Open dimakuv opened 1 year ago
To be honest, I dislike the current "onion" design of the Evidence data format: a serialized CBOR array inside of a serialized CBOR map inside of a CBOR array...
I would prefer to remove one layer of indirection here. For example:
...
* where "serialized-cbor-map of claims" is as follows:
*
* CBOR map ->
* {
* "pubkey-hash-value" (req) : CBOR bstr (hash of DER-formatted "SubjectPublicKeyInfo" field as CBOR bstr),
* "pubkey-hash-alg-id" (opt) : CBOR uint (if skipped, then assume SHA256),
* "nonce" (opt) : CBOR bstr (arbitrary-sized nonce for per-session freshness)
* }
But then this doesn't follow the standard CoSWID definition of "hash-entry array"...
My understanding of the proposal is consistent with the above diagram and process.
Thanks @KB5201314 for confirmation!
@dimakuv @KB5201314 Thank you for your summary! I've created PR #7 to edit the document for better clarity. Let me know if you have feedback to this PR.
PR #7 looks good to me. I'll keep this issue open for now, as I think my description may be helpful to others. (If you think otherwise, feel free to close the issue.)
How about creating a new document (like design notes) to capture the description? Committing PR #7 will close this issue automatically.
Here is my summary of the current (as of 12. January 2023) proposal:
(I do not care about Endorsement Data Format currently; I'm only interested in the Evidence Data Format)
To put it differently, this is the process of creating an Evidence, step by step (basically, go backwards in the above diagram):
hash-value
CBOR bstr:hash-entry
CBOR array:hash-alg-id
as CBOR unsigned integer (with value1
which corresponds to the used hash SHA256)hash-alg-id
as the first CBOR-array itemhash-value
(generated in previous step) as the second CBOR-array itemhash-entry
CBOR array as CBOR bstrmap of claims
CBOR map:hash-entry
CBOR bstr as the"pubkey-hash"
item in the CBOR map"nonce"
item in the CBOR mapmap of claims
CBOR map as CBOR bstrmap of claims
CBOR bstruser_report_data
field containing the calculated hashmap of claims
CBOR bstr as the second CBOR-array item<tag1>
P.S. I tried to use terminology from the following sources: