> On May 25, 2021, at 2:28 PM, Laurence Lundblade
> wrote:
>
> ...
>
> What you don’t get is an issue in the format of a DN, but maybe that is a
> good thing.
Should have said “is a subject in the format of a DN”.
Also note that attributes just become other CWT and EAT claims, again for
Any interest in CWT / JWT with the proof-of-possesion claim defined in RFC 8747
and RFC 7800? They both have a subject and a public key, the same as PKCS-10.
Seems there is some code size advantage, perhaps more so in the long run, to
going with pure CBOR. You only need to have COSE signing and
Hi,
There has been several requests regarding CSR including #77 and #80 from Stefan
Hristozov. Defining a CSR format seems very easy reusing existing CDDL and
definition for certificates. When discussed during the interim, there seemed to
be support of specifying a C509 CSR format. I made a
Thanks to autocompletion, I accidently sent this mail to CORE instead of COSE.
Obviously, I need to send more mails to COSE to train the algorithm…
Cheers,
John
From: core on behalf of John Mattsson
Date: Tuesday, 25 May 2021 at 18:26
To: c...@ietf.org , t...@ietf.org , l...@ietf.org
,
Hi,
We have submitted draft-ietf-cose-cbor-encoded-cert-01. Main updates are:
- Implemented the suggestions from Laurance to make C509Certificate and array
and write in text that applications that do not requiring a CBOR item can use
~C509Certificate.
- Addressed all of Ilari's comments
A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the CBOR Object Signing and Encryption WG of the
IETF.
Title : CBOR Encoded X.509 Certificates (C509 Certificates)
Authors : Shahid Raza
Hi Brian,
> do you mean to use a bare CWT Claim Map with a "cnf" key, or a full CWT
> sign/MAC structure attested to by some issuing entity?
> Is it proposed to replace the raw COSE_Key use with a CWT entirely, or add
> CWT as an alternative?
Thanks for good questions! This is more or less