Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Define a normative value of typ(6) for COSE Merkle Proofs #39

Open
achamayou opened this issue Nov 8, 2024 · 0 comments
Open

Define a normative value of typ(6) for COSE Merkle Proofs #39

achamayou opened this issue Nov 8, 2024 · 0 comments

Comments

@achamayou
Copy link
Collaborator

Although relying parties can implicitly check for the presence of vds(395) to decide if a COSE document is a COSE Merkle Proof, I think it would be clearer and less open to ambiguity to define a specific value of typ(6).

Having validators check for the presence of fields to decide what they are looking is making implementation more error prone than necessary. It would be possible to construct a document that would have both a vds(395) and the TBD fields of COSE Hash Envelope for example, and whose validation may end up depending on the order in which implementations check for the presence of fields. Dispatching on typ values is more likely to be implemented consistently.

5.2.1 makes the following suggestion:

Profiles of proof signatures are
encouraged to make additional protected header parameters mandatory,
to ensure that claims are processed with their intended semantics.
One way to include this information in the COSE structure is use of
the typ (type) Header Parameter, see
[I-D.ietf-cose-typ-header-parameter] and the similar guidance

But none of the proposed profiles have defined a typ, which would be redundant with vds(395).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant