Hi John,
I see CWT as a combination of Kerberos ticket (for the use of symmetric key)
and a certificate format (for the asymmetric key usage) encoded in CBOR.
The claims in the CWT are essentially the attributes you carry in a certificate.
Ciao
Hannes
-Original Message-
From: Ace On
Hi Salvador, Michael,
Regarding your comments on negotiation and out-of-band. We have gotten similar
comments from Klaus Hartke regarding cipher suites and out-of-band. I added
your comments to the open issue on GitHub
https://github.com/EricssonResearch/EDHOC/issues/57
We agree with you
Hi,
We recently submitted
https://tools.ietf.org/html/draft-raza-ace-cbor-certificates-00, which build on
research done by Research Institutes of Sweden, Royal Institute of Technology
in Stockholm, and Nexus:
https://kth.diva-portal.org/smash/get/diva2:1153958/FULLTEXT01.pdf