- From: Anders Rundgren <anders.rundgren.net@gmail.com>
- Date: Fri, 18 Feb 2022 06:19:03 +0100
- To: "W3C Credentials CG (Public List)" <public-credentials@w3.org>
The current way:
https://datatracker.ietf.org/doc/html/rfc8392#appendix-A.3
18([h'a10126', {
4: h'4173796d6d65747269634543445341323536'
}, h'a70175636f61703a2f2f61732e6578616d706c652e636f6d02656572696b77037818636f61703a2f2f6c696768742e6578616d706c652e636f6d041a5612aeb0051a5610d9f0061a5610d9f007420b71', h'5427c1ff28d23fbad1f29c4c7c6a555e601d6fa29f9179bc3d7438bacaca5acd08c8d4d4f96131680c429a01f85951ecee743a52b9b63632c57209120e1c9e30'])
Using deterministic serialization (NOT to be confused with canonicalization since there is exactly only ONE valid representation), and an enveloped signature:
18({
1: "coap://as.example.com",
2: "erikw",
3: "coap://light.example.com",
4: 1444064944,
5: 1443944944,
6: 1443944944,
7: h'0b71',
-1: {
1: -7,
3: h'4173796d6d65747269634543445341323536',
7: h'e1e1a3bda070b586be0e9b95e6e5ccae4bcfb44726aa3f6b5e7bbc81d2193f439b6c6b84962c27eb4796e17dd6ecd028026a8e351bed3f9be95c96447e3fd262'
}
})
Although not shown here, the signature scheme I have used follows the model for expressing Ed25519 and Ed448 algorithms as featured in FIDO and PKIX, which differs from COSE.
Anders
You may try it out on-line but the tag as shown above must currently be added afterwards. IMO, object identifying tags should eventually be signed as well:
https://test.webpki.org/csf-lab/home
Received on Friday, 18 February 2022 05:19:19 UTC