WG Action: Rechartered CBOR Object Signing and Encryption (cose)
The IESG <iesg-secretary@ietf.org> Thu, 09 October 2025 17:34 UTC
Return-Path: <iesg-secretary@ietf.org>
X-Original-To: ietf-announce@ietf.org
Delivered-To: ietf-announce@mail2.ietf.org
Received: from [10.244.8.182] (unknown [4.156.85.76]) by mail2.ietf.org (Postfix) with ESMTP id 3AA60703575B; Thu, 9 Oct 2025 10:34:24 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Subject: WG Action: Rechartered CBOR Object Signing and Encryption (cose)
X-Test-IDTracker: no
X-IETF-IDTracker: 12.50.0
Auto-Submitted: auto-generated
Precedence: bulk
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
Message-ID: <176003126417.306796.11339126291073723368@dt-datatracker-6c6cdf7f94-h6rnn>
Date: Thu, 09 Oct 2025 10:34:24 -0700
Message-ID-Hash: R7VK4KIICP2NMRC2NZLGG4SOSZGSFSCE
X-Message-ID-Hash: R7VK4KIICP2NMRC2NZLGG4SOSZGSFSCE
X-MailFrom: iesg-secretary@ietf.org
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-ietf-announce.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: The IESG <iesg@ietf.org>, cose-chairs@ietf.org, cose@ietf.org
X-Mailman-Version: 3.3.9rc6
List-Id: "IETF announcement list. No discussions." <ietf-announce.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf-announce/rfpSDd2DtH0Ul4P4bX5eQw0GnS8>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf-announce>
List-Help: <mailto:ietf-announce-request@ietf.org?subject=help>
List-Owner: <mailto:ietf-announce-owner@ietf.org>
List-Post: <mailto:ietf-announce@ietf.org>
List-Subscribe: <mailto:ietf-announce-join@ietf.org>
List-Unsubscribe: <mailto:ietf-announce-leave@ietf.org>
The CBOR Object Signing and Encryption (cose) WG in the Security Area of the IETF has been rechartered. For additional information, please contact the Area Directors or the WG Chairs. CBOR Object Signing and Encryption (cose) ----------------------------------------------------------------------- Current status: Active WG Chairs: Ivaylo Petrov <ivaylopetrov@google.com> Michael Jones <michael_b_jones@hotmail.com> Assigned Area Director: Paul Wouters <paul.wouters@aiven.io> Security Area Directors: Paul Wouters <paul.wouters@aiven.io> Deb Cooley <debcooley1@gmail.com> Mailing list: Address: cose@ietf.org To subscribe: https://www.ietf.org/mailman/listinfo/cose Archive: https://mailarchive.ietf.org/arch/browse/cose/ Group page: https://datatracker.ietf.org/group/cose/ Charter: https://datatracker.ietf.org/doc/charter-ietf-cose/ CBOR Object Signing and Encryption (COSE, RFC 9052) describes how to create and process signatures, message authentication codes, and encryption using Concise Binary Object Representation (CBOR, RFC 8949) for serialization. COSE additionally describes a representation for cryptographic keys. The COSE working group handles four types of (intended status Standard Track) documents: 1. Documents that describe the use of cryptographic algorithms in COSE. 2. Documents that describe additional attributes for COSE. 3. Documents that define header parameters to be used in COSE objects. 4. Documents that define COSE key representations. The WG will evaluate, and potentially adopt, documents dealing with algorithms that would fit the criteria of being IETF consensus algorithms. Key management and binding of keys to identities are out of scope for the working group. The COSE WG will not innovate in terms of cryptography. The specification of algorithms in COSE is limited to those in RFCs, active IRTF CFRG or IETF WG documents, or algorithms which have been positively reviewed by the IRTF CFRG. The COSE WG will also work on a CBOR encoding of the certificate profile defined in RFC 5280. It is expected that the encoding works with RFC 7925. The main objective is to define a method of encoding current X.509 certificates that meet a specific profile into a smaller format. This encoding shall be invertible, so they can be expanded and normal X.509 certificate processing can be used. This work is currently happening in draft-ietf-cose-cbor-encoded-cert. Milestones: Jun 2025 - COSE header parameters for RFC 3161-based timestamping into COSE objects to IESG Jun 2025 - COSE header parameters for incorporating “COSE Receipts” into COSE objects to IESG Jul 2025 - COSE header parameters for COSE objects that carry a payload that is an output of a hash function on an original payload to IESG Nov 2025 - A CBOR encoding of the certificate profile to the IESG Jan 2026 - One or more documents describing the proper use of algorithms.