUENCE {
115: UTCTime 200825181932
130: UTCTime 210825181932
}
145: SEQUENCE {
147: SET {
149: SEQUENCE {
151: OBJECT IDENTIFIER countryName (2.5.4.6)
156: PrintableString 'AU'
}
}
160: SET {
162: SEQUENCE {
164: OBJECT IDENTIFIER stateOrProvinceName (2.5.4.8)
169: UTF8String 'Some-State'
}
}
181: SET {
183: SEQUENCE {
185: OBJECT IDENTIFIER organizationName (2.5.4.10)
190: UTF8String 'Internet Widgits Pty Ltd'
}
}
}
216: SEQUENCE {
218: SEQUENCE {
220: OBJECT IDENTIFIER Ed25519 (1.3.101.112)
}
225: BIT STRING, 32 bytes
0000: 16 eb d9 d7 de 91 9a 54 a6 03 ab a2 2a 39 58 a2 '.......T....*9X.'
0010: e0 4d 6d 5c 5e 8c 54 9a 07 3a 96 b9 6f 49 74 c9 '.Mm\^.T..:..oIt.'
}
260: [3] {
262: SEQUENCE {
264: SEQUENCE {
266: OBJECT IDENTIFIER subjectKeyIdentifier (2.5.29.14)
271: OCTET STRING, encapsulates {
273: OCTET STRING, 20 bytes
0000: 71 a1 31 ab 82 2d d1 78 1e b9 5a e4 6b 0f a7 30 'q.1..-.x..Z.k..0'
0010: 80 c6 3f 57 '..?W'
}
}
295: SEQUENCE {
297: OBJECT IDENTIFIER authorityKeyIdentifier (2.5.29.35)
302: OCTET STRING, encapsulates {
304: SEQUENCE {
306: [0], 20 bytes
0000: 71 a1 31 ab 82 2d d1 78 1e b9 5a e4 6b 0f a7 30 'q.1..-.x..Z.k..0'
0010: 80 c6 3f 57 '..?W'
}
}
}
328: SEQUENCE {
330: OBJECT IDENTIFIER basicConstraints (2.5.29.19)
335: BOOLEAN true
338: OCTET STRING, encapsulates {
340: SEQUENCE {
342: BOOLEAN true
}
}
}
}
}
}
345: SEQUENCE {
347: OBJECT IDENTIFIER Ed25519 (1.3.101.112)
}
352: BIT STRING, 64 bytes
0000: 33 c7 37 83 95 21 c7 ca d9 b1 12 85 69 b5 1e 38 '3.7..!......i..8'
0010: 6a 1b c5 97 bd 8d 26 4e 00 62 78 9e 6e c9 c7 e0 'j.....&N.bx.n...'
0020: a1 49 58 10 8e 3f ed 64 76 36 e7 16 01 c3 51 be '.IX..?.dv6....Q.'
0030: 91 57 8a ee ef d6 b1 37 dd bf 40 b7 ee 27 08 0d '.W.....7..@..'..'
}
On 2024-05-06 07:31, Karen ODonoghue wrote:
JOSE working group members,
This email initiates a three week working group last call on the following
document:
https://datatracker.ietf.org/doc/draft-ietf-jose-fully-specified-algorithms/
<https://datatracker.ietf.org/doc/draft-ietf-jose-fully-specified-algorithms/>
All open issues have been resolved. Additionally there does not appear to be
general support for including fully-specified ECDH algorithms.
https://mailarchive.ietf.org/arch/msg/jose/ZHDlXENvTwjlWxTVQQ2hkNBX4dw/
<https://mailarchive.ietf.org/arch/msg/jose/ZHDlXENvTwjlWxTVQQ2hkNBX4dw/>
Please review the document and post any final comments along with your
recommendation on whether or not it is ready to proceed by the Monday 27 May.
Thank you,
JOSE chairs
_______________________________________________
jose mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/jose
_______________________________________________
jose mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/jose
