You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: index.bs
+11-11Lines changed: 11 additions & 11 deletions
Original file line number
Diff line number
Diff line change
@@ -3488,10 +3488,10 @@ optionally evidence of [=user consent=] to a specific transaction.
3488
3488
The following {{COSEAlgorithmIdentifier}} values are NOT RECOMMENDED
3489
3489
in {{PublicKeyCredentialCreationOptions/pubKeyCredParams}}:
3490
3490
3491
-
* -9 (ESP256); use ES256 (-7) instead or in addition.
3492
-
* -51 (ESP384); use ES384 (-35) instead or in addition.
3493
-
* -52 (ESP512); use ES512 (-36) instead or in addition.
3494
-
* -19 (Ed25519); use EdDSA (-8) instead or in addition.
3491
+
* -9 (ESP256); use -7 (ES256) instead or in addition.
3492
+
* -51 (ESP384); use -35 (ES384) instead or in addition.
3493
+
* -52 (ESP512); use -36 (ES512) instead or in addition.
3494
+
* -19 (Ed25519); use -8 (EdDSA) instead or in addition.
3495
3495
3496
3496
Note: Within WebAuthn, the values -9 (ESP256), -51 (ESP384), -52 (ESP512) and -19 (Ed25519)
3497
3497
represent the same thing respectively as -7 (ES256), -35 (ES384), -36 (ES512) and -8 (EdDSA)
@@ -4341,13 +4341,13 @@ Note: The {{AuthenticatorTransport}} enumeration is deliberately not referenced,
4341
4341
for instance, <code>-7</code> for "ES256" and <code>-257</code> for "RS256".
4342
4342
4343
4343
The COSE algorithms registry leaves degrees of freedom to be specified by other parameters in a [=COSE key=]. In order to promote interoperability, this specification makes the following additional guarantees of [=credential public keys=]:
4344
-
1. Keys with algorithm ES256 (-7) MUST specify P-256 (1) as the [=crv=] parameter and MUST NOT use the compressed point form.
4345
-
1. Keys with algorithm ESP256 (-9) MUST NOT use the compressed point form.
4346
-
1. Keys with algorithm ES384 (-35) MUST specify P-384 (2) as the [=crv=] parameter and MUST NOT use the compressed point form.
4347
-
1. Keys with algorithm ESP384 (-51) MUST NOT use the compressed point form.
4348
-
1. Keys with algorithm ES512 (-36) MUST specify P-521 (3) as the [=crv=] parameter and MUST NOT use the compressed point form.
4349
-
1. Keys with algorithm ESP512 (-52) MUST NOT use the compressed point form.
4350
-
1. Keys with algorithm EdDSA (-8) MUST specify Ed25519 (6) as the [=crv=] parameter. (These always use a compressed form in COSE.)
4344
+
1. Keys with algorithm -7 (ES256) MUST specify 1 (P-256) as the [=crv=] parameter and MUST NOT use the compressed point form.
4345
+
1. Keys with algorithm -9 (ESP256) MUST NOT use the compressed point form.
4346
+
1. Keys with algorithm -35 (ES384) MUST specify 2 (P-384) as the [=crv=] parameter and MUST NOT use the compressed point form.
4347
+
1. Keys with algorithm -51 (ESP384) MUST NOT use the compressed point form.
4348
+
1. Keys with algorithm -36 (ES512) MUST specify 3 (P-521) as the [=crv=] parameter and MUST NOT use the compressed point form.
4349
+
1. Keys with algorithm -52 (ESP512) MUST NOT use the compressed point form.
4350
+
1. Keys with algorithm -8 (EdDSA) MUST specify 6 (Ed25519) as the [=crv=] parameter. (These always use a compressed form in COSE.)
4351
4351
4352
4352
These restrictions align with the recommendation in [=Section 2.1=] of [[!RFC9053]].
0 commit comments