Extend the syntax to allow PEN for all OBJECT IDENTIFIER fields. - Githubissues

cose-wg / CBOR-certificates

Other

11 stars 7 forks source link

Extend the syntax to allow PEN for all OBJECT IDENTIFIER fields. #184

Closed xipki closed 5 months ago

xipki commented 7 months ago

Please extend the syntax of the following cases to allow pen besides ~oid:

AlgorithmIdentifier
PolicyMappings: .issuerDomainPolicy and .subjectDomainPolicy
AccessDescription: .accessMethod
PolicyIdentifier
PolicyQualifierInfo: . policyQualifierId
Attributes: .attributeType
Value of the extension id-on-hardwareModuleName
Value of the extension id-otherName
Value of the extension registeredID

For simplicity, we need to define a new type XXX:

XXX = ~oid / pen

And taking Attribute as example:

    Attribute = ( attributeType: int, attributeValue: text ) //
                ( attributeType: ~oid, attributeValue: bytes ) //
                ( attributeType: pen, attributeValue: bytes )

is simplified to

    Attribute = ( attributeType: int, attributeValue: text ) //
                ( attributeType: XXX, attributeValue: bytes )

xipki commented 7 months ago

Related to the PolicyMappings,

      PolicyMappings = [
        + (issuerDomainPolicy: ~oid, subjectDomainPolicy: ~oid)
      ]

The issuerDomainPolicyand subjectDomainPolicy need also to be extended to allow the uinttype, as follows:

      PolicyMappings = [
        + (issuerDomainPolicy: uint/~oid/pen, subjectDomainPolicy: uint/~oid/pen)
      ]

gselander commented 5 months ago

Since we removed the 'pen' case, we close this issue.