# Summary
The document draft-ietf-rfc8152bis-algs is an update to CBOR Object Signing and
Encryption (COSE) to addressing outstanding errata, make other clarifications
and fixes. This is part of a set — this for the algorithms, the other
detailing the structure and process — that together obsolete RFC 8152.
This work is a product of the COSE Working Group. The document shepherd is
Matthew Miller, and the responsible Area Director is Benjamin Kaduk.
# Differing Statuses
This -algs document is intended to be published as informational, rather than
as Internet Standard as is its -struct counterpart. This is intentional:
cryptographic algorithms become obsolete over time as improvements in computing
and mathematics can realize vulnerabilities and deficiencies not possible when
first published. Publishing as Information marks the state of consensus at the
time of publication, and allows for the flexibility to deprecate and obsolete
in the future.
# Review and Consensus
This document received wide review from various implementers, including those
used in real-world deployments. There were a number of editorial comments and
some substantive commentary, with consensus to publish.
Additional care during editing and review of this document and
draft-ietf-cose-rfc8152bis-struct were taken to ensure as best as possible that
various (internal) references made in the original RFC 8152 have proper
(external) references. All errata from RFC 8152 that is relevant to the COSE
algorithms has been addressed therein.
# References
The CryptoForum Research Group (CFRG) published algorithm documents as
Informational; the normative references are expected and exist in the Downref
Registry. The only exception is RFC 8439 (ChaCha20/Poly1035), which ought to
be added to the Downref Registry.
The normatively referenced documents from NIST and SECG are the authoritative
description for those algorithms; these "downrefs" are expected.
This document and draft-ietf-cose-rfc8152bis-algs are to be published in
lockstep, and so references here to -struct (and references to this document in
-struct) are expected to be updated as part of publication. The referent to
draft-ietf-cose-hash-sig, which is already in the RFC Editor's queue, is also
expected to be updated as part of publication.
# Intellectual Property
The author, to the best of his knowledge, is unaware of any applicable IPR.
There are no substantive changes compared to RFC 8152, which also has no IPR
notices submitted.