generated from martinthomson/internet-draft-template
-
Notifications
You must be signed in to change notification settings - Fork 1
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
1 changed file
with
33 additions
and
14 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -19,18 +19,18 @@ | |
| # Change the file extension to match the format (.xml for XML, etc...) | ||
| # | ||
| ### | ||
| title: "TODO - Your title" | ||
| abbrev: "TODO - Abbreviation" | ||
| title: "COSE Hash Envelope" | ||
| abbrev: "CHE" | ||
| category: info | ||
|
|
||
| docname: draft-todo-yourname-protocol-latest | ||
| docname: draft-steele-cose-hash-envelope-latest | ||
| submissiontype: IETF # also: "independent", "editorial", "IAB", or "IRTF" | ||
| number: | ||
| date: | ||
| consensus: true | ||
| v: 3 | ||
| area: AREA | ||
| workgroup: WG Working Group | ||
| area: Security | ||
| workgroup: COSE | ||
| keyword: | ||
| - next generation | ||
| - unicorn | ||
|
|
@@ -40,14 +40,14 @@ venue: | |
| type: Working Group | ||
| mail: [email protected] | ||
| arch: https://example.com/WG | ||
| github: USER/REPO | ||
| github: OR13/draft-steele-cose-hash-envelope | ||
| latest: https://example.com/LATEST | ||
|
|
||
| author: | ||
| - | ||
| fullname: Your Name Here | ||
| organization: Your Organization Here | ||
| email: [email protected] | ||
| fullname: Orie Steele | ||
| organization: Transmute | ||
| email: [email protected] | ||
|
|
||
| normative: | ||
|
|
||
|
|
@@ -56,21 +56,38 @@ informative: | |
|
|
||
| --- abstract | ||
|
|
||
| TODO Abstract | ||
|
|
||
| This draft defines a mechanism for signing hashes of payloads along with hints about their content format and availability. | ||
|
|
||
| --- middle | ||
|
|
||
| # Introduction | ||
|
|
||
| TODO Introduction | ||
| COSE defined detached payloads in [rfc9052#section-2]. | ||
| However, a detached payload cose sign 1 still requires the payload content to be availble in order to verify. | ||
|
|
||
| For large payloads this is a problem. This draft addresses this problem by describing a simply way to sign hashes of large payloads while maintaining information about their content type. | ||
|
|
||
| ## Usage | ||
|
|
||
| ~~~~ cbor-diag | ||
| { | ||
| / Algorithm / | ||
| 1: -35, | ||
| / Key identifier / | ||
| 4: h'75726e3a...32636573', | ||
| / typ of the envelope / | ||
| TBD 0: application/hashed+cose | ||
| / Hash algorithm of the payload / | ||
| TBD 1: sha-256 | ||
| / cty of the preimage of the payload / | ||
| TBD 2: application/jwk+json | ||
| } | ||
| ~~~~ | ||
|
|
||
| # Conventions and Definitions | ||
|
|
||
| {::boilerplate bcp14-tagged} | ||
|
|
||
|
|
||
| # Security Considerations | ||
|
|
||
| TODO Security | ||
|
|
@@ -86,4 +103,6 @@ This document has no IANA actions. | |
| # Acknowledgments | ||
| {:numbered="false"} | ||
|
|
||
| TODO acknowledge. | ||
| The following individuals provided input into the final form of the document: Carsten Bormann, Henk Birkholz, Antoine Delignat-Lavaud, Cedric Fournet. | ||
|
|
||
|
|
||