x5t hashAlg as a name or just a value

[BrianSipos]

The current COSE X509 spec defines the x5t algorithm identifier as:

corresponding to either the Value (integer) or Name (string) column of the algorithm registered in the "COSE Algorithms" registry

I think that this definition has a misunderstanding of the form of the IANA registry. The registry "Value" column can either be an int or a tstr but none of the current items in the registry happen to have a tstr value. Notice the "Range" table above the item table.

My interpretation agrees with the tooling that I've had some experience with; the "Name" column of the IANA tables is informational only, it may be part of diagnostic display but it is never compared to encoded values.

If this is the case, then the COSE X509 text should read:

corresponding to the Value column (integer or text string) of the algorithm registered in the "COSE Algorithms" registry

[cabo]

From the horse's (RFC 8152) mouth:

   Name:  A value that can be used to identify an algorithm in documents
      for easier comprehension.  The name SHOULD be unique.  However,
      the 'Value' field is what is used to identify the algorithm, not
      the 'name' field.

   Value:  The value to be used to identify this algorithm.  Algorithm
      values MUST be unique.  The value can be a positive integer, a
      negative integer, or a string.  Integer values between -256 and
      255 and strings of length 1 are designated as "Standards Action".
      Integer values from -65536 to 65535 and strings of length 2 are
      designated as "Specification Required".  Integer values greater
      than 65535 and strings of length greater than 2 are designated as
      "Expert Review".  Integer values less than -65536 are marked as
      private use.

So there should be no mention of "Name" when it comes to data on the wire.

[paulwouters]

So it seems this change should still be applied to draft-ietf-cose-x509-08 ? Can one of the WG chairs do this ?

[ivajloip]

Fixed with commit 4228b19.