Follow

Canonical serialization is pretty important for cryptographic message signing. Canonical CBOR is closest to a standard, but its in a pretty bad shape:
- FIDO2 aims to use their own version and not the one defined in the RFC: fidoalliance.org/specs/fido-v2
- A bunch of libraries use different ordering: JS `cbor`/`borc` and Rust `serde_cbor` with only the last one making any claims related to canonicality.

Sign in to participate in the conversation
mas.to

Hello! This is mas.to, a general-purpose, predominantly English-speaking instance. We're enthusiastic about Mastodon, and want to make this instance special. We've settled on a nice, short domain name, keep up-to-date with the latest Mastodon updates and features and want to make an easygoing and fun place to interact with other Mastodon users.