Open lalc opened 2 months ago
The reason to choose ES256 was that it is supported well by Keystore APIs of iOS and Android
The reason to choose ES256 was that it is supported well by Keystore APIs of iOS and Android
Or may be its the other way around? (Am not an expert, but a wild guess).
The SOG-IS Agreed Cryptographic Mechanisms v1.2 (Release Jan 2020, New version is 1.3/Feb-2023) is specified in ARF and it mentions explicitly on EC-DSA. We need experts to comment here on ED-DSA and ARF Requirement 10?
From the ARF 1.3:
Ch 5.1: Req. 10: PID attestation MUST use signature and encryption algorithms in accordance with SOG-IS ACM. Ch 5.2: Req. 11: (Q)EAA SHOULD use signature and encryption algorithms in accordance with SOG-IS ACM.
Or may be its the other way around? (Am not an expert, but a wild guess).
You mean, it is well supported because it is a widely standardized and accepted signature algorithm?
Whatever the reason may be, i think ES256 is the safest bet when it comes to acceptance for the EUDI wallet.
You mean, it is well supported because it is a widely standardized and accepted signature algorithm?
Yep.
One question, what speaks against using both signature schemes?
One question, what speaks against using both signature schemes?
The increased implementation effort for a signature scheme which is not accepted by the ARF
One question, what speaks against using both signature schemes?
Also, if we all use different signatures, interop becomes challenging. So, the proposal is to agree on one, at least within the scope of EWC. ARF strictly used SOG-IS.
Shall be as per https://www.sogis.eu/uk/supporting_doc_en.html
ARF specifies 1.3: https://www.sogis.eu/documents/cc/crypto/SOGIS-Agreed-Cryptographic-Mechanisms-1.3.pdf
@georgepadayatti @ntsbs @andreasabr @endimion Please comment on this. We are facing a bit of an issue with interop as some wallets seems to be picking EdDSA over ES256 (ECDSA) algorithms. Lets use this issue to discuss in case you have an opinion. Mostly its enough we just document it as part of a table similar to how we documented the supported formats.