Closed tplooker closed 2 years ago
Here is a good example to copy from:
https://datatracker.ietf.org/doc/html/rfc8812
I would just do this in the current spec.
The sooner these are registered with IANA, the sooner we can all be using this suite with confidence.
I think its a huge mistake to build on this suite without doing this work...because you may find that your signature or key representations change out under you, and your interoperability is destroyed because you have no name for their former and newer serializations.
As long as it doesn't lock implementors into only using JOSE/COSE
Of course not, just defines how the scheme can be used in those data representations
Its worth noting that the current standard JOSE and COSE forms do not support the style of cryptographic representation required by a protocol like BBS Signatures. However JWP is likely to define one that will, so the ability to register suitable algorithms in the IANA registry, in this draft, will likely be dependent on that drafts completion, alternatively another internet draft could be written after this to define the registration.
Based on the perspective shared above I'm proposing we close this issue on the grounds that it is out of scope for the current drafts to make IANA registrations for specific data representation forms like JOSE and COSE, marking as pending-close on that basis.
@tplooker I mostly care about the OKP
, crv
, alg
side of these registrations.... Are they going to be handled in a different IETF spec? if so, can we link to something before closing this, so future searchers know where to join in / help ?
w.r.t BLS12-381 key representation this draft is where the definitions for JOSE and COSE iana registrations are mastered.
w.r.t to the algorithmic registration for BBS in JWP (an extension of JOSE) refer to here. No current extension draft for usage of BBS in COSE exists yet.
@OR13 does that help?
As raised by @OR13 on a recent PR review we should consider the scope to register the relevant JOSE and COSE algs with the IANA registry as a part of the core draft.