Can COSE_Sign structure be used for DGC?

[dajiaji]

This may be a bit of a minor point, but I would like to point it out because it bothered me when I read this specification.

This specification does not explicitly specify the structure of COSE. Specifically, it assumes that the COSE_Sign1 (CBORTag=18) structure can be used, but it is unclear whether COSE_Sign(CBORTag=98) can be used.

In my opinion, it would be better to add a description limiting to COSE_Sign1 for the sake of interoperability. Alternatively, if it is possible to use both structures, I think that should also be explicitly written.

[jschlyter]

Since a HCERT is a CWT, we seek answers in RFC 8392 which states that both Sign and Sign1 are allowed.

I'm not sure if anyone has submitted test vectors with Sign (tag=98) to the test repository, but that would probably be a good idea. @martin-lindstrom or @dirkx may know more.

[dajiaji]

Thanks for your quick answer.

Of course, I know that the CWT specification allows for the use of both structures.

I'm not sure if anyone has submitted test vectors with Sign (tag=98) to the test repository, but that would probably be a good idea.

This is exactly what I was talking about, and since I can't find COSE_Sign in the test vectors, and I don't feel the need to use COSE_Sign, I thought one idea would be to explicitly specify that only COSE_Sign1 can be acceptable.

I think it is up to the user (HCERT) to decide which COSE structure to adopt.

Anyway, if both structures are acceptable as you said, I think test vectors for COSE_Sign should be added.