I am unsure if the examples we currently provide for access tokens (in lib.rs and token/mod.rs) are actually valid, as we A: send a symmetric key in a signed (i.e. non-encrypted) COSE structure, and B: do not wrap the key in the cnf claim as specified in RFC 9200, section 5 (which references RFC 8747, section 3.1).
Maybe we need to update these examples in general, however, this might also be a candidate for a separate PR, as it is not strictly related to the COSE stuff we add here.
I am unsure if the examples we currently provide for access tokens (in
lib.rsandtoken/mod.rs) are actually valid, as we A: send a symmetric key in a signed (i.e. non-encrypted) COSE structure, and B: do not wrap the key in thecnfclaim as specified in RFC 9200, section 5 (which references RFC 8747, section 3.1).Maybe we need to update these examples in general, however, this might also be a candidate for a separate PR, as it is not strictly related to the COSE stuff we add here.
_Originally posted by @pulsastrix in https://github.com/namib-project/dcaf-rs/pull/13#discussion_r1703362677_