Hi, Michael. On Fri, 3 Oct 2025 at 18:28, Michael Richardson <[email protected]> wrote: > Thomas Fossati <[email protected]> wrote: > > We want to transport DICE [0] certificate chains in CMWs [1], and for > > that, we need a media type. > > > Note that DICE certificate chains differ semantically from standard > > X.509 certificate chains in that they also represent attestation > > Evidence [2]. Therefore, using > > * application/pkcs7-mime; smime-type="certs-only" > > * application/cose-x509; usage=chain, and > > * application/pkix-pkipath > > would provide too coarse typing information, so we'd like to improve > this. > > > One way would be to extend the application/cose-x509 "usage" parameter > > to include the value "dice-chain", i.e., application/cose-x509; > > usage=dice-chain. > > cose-x509. I was thinking this is from cbor-encoded-cert, but it defines > cose-c509-cert. > And that definition has usage=chain, so was this a typo? NOPE. > cose-x509 is RFC9360... and COSE_X509 is a CBOR sequence of bstr wrapped > DER-encoded PKIX certificates. > I think that this means that there is CBOR definite(?) array of bytes. > > So this becomes a dice-chain. > And after you do CoAP/Content-Format registration, you get an integer for the > CBOR CMW, so any verbosity of the media type is a moot point. > > > Would that be acceptable? If so, what steps need to be taken to > > register the new parameter value? > > Do we need a specification, and if so, what kind? Or is a request to > > the media-types list sufficient? > > I understand that an email to [email protected] with the template is > enough. However, I find that one has to poke the reviewers. > I'm hoping IANA's new DE RT system will get help..
OK, thanks for the tip; I'll forward the request to [email protected] then. cheers, t _______________________________________________ COSE mailing list -- [email protected] To unsubscribe send an email to [email protected]
