Re: WG Review: CBOR Object Signing and Encryption (cose)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Andrew Newton wrote:
> Fair enough, however basing further IETF work on it may not be wrong but
> does not seem right either. 

CBOR is getting a lot of traction in the constrained node networking
space (the low-resource part of the "Internet of Things"), which is not
surprising as it was designed for hat.
Not basing further IETF work on CBOR would ensure the IETF loses impact
there, and would accomplish what?

> I also noticed that the active draft for this effort has a normative
> dependency on CDDL.

How best to write up the spec is indeed an interesting issue.

For now, CDDL is a good way to discuss the draft, much better than
lobbing around large quantities of ambiguous English prose.
But then, CDDL is still being tweaked, and it is not clear that the IETF
wants to give this language a role similar to the one ABNF has for text,
or (even if that is at some point accepted as a reasonable thing to do)
would want to reach a decision on something like this before COSE is done.

So, once the remaining decisions have been taken, the CDDL snippets will
probably move to an appendix, and will be replaced in their normative
role by gobs of ambiguous English prose.  With any luck, we may be able
to generate that automatically from the CDDL (just as we are already
checking the examples automatically against the CDDL).

(Kudos, by the way, for the concepts the CDDL authors could steal from
JCR; what a great source of inspiration.)

Grüße, Carsten





[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]