Hi, COSE people, We want to transport DICE [0] certificate chains in CMWs [1], and for that, we need a media type.
Note that DICE certificate chains differ semantically from standard X.509 certificate chains in that they also represent attestation Evidence [2]. Therefore, using * application/pkcs7-mime; smime-type="certs-only" * application/cose-x509; usage=chain, and * application/pkix-pkipath would provide too coarse typing information, so we'd like to improve this. One way would be to extend the application/cose-x509 "usage" parameter to include the value "dice-chain", i.e., application/cose-x509; usage=dice-chain. Would that be acceptable? If so, what steps need to be taken to register the new parameter value? Do we need a specification, and if so, what kind? Or is a request to the media-types list sufficient? cheers, thanks in advance! [0] https://trustedcomputinggroup.org/wp-content/uploads/DICE-Layering-Architecture-r19_pub.pdf [1] https://datatracker.ietf.org/doc/draft-ietf-rats-msg-wrap/ [2] https://datatracker.ietf.org/doc/rfc9334/ _______________________________________________ COSE mailing list -- [email protected] To unsubscribe send an email to [email protected]
