Search RFCs
RFC 8812
CBOR Object Signing and Encryption (COSE) and JSON Object Signing and Encryption (JOSE) Registrations for Web Authentication (WebAuthn) Algorithms,August 2020
- File formats:
- Also available:XML file for editing
- Status:
- PROPOSED STANDARD
- Author:
- M. Jones
- Stream:
- IETF
- Source:
- cose (sec)
Cite this RFC:TXT | XML | BibTeX
DOI: https://doi.org/10.17487/RFC8812
Discuss this RFC: Send questions or comments to the mailing listcose@ietf.org
Other actions:Submit Errata | Find IPR Disclosures from the IETF | View History of RFC 8812
Abstract
The W3C Web Authentication (WebAuthn) specification and the FIDOAlliance FIDO2 Client to Authenticator Protocol (CTAP) specificationuse CBOR Object Signing and Encryption (COSE) algorithm identifiers. This specification registers the following algorithms (which are usedby WebAuthn and CTAP implementations) in the IANA "COSE Algorithms"registry: RSASSA-PKCS1-v1_5 using SHA-256, SHA-384, SHA-512, andSHA-1; and Elliptic Curve Digital Signature Algorithm (ECDSA) usingthe secp256k1 curve and SHA-256. It registers the secp256k1 ellipticcurve in the IANA "COSE Elliptic Curves" registry. Also, for usewith JSON Object Signing and Encryption (JOSE), it registers thealgorithm ECDSA using the secp256k1 curve and SHA-256 in the IANA"JSON Web Signature and Encryption Algorithms" registry and thesecp256k1 elliptic curve in the IANA "JSON Web Key Elliptic Curve"registry.
For the definition ofStatus,seeRFC 2026.
For the definition ofStream, seeRFC 8729.