►
From YouTube: COSE WG Interim Meeting, 2021-04-14
Description
COSE WG Interim Meeting, 2021-04-14
A
A
A
B
A
A
A
A
A
D
A
A
C
A
E
I
finished
the
shepard
report.
I
posted
those
questions
to
the
mailing
list
about
updates
about
what
it
should
formally
update
and
we
had
the
conversation
and
I
guess
I
was
expecting
russell
housley-
would
add
to
the
updates
list,
but
regardless,
I
think,
there's
con.
I
think
there's
mostly
consensus
that
it
should
update
both
the
new
document,
the
the
50
81
52
bit
struct
and
80
rfc
8152.
A
A
C
No,
I
I,
after
the
last
meeting
I
tried
to
update
my
my
pull
request,
based
on
all
the
discussion
and
agreement
during
the
meeting
then
I
saw
after
I
did
that
there
was
some
comment
from
lawrence
and
michael
richardson.
But
after
that
I
went
on
vacation
for
a
couple
of
weeks.
I
have
not
really
been
following
the
discussion,
but
I
saw
that
ben
also
got
involved,
but.
C
A
A
B
A
A
A
A
A
C
C
C
So
this
is
a
continuous
listing
of
the
issues.
I
don't
think
we
have
it.
So
this
is
the
continued
discussion
on
whether
the
seaboard
certificate
should
be
a
simple
sequence
or
a
data
item,
and
I
don't
think
there's
has
been
very
much
more
more
input
when
we
discussed
this
last
kersten
commented
that
it
was
better
to
fix
the
tools
than
to
fix
the
fix
change.
The
draft
and
there's
been
some
comments
from
lawrence
that
he
thought
the
sequences
were
problematic
with
some
tools.
C
C
C
We
have
not
had
time
to
specify
any
csr
format.
There
is
another
draft
that
specifies
a
csr
format
that
I
think
the
previous
discussion
showed
that
that
format
was
very,
not
general
enough
and
does
not
align
with
the
zebra
certificate
draft
or
c509
certificate
draft
or
whatever
we
will
end
up
calling
it.
C
C
E
So
I
think
that
so
we
wound
up
with
two
versions
of
it.
One
is
that
we
prepend
a
cbor
sequence-
that's
basically
probably
12
bytes.
Unless
you
do
it
wrong,
and
that
has
the
advantage
that
you
you
can
trivially
remove
those
12
bytes,
you
don't
have
to
transmit
them
over
the
over
the
wire
in
your
protocol,
so
they
don't
have
any
overhead
impact.
E
The
other
way
is
that
you
put
a
tag
on
that
or
two
tags.
If
you
prefer
and
and
then
you
have
the
decision
as
to
whether
you
are
smart
enough
to
remove
that
tag
before
you
send
it
or
whether
you
wind
up
using
up
bytes
for
the
tag
that
you
probably
don't
need,
because
it's
probably
in
a
I
don't
know
a
cozy
header
or
something
that's
already
told
you
what
it
is.
E
So
I
reckon
that's
why
I
preferred
the
seabor
sequence
mechanism,
because
it
means
that
when
you
put
it
on
disk,
it
very
clearly
says
what
it
is.
I
think
that
yes,
we
want.
We
want
a
different
tag
for
csrs
and
we
probably
if
we
have
a
private
key
format,
which
I
think
we
might
want
to
have
that
we
we
should
tag
that
as
well.
C
F
A
C
Then
so
issue
84
should
attack
be
defined.
This
was
raised
by
lawrence,
and
this
has
been
added
already
to
the
to
a
recent
version
of
the
draft
or
recent
submitted
several
months
ago
and
the
the
tag
use.
The
tag
is
for
a
chain,
so
the
draft
now
defines
a
specific
tag.
That
is
a
c
509
chain,
and
the
structure
of
this
is
co
c
c
c5,
and
this
is
the
same
structure
that
is
suggested
to
be
used
for
the
c5
bag
and
c5
chain,
and
also
for
the
c5.
C
C
C
L
and
we
have
not
made
nobody-
has
made
any
concrete
suggestion
for
a
more
general
cbor
crl
format
aligning
with
the
c509
draft,
but
it
is.
We
will
definitely
do
that
at
some
point
in
time.
I
think
there
was
agreement
in
the
group
that
a
crl
general
serial
format
aligning
with
this
route
would
be
very
useful.
C
C
B
C
C
E
Csrs
are
interesting
and
there's
some
discussion
this
week
from
elliott
about
some
desire
to
change
the
csr
attributes,
requests
and
that's
actually
a
place
where
what
we
have
in
the
asn1
is
is
is
disastrously
bad
even
for
asn1
space
where
we
made.
This
is
a
place
where
moving
to
a
seabor
certificate
kind
of
space
may
be
more
sense
to
just
just
we're.
Not
no
longer
compressing
is
what
I'm
saying
but
doing
something
new,
because
it
looks
pretty
green
field-ish
to
me.
C
E
C
C
I
don't
know
if
this
has
been
discussed
on
the
on
the
list
in
recently
or
not,
but
did
the
working
group
have
any
comments
on
this?
Is
this
something
that
we
should
support?
That
would
be
right
now
we
have
type
zero
and
one
which
one
of
them
are
signed
over
there
and
the
other
is
signed
over
c
board.
This
would
be
them
another
type
which
is
signed
over
provide
signature
over.
F
F
B
B
B
C
Yes,
one
one
point
could
be
that
csr
is
needed
to
deploy
this
at
all,
or
at
least
that
was,
I
think,
the
comment
from
lawrence,
while
maybe
some
deployments
don't
use,
revocation,
even
if
they
maybe
should
so,
you
could
apply,
deploy
c509
certificates
without
revocation
or
use
some
proprietary
revocation
mechanisms,
which
is
quite
common.
In,
for
example,
I
think
most
browsers
use
some
some
partly
proprietary
revocation
mechanisms.
F
C
Recommend
proprietor
mechanism-
I
think
I
think
the
important
I
think
all
of
these
it
would
be
good
if
cbor
encoding
for
all
of
this
would
be
done.
I
think
the
important
thing
is
to
decide
what
what
is
most
urgent.
What
should
we
spend
our
time
on
the
next
year
to
try
to
specify
and
what
can
wait
another
year.