Canonical serialization is pretty important for cryptographic message signing. Canonical CBOR is closest to a standard, but its in a pretty bad shape:
- FIDO2 aims to use their own version and not the one defined in the RFC: https://fidoalliance.org/specs/fido-v2.0-id-20180227/fido-client-to-authenticator-protocol-v2.0-id-20180227.html#ctap2-canonical-cbor-encoding-form
- A bunch of libraries use different ordering: JS `cbor`/`borc` and Rust `serde_cbor` with only the last one making any claims related to canonicality.
Hello! This is mas.to, a general-purpose, predominantly English-speaking instance. We're enthusiastic about Mastodon, and want to make this instance special. We've settled on a nice, short domain name, keep up-to-date with the latest Mastodon updates and features and want to make an easygoing and fun place to interact with other Mastodon users.