why is "Public key algorithm and encoding" 2 bytes long? from Hodges, Jeff on 2016-10-25 (public-webauthn@w3.org from October 2016)

From: Hodges, Jeff <jeff.hodges@paypal.com>
Date: Tue, 25 Oct 2016 22:17:34 +0000
To: W3C WebAuthn WG <public-webauthn@w3.org>
Message-ID: <D4352805.D9862%jehodges@paypalcorp.com>

in S 5.3.3 "Generating an Attestation Statement"
{#generating-an-attestation-statement}, the "Public key algorithm and
encoding" is described as..

  Public key algorithm and encoding (16-bit big-endian value). Allowed
values 
  are: 

         
          
    1. 0x0100. This is raw ... Elliptic Curve public key [SEC1] ...

          
    2. 0x0102.  Raw encoded RSA ... public key [RFC3447] ...
           

questions:

1. Why do we need to use two bytes here?

2. Were there any particular reasons the values of 0x0100 and 0x0102 were
picked? 

3. This "Public key algorithm and encoding" does not seem to be used as a
set of bit flags ... is there any reason we cannot use a single byte here,
which would ostensibly have enough distinct values to represent whatever
different PK key types and encodings evolve in the future?

thanks,

=JeffH

Attachments

text/html attachment: default.html
text/html attachment: default[1].html
text/html attachment: default[2].html

Received on Tuesday, 25 October 2016 22:18:33 UTC