<?xml version='1.0' encoding='utf-8'?>
<rfc xmlns:xi="http://www.w3.org/2001/XInclude" version="3" ipr="trust200902" docName="draft-ietf-cose-hash-envelope-10" category="std" consensus="true" submissionType="IETF" xml:lang="en" number="9995" tocInclude="true" sortRefs="true" symRefs="true" prepTime="2026-07-14T03:21:41" indexInclude="true" scripts="Common,Latin" tocDepth="3">
  <link href="https://dx.doi.org/10.17487/rfc9995" rel="alternate"/>
  <link href="urn:issn:2070-1721" rel="alternate"/>
  <link href="https://datatracker.ietf.org/doc/draft-ietf-cose-hash-envelope-latest" rel="prev"/>
  <front>
    <title abbrev="COSE Hash Envelope">CBOR Object Signing and Encryption (COSE) Hash Envelope</title>
    <seriesInfo name="RFC" value="9995" stream="IETF"/>
    <author initials="O." surname="Steele" fullname="Orie Steele">
      <organization showOnFrontPage="true"/>
      <address>
        <email>orie@or13.io</email>
      </address>
    </author>
    <author initials="S." surname="Lasker" fullname="Steve Lasker">
      <organization showOnFrontPage="true"/>
      <address>
        <email>stevenlasker@hotmail.com</email>
      </address>
    </author>
    <author initials="H." surname="Birkholz" fullname="Henk Birkholz">
      <organization abbrev="Fraunhofer SIT" showOnFrontPage="true">Fraunhofer SIT</organization>
      <address>
        <postal>
          <street>Rheinstrasse 75</street>
          <city>Darmstadt</city>
          <code>64295</code>
          <country>Germany</country>
        </postal>
        <email>henk.birkholz@ietf.contact</email>
      </address>
    </author>
    <date month="07" year="2026"/>
    <area>sec</area>
    <workgroup>cose</workgroup>
    <abstract pn="section-abstract">
      <t indent="0" pn="section-abstract-1">This document defines new CBOR Object Signing and Encryption (COSE) header parameters for signaling a payload as an output of a hash function.
This mechanism enables faster validation, as access to the original payload is not required for signature validation.
Additionally, hints of the hashed payload's content format and availability are defined, providing references to optional discovery mechanisms that can help to find the original payload content.</t>
    </abstract>
    <boilerplate>
      <section anchor="status-of-memo" numbered="false" removeInRFC="false" toc="exclude" pn="section-boilerplate.1">
        <name slugifiedName="name-status-of-this-memo">Status of This Memo</name>
        <t indent="0" pn="section-boilerplate.1-1">
            This is an Internet Standards Track document.
        </t>
        <t indent="0" pn="section-boilerplate.1-2">
            This document is a product of the Internet Engineering Task Force
            (IETF).  It represents the consensus of the IETF community.  It has
            received public review and has been approved for publication by
            the Internet Engineering Steering Group (IESG).  Further
            information on Internet Standards is available in Section 2 of 
            RFC 7841.
        </t>
        <t indent="0" pn="section-boilerplate.1-3">
            Information about the current status of this document, any
            errata, and how to provide feedback on it may be obtained at
            <eref target="https://www.rfc-editor.org/info/rfc9995" brackets="none"/>.
        </t>
      </section>
      <section anchor="copyright" numbered="false" removeInRFC="false" toc="exclude" pn="section-boilerplate.2">
        <name slugifiedName="name-copyright-notice">Copyright Notice</name>
        <t indent="0" pn="section-boilerplate.2-1">
            Copyright (c) 2026 IETF Trust and the persons identified as the
            document authors. All rights reserved.
        </t>
        <t indent="0" pn="section-boilerplate.2-2">
            This document is subject to BCP 78 and the IETF Trust's Legal
            Provisions Relating to IETF Documents
            (<eref target="https://trustee.ietf.org/license-info" brackets="none"/>) in effect on the date of
            publication of this document. Please review these documents
            carefully, as they describe your rights and restrictions with
            respect to this document. Code Components extracted from this
            document must include Revised BSD License text as described in
            Section 4.e of the Trust Legal Provisions and are provided without
            warranty as described in the Revised BSD License.
        </t>
      </section>
    </boilerplate>
    <toc>
      <section anchor="toc" numbered="false" removeInRFC="false" toc="exclude" pn="section-toc.1">
        <name slugifiedName="name-table-of-contents">Table of Contents</name>
        <ul bare="true" empty="true" indent="2" spacing="compact" pn="section-toc.1-1">
          <li pn="section-toc.1-1.1">
            <t indent="0" keepWithNext="true" pn="section-toc.1-1.1.1"><xref derivedContent="1" format="counter" sectionFormat="of" target="section-1"/>.  <xref derivedContent="" format="title" sectionFormat="of" target="name-introduction">Introduction</xref></t>
          </li>
          <li pn="section-toc.1-1.2">
            <t indent="0" keepWithNext="true" pn="section-toc.1-1.2.1"><xref derivedContent="2" format="counter" sectionFormat="of" target="section-2"/>.  <xref derivedContent="" format="title" sectionFormat="of" target="name-terminology">Terminology</xref></t>
          </li>
          <li pn="section-toc.1-1.3">
            <t indent="0" keepWithNext="true" pn="section-toc.1-1.3.1"><xref derivedContent="3" format="counter" sectionFormat="of" target="section-3"/>.  <xref derivedContent="" format="title" sectionFormat="of" target="name-header-parameters">Header Parameters</xref></t>
          </li>
          <li pn="section-toc.1-1.4">
            <t indent="0" pn="section-toc.1-1.4.1"><xref derivedContent="4" format="counter" sectionFormat="of" target="section-4"/>.  <xref derivedContent="" format="title" sectionFormat="of" target="name-hash-envelope-cddl">Hash Envelope CDDL</xref></t>
            <ul bare="true" empty="true" indent="2" spacing="compact" pn="section-toc.1-1.4.2">
              <li pn="section-toc.1-1.4.2.1">
                <t indent="0" pn="section-toc.1-1.4.2.1.1"><xref derivedContent="4.1" format="counter" sectionFormat="of" target="section-4.1"/>.  <xref derivedContent="" format="title" sectionFormat="of" target="name-envelope-extended-diagnosti">Envelope Extended Diagnostic Notation</xref></t>
              </li>
            </ul>
          </li>
          <li pn="section-toc.1-1.5">
            <t indent="0" pn="section-toc.1-1.5.1"><xref derivedContent="5" format="counter" sectionFormat="of" target="section-5"/>.  <xref derivedContent="" format="title" sectionFormat="of" target="name-security-considerations">Security Considerations</xref></t>
            <ul bare="true" empty="true" indent="2" spacing="compact" pn="section-toc.1-1.5.2">
              <li pn="section-toc.1-1.5.2.1">
                <t indent="0" pn="section-toc.1-1.5.2.1.1"><xref derivedContent="5.1" format="counter" sectionFormat="of" target="section-5.1"/>.  <xref derivedContent="" format="title" sectionFormat="of" target="name-choice-of-hash-function">Choice of Hash Function</xref></t>
              </li>
              <li pn="section-toc.1-1.5.2.2">
                <t indent="0" pn="section-toc.1-1.5.2.2.1"><xref derivedContent="5.2" format="counter" sectionFormat="of" target="section-5.2"/>.  <xref derivedContent="" format="title" sectionFormat="of" target="name-cose_encrypt">COSE_Encrypt</xref></t>
              </li>
              <li pn="section-toc.1-1.5.2.3">
                <t indent="0" pn="section-toc.1-1.5.2.3.1"><xref derivedContent="5.3" format="counter" sectionFormat="of" target="section-5.3"/>.  <xref derivedContent="" format="title" sectionFormat="of" target="name-payload-verification">Payload Verification</xref></t>
              </li>
            </ul>
          </li>
          <li pn="section-toc.1-1.6">
            <t indent="0" pn="section-toc.1-1.6.1"><xref derivedContent="6" format="counter" sectionFormat="of" target="section-6"/>.  <xref derivedContent="" format="title" sectionFormat="of" target="name-iana-considerations">IANA Considerations</xref></t>
            <ul bare="true" empty="true" indent="2" spacing="compact" pn="section-toc.1-1.6.2">
              <li pn="section-toc.1-1.6.2.1">
                <t indent="0" pn="section-toc.1-1.6.2.1.1"><xref derivedContent="6.1" format="counter" sectionFormat="of" target="section-6.1"/>.  <xref derivedContent="" format="title" sectionFormat="of" target="name-cose-header-parameters">COSE Header Parameters</xref></t>
              </li>
            </ul>
          </li>
          <li pn="section-toc.1-1.7">
            <t indent="0" pn="section-toc.1-1.7.1"><xref derivedContent="7" format="counter" sectionFormat="of" target="section-7"/>.  <xref derivedContent="" format="title" sectionFormat="of" target="name-references">References</xref></t>
            <ul bare="true" empty="true" indent="2" spacing="compact" pn="section-toc.1-1.7.2">
              <li pn="section-toc.1-1.7.2.1">
                <t indent="0" pn="section-toc.1-1.7.2.1.1"><xref derivedContent="7.1" format="counter" sectionFormat="of" target="section-7.1"/>.  <xref derivedContent="" format="title" sectionFormat="of" target="name-normative-references">Normative References</xref></t>
              </li>
              <li pn="section-toc.1-1.7.2.2">
                <t indent="0" pn="section-toc.1-1.7.2.2.1"><xref derivedContent="7.2" format="counter" sectionFormat="of" target="section-7.2"/>.  <xref derivedContent="" format="title" sectionFormat="of" target="name-informative-references">Informative References</xref></t>
              </li>
            </ul>
          </li>
          <li pn="section-toc.1-1.8">
            <t indent="0" pn="section-toc.1-1.8.1"><xref derivedContent="" format="none" sectionFormat="of" target="section-appendix.a"/><xref derivedContent="" format="title" sectionFormat="of" target="name-acknowledgments">Acknowledgments</xref></t>
          </li>
          <li pn="section-toc.1-1.9">
            <t indent="0" pn="section-toc.1-1.9.1"><xref derivedContent="" format="none" sectionFormat="of" target="section-appendix.b"/><xref derivedContent="" format="title" sectionFormat="of" target="name-authors-addresses">Authors' Addresses</xref></t>
          </li>
        </ul>
      </section>
    </toc>
  </front>
  <middle>
    <section anchor="introduction" numbered="true" removeInRFC="false" toc="include" pn="section-1">
      <name slugifiedName="name-introduction">Introduction</name>
      <t indent="0" pn="section-1-1"><xref section="2" sectionFormat="of" target="RFC9052" format="default" derivedLink="https://rfc-editor.org/rfc/rfc9052#section-2" derivedContent="RFC9052"/> defines detached payloads for COSE, using <tt>nil</tt> as the payload.
In order to verify a COSE_Sign or a COSE_Mac, the recipient requires access to the payload content.
Hashes are already used on a regular basis as identifiers for payload data, such as documents or software components.
As hashes typically are smaller than the payload data they represent, they are simpler to transport.
Additional hints in the protected header ensure cryptographic agility for the hashing and signing algorithms.
Hashes and other identifiers are commonly used as hints to discover and distinguish resources.
Using a hash as an identifier for a resource has the advantage of enabling integrity checking.</t>
      <t indent="0" pn="section-1-2">In some applications, such as remote signing procedures, conveyance of hashes instead of original payload content reduces transmission time and costs.</t>
    </section>
    <section anchor="terminology" numbered="true" removeInRFC="false" toc="include" pn="section-2">
      <name slugifiedName="name-terminology">Terminology</name>
      <t indent="0" pn="section-2-1">The key words "<bcp14>MUST</bcp14>", "<bcp14>MUST NOT</bcp14>", "<bcp14>REQUIRED</bcp14>", "<bcp14>SHALL</bcp14>", "<bcp14>SHALL NOT</bcp14>", "<bcp14>SHOULD</bcp14>", "<bcp14>SHOULD NOT</bcp14>", "<bcp14>RECOMMENDED</bcp14>", "<bcp14>NOT RECOMMENDED</bcp14>",
"<bcp14>MAY</bcp14>", and "<bcp14>OPTIONAL</bcp14>" in this document are to be interpreted as
described in BCP 14 <xref target="RFC2119" format="default" sectionFormat="of" derivedContent="RFC2119"/> <xref target="RFC8174" format="default" sectionFormat="of" derivedContent="RFC8174"/> when, and only when, they
appear in all capitals, as shown here.</t>
      <t indent="0" pn="section-2-2">The terms "COSE" and "CDDL" are defined in <xref target="RFC9052" format="default" sectionFormat="of" derivedContent="RFC9052"/> and <xref target="RFC8610" format="default" sectionFormat="of" derivedContent="RFC8610"/>, respectively.
The term "payload" is defined in <xref section="4.1" sectionFormat="of" target="RFC9052" format="default" derivedLink="https://rfc-editor.org/rfc/rfc9052#section-4.1" derivedContent="RFC9052"/> for COSE_Sign and in <xref section="6.1" sectionFormat="of" target="RFC9052" format="default" derivedLink="https://rfc-editor.org/rfc/rfc9052#section-6.1" derivedContent="RFC9052"/> for COSE_Mac.
The term "preimage" refers to the set of input values to a function that produce a given output, called the "image".
A hash function applied to a message (preimage) produces a digest value (image).</t>
    </section>
    <section anchor="param-spec" numbered="true" removeInRFC="false" toc="include" pn="section-3">
      <name slugifiedName="name-header-parameters">Header Parameters</name>
      <t indent="0" pn="section-3-1">This document specifies the following new header parameters commonly used alongside hashes to identify resources:</t>
      <dl indent="3" newline="false" spacing="normal" pn="section-3-2">
        <dt pn="section-3-2.1">258:</dt>
        <dd pn="section-3-2.2">
          <t indent="0" pn="section-3-2.2.1">The hash algorithm used to produce the payload.</t>
        </dd>
        <dt pn="section-3-2.3">259:</dt>
        <dd pn="section-3-2.4">
          <t indent="0" pn="section-3-2.4.1">The content type of the bytes that were hashed (preimage) to produce the payload, given as a content-format number (<xref section="12.3" sectionFormat="of" target="RFC7252" format="default" derivedLink="https://rfc-editor.org/rfc/rfc7252#section-12.3" derivedContent="RFC7252"/>) or as a media-type name optionally with parameters (<xref section="8.3" sectionFormat="of" target="RFC9110" format="default" derivedLink="https://rfc-editor.org/rfc/rfc9110#section-8.3" derivedContent="RFC9110"/>).</t>
        </dd>
        <dt pn="section-3-2.5">260:</dt>
        <dd pn="section-3-2.6">
          <t indent="0" pn="section-3-2.6.1">An identifier enabling retrieval of the original resource (preimage) identified by the payload.</t>
        </dd>
      </dl>
    </section>
    <section anchor="hash-envelope-cddl" numbered="true" removeInRFC="false" toc="include" pn="section-4">
      <name slugifiedName="name-hash-envelope-cddl">Hash Envelope CDDL</name>
      <sourcecode type="cddl" markers="true" pn="section-4-1">
Hash_Envelope = #6.18(Hash_Envelope_as_COSE_Sign1)

Hash_Envelope_as_COSE_Sign1 = [
    protected: bstr .cbor Hash_Envelope_Protected_Header,
    unprotected: Hash_Envelope_Unprotected_Header,
    payload: bstr / nil,
    signature: bstr
]

Hash_Envelope_Protected_Header = {
    ? &amp;(alg: 1) =&gt; int,
    &amp;(payload_hash_alg: 258) =&gt; int,
    ? &amp;(payload_preimage_content_type: 259) =&gt; uint / tstr,
    ? &amp;(payload_location: 260) =&gt; tstr,
    * (int / tstr) =&gt; any
}

Hash_Envelope_Unprotected_Header = {
    * (int / tstr) =&gt; any
}
</sourcecode>
      <ul spacing="normal" bare="false" empty="false" indent="3" pn="section-4-2">
        <li pn="section-4-2.1">
          <t indent="0" pn="section-4-2.1.1">Label <tt>1</tt> (alg) is the cryptographic algorithm to use.</t>
        </li>
        <li pn="section-4-2.2">
          <t indent="0" pn="section-4-2.2.1">Label <tt>258</tt> (payload_hash_alg) <bcp14>MUST</bcp14> be present in the protected header and <bcp14>MUST NOT</bcp14> be present in the unprotected header.</t>
        </li>
        <li pn="section-4-2.3">
          <t indent="0" pn="section-4-2.3.1">Label <tt>259</tt> (payload_preimage_content_type) <bcp14>MAY</bcp14> be present in the protected header and <bcp14>MUST NOT</bcp14> be present in the unprotected header.</t>
        </li>
        <li pn="section-4-2.4">
          <t indent="0" pn="section-4-2.4.1">Label <tt>260</tt> (payload_location) <bcp14>MAY</bcp14> be present in the protected header and <bcp14>MUST NOT</bcp14> be present in the unprotected header.</t>
        </li>
        <li pn="section-4-2.5">
          <t indent="0" pn="section-4-2.5.1">Label <tt>3</tt> (content_type) <bcp14>MUST NOT</bcp14> be present in the protected or unprotected headers.</t>
        </li>
      </ul>
      <t indent="0" pn="section-4-3">Label <tt>3</tt> (content_type) is easily confused with Label <tt>259</tt> (payload_preimage_content_type).
The difference between content_type (3) and payload_preimage_content_type (259) is that content_type is used to identify the content format associated with payload, whereas payload_preimage_content_type is used to identify the content format of the bytes that are hashed to produce the payload.</t>
      <t indent="0" pn="section-4-4">Output from hash algorithms is generally small; thus, the payload is typically expected to be inline.
But it can also be detached, as in any other COSE message <xref target="RFC9052" format="default" sectionFormat="of" derivedContent="RFC9052"/>.</t>
      <t indent="0" pn="section-4-5">For example, when the actual content is a byte string (bstr), a verifier appraising the payload has to decide whether that bstr represents the digest bytes or the preimage bytes. Setting payload_preimage_content_type to bstr makes clear that the preimage bytes themselves were a bstr.</t>
      <section anchor="envelope-extended-diagnostic-notation" numbered="true" removeInRFC="false" toc="include" pn="section-4.1">
        <name slugifiedName="name-envelope-extended-diagnosti">Envelope Extended Diagnostic Notation</name>
        <t indent="0" pn="section-4.1-1">The following informative example uses Extended Diagnostic Notation as defined in Appendix G of <xref target="RFC8610" format="default" sectionFormat="of" derivedContent="RFC8610"/> and demonstrates how to construct a hash envelope for a resource already commonly referenced by its hash.</t>
        <sourcecode type="cbor-diag" markers="false" pn="section-4.1-2">
18([ # COSE_Sign1
  &lt;&lt;{
    / signature alg   / 1: -35, # ES384
    / key identifier  / 4: h'75726e3a...32636573',
    / COSE_Sign1 type / 16: "application/example+cose",
    / hash algorithm  / 258: -16, # sha256
    / media type      / 259: "application/spdx+json",
    / location        /
         260: "https://sbom.example/.../manifest.spdx.json"
  }&gt;&gt;
  / unprotected / {},
  / payload     / h'935b5a91...e18a588a',
         # SHA-256 digest of manifest.spdx.json"
  / signature   / h'15280897...93ef39e5'
         # ECDSA Signature with SHA-384 and P-384
])
</sourcecode>
        <t indent="0" pn="section-4.1-3">In this example, a System Package Data Exchange <xref target="SPDX" format="default" sectionFormat="of" derivedContent="SPDX"/> Software Bill of Materials (SBOM) in JSON format is already commonly identified by its SHA-256 hash.
The content type for "manifest.spdx.json" is already well known as "application/spdx+json" and is <eref target="https://www.iana.org/assignments/media-types/application/spdx+json" brackets="none">registered with IANA</eref>.</t>
        <t indent="0" pn="section-4.1-4">The full JSON SBOM is available at a URL, such as "https://sbom.example/.../manifest.spdx.json".</t>
        <t indent="0" pn="section-4.1-5">The payload of this COSE_Sign1 is the SHA-256 hash of "manifest.spdx.json".</t>
        <t indent="0" pn="section-4.1-6">The type of this COSE_Sign1 is "application/example+cose", but other types may be used to establish more-specific media types for signatures of hashes.</t>
        <t indent="0" pn="section-4.1-7">The signature is produced using ES384, as defined in <xref section="3.4" sectionFormat="of" target="RFC7518" format="default" derivedLink="https://rfc-editor.org/rfc/rfc7518#section-3.4" derivedContent="RFC7518"/>, which means using the Elliptic Curve Digital Signature Algorithm (ECDSA) with the SHA-384 hash function and P-384 elliptic curve.</t>
        <t indent="0" pn="section-4.1-8">This example is chosen to highlight that an existing system may use a hash algorithm such as SHA-256.
This hash becomes the payload of a COSE_Sign1.
When signed with a signature algorithm that is parameterized via a hash function, such as ECDSA with SHA-384, the to-be-signed structure is as described in <xref section="4.4" sectionFormat="of" target="RFC9052" format="default" derivedLink="https://rfc-editor.org/rfc/rfc9052#section-4.4" derivedContent="RFC9052"/>.</t>
        <t indent="0" pn="section-4.1-9">The resulting signature is computed over the protected header and payload, providing integrity and authenticity for the hash algorithm, content type, and location of the associated resource, in this case a software bill of materials.</t>
      </section>
    </section>
    <section anchor="security-considerations" numbered="true" removeInRFC="false" toc="include" pn="section-5">
      <name slugifiedName="name-security-considerations">Security Considerations</name>
      <section anchor="choice-of-hash-function" numbered="true" removeInRFC="false" toc="include" pn="section-5.1">
        <name slugifiedName="name-choice-of-hash-function">Choice of Hash Function</name>
        <t indent="0" pn="section-5.1-1">The hash/signature algorithm combination is <bcp14>RECOMMENDED</bcp14> to be at least as strong as the payload hash algorithm.
For example, if the payload was produced with SHA-256, and is signed with ECDSA, use at least P-256 and SHA-256.
Note that, when using a pre-hash algorithm, the algorithm <bcp14>MUST</bcp14> be registered in the IANA "COSE Algorithms" registry <xref target="COSE-Algorithms" format="default" sectionFormat="of" derivedContent="COSE-Algorithms"/> and <bcp14>MUST</bcp14> be distinguishable from non-pre-hash variants that may also be present.</t>
      </section>
      <section anchor="coseencrypt" numbered="true" removeInRFC="false" toc="include" pn="section-5.2">
        <name slugifiedName="name-cose_encrypt">COSE_Encrypt</name>
        <t indent="0" pn="section-5.2-1">Only COSE_Sign/COSE_Sign1 and COSE_Mac/COSE_Mac0 are in scope for this document. COSE_Encrypt/COSE_Encrypt0 is out of scope for this document.
At the time of publication, there is no known use case for COSE_Encrypt/COSE_Encrypt0.
It may be covered by a future extension, which would address whether the hash function is applied before or after encryption and clarify privacy considerations.</t>
      </section>
      <section anchor="payload-verification" numbered="true" removeInRFC="false" toc="include" pn="section-5.3">
        <name slugifiedName="name-payload-verification">Payload Verification</name>
        <t indent="0" pn="section-5.3-1">If a payload-location is specified, a verifier can choose to fetch the content and confirm that the digest of it, produced with the function defined by payload-hash-alg, matches the payload bytes. Verifiers that do not have access to the internet and obtain the preimage via other means will not be able to perform that check nor to derive utility from it.</t>
      </section>
    </section>
    <section anchor="iana-considerations" numbered="true" removeInRFC="false" toc="include" pn="section-6">
      <name slugifiedName="name-iana-considerations">IANA Considerations</name>
      <section anchor="cose-header-parameters" numbered="true" removeInRFC="false" toc="include" pn="section-6.1">
        <name slugifiedName="name-cose-header-parameters">COSE Header Parameters</name>
        <t indent="0" pn="section-6.1-1">IANA has registered the COSE header parameters defined in <xref target="param-spec" format="default" sectionFormat="of" derivedContent="Section 3"/> (as listed in <xref target="iana-header-params" format="default" sectionFormat="of" derivedContent="Table 1"/>) in the "COSE Header Parameters" registry <xref target="COSE-HDR-PARAMS" format="default" sectionFormat="of" derivedContent="COSE-HDR-PARAMS"/>.  They have been registered in the 'Integer values from 256 to 65535' range per the 'Specification Required' registration policy <xref target="RFC8126" format="default" sectionFormat="of" derivedContent="RFC8126"/>.</t>
        <table anchor="iana-header-params" align="center" pn="table-1">
          <name slugifiedName="name-newly-registered-cose-heade">Newly Registered COSE Header Parameters</name>
          <thead>
            <tr>
              <th align="left" colspan="1" rowspan="1">Name</th>
              <th align="left" colspan="1" rowspan="1">Label</th>
              <th align="left" colspan="1" rowspan="1">Value Type</th>
              <th align="left" colspan="1" rowspan="1">Value Registry</th>
              <th align="left" colspan="1" rowspan="1">Description</th>
              <th align="left" colspan="1" rowspan="1">Reference</th>
            </tr>
          </thead>
          <tbody>
            <tr>
              <td align="left" colspan="1" rowspan="1">
                <tt>payload-hash-alg</tt></td>
              <td align="left" colspan="1" rowspan="1">258</td>
              <td align="left" colspan="1" rowspan="1">int</td>
              <td align="left" colspan="1" rowspan="1">
                <xref target="COSE-Algorithms" format="default" sectionFormat="of" derivedContent="COSE-Algorithms"/></td>
              <td align="left" colspan="1" rowspan="1">The hash algorithm used to produce the payload of a COSE_Sign1</td>
              <td align="left" colspan="1" rowspan="1">RFC 9995, <xref target="param-spec" format="default" sectionFormat="of" derivedContent="Section 3"/></td>
            </tr>
            <tr>
              <td align="left" colspan="1" rowspan="1">
                <tt>preimage-content-type</tt></td>
              <td align="left" colspan="1" rowspan="1">259</td>
              <td align="left" colspan="1" rowspan="1">uint / tstr</td>
              <td align="left" colspan="1" rowspan="1">
                <xref target="CoAP-Content-Formats" format="default" sectionFormat="of" derivedContent="CoAP-Content-Formats"/></td>
              <td align="left" colspan="1" rowspan="1">The content-format number or content-type (media-type name) of data that has been hashed to produce the payload of the COSE_Sign1</td>
              <td align="left" colspan="1" rowspan="1">RFC 9995, <xref target="param-spec" format="default" sectionFormat="of" derivedContent="Section 3"/></td>
            </tr>
            <tr>
              <td align="left" colspan="1" rowspan="1">
                <tt>payload-location</tt></td>
              <td align="left" colspan="1" rowspan="1">260</td>
              <td align="left" colspan="1" rowspan="1">tstr</td>
              <td align="left" colspan="1" rowspan="1">(none)</td>
              <td align="left" colspan="1" rowspan="1">The string or URI hint for the location of the data hashed to produce the payload of a COSE_Sign1</td>
              <td align="left" colspan="1" rowspan="1">RFC 9995, <xref target="param-spec" format="default" sectionFormat="of" derivedContent="Section 3"/></td>
            </tr>
          </tbody>
        </table>
      </section>
    </section>
  </middle>
  <back>
    <references anchor="sec-combined-references" pn="section-7">
      <name slugifiedName="name-references">References</name>
      <references anchor="sec-normative-references" pn="section-7.1">
        <name slugifiedName="name-normative-references">Normative References</name>
        <reference anchor="COSE-HDR-PARAMS" target="https://www.iana.org/assignments/cose" quoteTitle="true" derivedAnchor="COSE-HDR-PARAMS">
          <front>
            <title>CBOR Object Signing and Encryption (COSE)</title>
            <author>
              <organization showOnFrontPage="true">IANA</organization>
            </author>
            <date/>
          </front>
        </reference>
        <reference anchor="RFC2119" target="https://www.rfc-editor.org/info/rfc2119" quoteTitle="true" derivedAnchor="RFC2119">
          <front>
            <title>Key words for use in RFCs to Indicate Requirement Levels</title>
            <author fullname="S. Bradner" initials="S." surname="Bradner"/>
            <date month="March" year="1997"/>
            <abstract>
              <t indent="0">In many standards track documents several words are used to signify the requirements in the specification. These words are often capitalized. This document defines these words as they should be interpreted in IETF documents. This document specifies an Internet Best Current Practices for the Internet Community, and requests discussion and suggestions for improvements.</t>
            </abstract>
          </front>
          <seriesInfo name="BCP" value="14"/>
          <seriesInfo name="RFC" value="2119"/>
          <seriesInfo name="DOI" value="10.17487/RFC2119"/>
        </reference>
        <reference anchor="RFC7252" target="https://www.rfc-editor.org/info/rfc7252" quoteTitle="true" derivedAnchor="RFC7252">
          <front>
            <title>The Constrained Application Protocol (CoAP)</title>
            <author fullname="Z. Shelby" initials="Z." surname="Shelby"/>
            <author fullname="K. Hartke" initials="K." surname="Hartke"/>
            <author fullname="C. Bormann" initials="C." surname="Bormann"/>
            <date month="June" year="2014"/>
            <abstract>
              <t indent="0">The Constrained Application Protocol (CoAP) is a specialized web transfer protocol for use with constrained nodes and constrained (e.g., low-power, lossy) networks. The nodes often have 8-bit microcontrollers with small amounts of ROM and RAM, while constrained networks such as IPv6 over Low-Power Wireless Personal Area Networks (6LoWPANs) often have high packet error rates and a typical throughput of 10s of kbit/s. The protocol is designed for machine- to-machine (M2M) applications such as smart energy and building automation.</t>
              <t indent="0">CoAP provides a request/response interaction model between application endpoints, supports built-in discovery of services and resources, and includes key concepts of the Web such as URIs and Internet media types. CoAP is designed to easily interface with HTTP for integration with the Web while meeting specialized requirements such as multicast support, very low overhead, and simplicity for constrained environments.</t>
            </abstract>
          </front>
          <seriesInfo name="RFC" value="7252"/>
          <seriesInfo name="DOI" value="10.17487/RFC7252"/>
        </reference>
        <reference anchor="RFC8174" target="https://www.rfc-editor.org/info/rfc8174" quoteTitle="true" derivedAnchor="RFC8174">
          <front>
            <title>Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words</title>
            <author fullname="B. Leiba" initials="B." surname="Leiba"/>
            <date month="May" year="2017"/>
            <abstract>
              <t indent="0">RFC 2119 specifies common key words that may be used in protocol specifications. This document aims to reduce the ambiguity by clarifying that only UPPERCASE usage of the key words have the defined special meanings.</t>
            </abstract>
          </front>
          <seriesInfo name="BCP" value="14"/>
          <seriesInfo name="RFC" value="8174"/>
          <seriesInfo name="DOI" value="10.17487/RFC8174"/>
        </reference>
        <reference anchor="RFC8610" target="https://www.rfc-editor.org/info/rfc8610" quoteTitle="true" derivedAnchor="RFC8610">
          <front>
            <title>Concise Data Definition Language (CDDL): A Notational Convention to Express Concise Binary Object Representation (CBOR) and JSON Data Structures</title>
            <author fullname="H. Birkholz" initials="H." surname="Birkholz"/>
            <author fullname="C. Vigano" initials="C." surname="Vigano"/>
            <author fullname="C. Bormann" initials="C." surname="Bormann"/>
            <date month="June" year="2019"/>
            <abstract>
              <t indent="0">This document proposes a notational convention to express Concise Binary Object Representation (CBOR) data structures (RFC 7049). Its main goal is to provide an easy and unambiguous way to express structures for protocol messages and data formats that use CBOR or JSON.</t>
            </abstract>
          </front>
          <seriesInfo name="RFC" value="8610"/>
          <seriesInfo name="DOI" value="10.17487/RFC8610"/>
        </reference>
        <reference anchor="RFC9052" target="https://www.rfc-editor.org/info/rfc9052" quoteTitle="true" derivedAnchor="RFC9052">
          <front>
            <title>CBOR Object Signing and Encryption (COSE): Structures and Process</title>
            <author fullname="J. Schaad" initials="J." surname="Schaad"/>
            <date month="August" year="2022"/>
            <abstract>
              <t indent="0">Concise Binary Object Representation (CBOR) is a data format designed for small code size and small message size. There is a need to be able to define basic security services for this data format. This document defines the CBOR Object Signing and Encryption (COSE) protocol. This specification describes how to create and process signatures, message authentication codes, and encryption using CBOR for serialization. This specification additionally describes how to represent cryptographic keys using CBOR.</t>
              <t indent="0">This document, along with RFC 9053, obsoletes RFC 8152.</t>
            </abstract>
          </front>
          <seriesInfo name="STD" value="96"/>
          <seriesInfo name="RFC" value="9052"/>
          <seriesInfo name="DOI" value="10.17487/RFC9052"/>
        </reference>
        <reference anchor="RFC9110" target="https://www.rfc-editor.org/info/rfc9110" quoteTitle="true" derivedAnchor="RFC9110">
          <front>
            <title>HTTP Semantics</title>
            <author fullname="R. Fielding" initials="R." role="editor" surname="Fielding"/>
            <author fullname="M. Nottingham" initials="M." role="editor" surname="Nottingham"/>
            <author fullname="J. Reschke" initials="J." role="editor" surname="Reschke"/>
            <date month="June" year="2022"/>
            <abstract>
              <t indent="0">The Hypertext Transfer Protocol (HTTP) is a stateless application-level protocol for distributed, collaborative, hypertext information systems. This document describes the overall architecture of HTTP, establishes common terminology, and defines aspects of the protocol that are shared by all versions. In this definition are core protocol elements, extensibility mechanisms, and the "http" and "https" Uniform Resource Identifier (URI) schemes.</t>
              <t indent="0">This document updates RFC 3864 and obsoletes RFCs 2818, 7231, 7232, 7233, 7235, 7538, 7615, 7694, and portions of 7230.</t>
            </abstract>
          </front>
          <seriesInfo name="STD" value="97"/>
          <seriesInfo name="RFC" value="9110"/>
          <seriesInfo name="DOI" value="10.17487/RFC9110"/>
        </reference>
      </references>
      <references anchor="sec-informative-references" pn="section-7.2">
        <name slugifiedName="name-informative-references">Informative References</name>
        <reference anchor="CoAP-Content-Formats" target="https://www.iana.org/assignments/cose" quoteTitle="true" derivedAnchor="CoAP-Content-Formats">
          <front>
            <title>CoAP Content-Formats</title>
            <author>
              <organization showOnFrontPage="true">IANA</organization>
            </author>
            <date/>
          </front>
        </reference>
        <reference anchor="COSE-Algorithms" target="https://www.iana.org/assignments/cose" quoteTitle="true" derivedAnchor="COSE-Algorithms">
          <front>
            <title>COSE Algorithms</title>
            <author>
              <organization showOnFrontPage="true">IANA</organization>
            </author>
            <date/>
          </front>
        </reference>
        <reference anchor="RFC7518" target="https://www.rfc-editor.org/info/rfc7518" quoteTitle="true" derivedAnchor="RFC7518">
          <front>
            <title>JSON Web Algorithms (JWA)</title>
            <author fullname="M. Jones" initials="M." surname="Jones"/>
            <date month="May" year="2015"/>
            <abstract>
              <t indent="0">This specification registers cryptographic algorithms and identifiers to be used with the JSON Web Signature (JWS), JSON Web Encryption (JWE), and JSON Web Key (JWK) specifications. It defines several IANA registries for these identifiers.</t>
            </abstract>
          </front>
          <seriesInfo name="RFC" value="7518"/>
          <seriesInfo name="DOI" value="10.17487/RFC7518"/>
        </reference>
        <reference anchor="RFC8126" target="https://www.rfc-editor.org/info/rfc8126" quoteTitle="true" derivedAnchor="RFC8126">
          <front>
            <title>Guidelines for Writing an IANA Considerations Section in RFCs</title>
            <author fullname="M. Cotton" initials="M." surname="Cotton"/>
            <author fullname="B. Leiba" initials="B." surname="Leiba"/>
            <author fullname="T. Narten" initials="T." surname="Narten"/>
            <date month="June" year="2017"/>
            <abstract>
              <t indent="0">Many protocols make use of points of extensibility that use constants to identify various protocol parameters. To ensure that the values in these fields do not have conflicting uses and to promote interoperability, their allocations are often coordinated by a central record keeper. For IETF protocols, that role is filled by the Internet Assigned Numbers Authority (IANA).</t>
              <t indent="0">To make assignments in a given registry prudently, guidance describing the conditions under which new values should be assigned, as well as when and how modifications to existing values can be made, is needed. This document defines a framework for the documentation of these guidelines by specification authors, in order to assure that the provided guidance for the IANA Considerations is clear and addresses the various issues that are likely in the operation of a registry.</t>
              <t indent="0">This is the third edition of this document; it obsoletes RFC 5226.</t>
            </abstract>
          </front>
          <seriesInfo name="BCP" value="26"/>
          <seriesInfo name="RFC" value="8126"/>
          <seriesInfo name="DOI" value="10.17487/RFC8126"/>
        </reference>
        <reference anchor="SPDX" target="https://spdx.dev/use/specifications/" quoteTitle="true" derivedAnchor="SPDX">
          <front>
            <title>SPDX Specification</title>
            <author>
              <organization showOnFrontPage="true"/>
            </author>
            <date/>
          </front>
        </reference>
      </references>
    </references>
    <section numbered="false" anchor="acknowledgments" removeInRFC="false" toc="include" pn="section-appendix.a">
      <name slugifiedName="name-acknowledgments">Acknowledgments</name>
      <t indent="0" pn="section-appendix.a-1">The following individuals provided input into the final form of the document: <contact fullname="Carsten Bormann"/>, <contact fullname="Antoine Delignat-Lavaud"/>, and <contact fullname="Cedric Fournet"/>.</t>
    </section>
    <section anchor="authors-addresses" numbered="false" removeInRFC="false" toc="include" pn="section-appendix.b">
      <name slugifiedName="name-authors-addresses">Authors' Addresses</name>
      <author initials="O." surname="Steele" fullname="Orie Steele">
        <organization showOnFrontPage="true"/>
        <address>
          <email>orie@or13.io</email>
        </address>
      </author>
      <author initials="S." surname="Lasker" fullname="Steve Lasker">
        <organization showOnFrontPage="true"/>
        <address>
          <email>stevenlasker@hotmail.com</email>
        </address>
      </author>
      <author initials="H." surname="Birkholz" fullname="Henk Birkholz">
        <organization abbrev="Fraunhofer SIT" showOnFrontPage="true">Fraunhofer SIT</organization>
        <address>
          <postal>
            <street>Rheinstrasse 75</street>
            <city>Darmstadt</city>
            <code>64295</code>
            <country>Germany</country>
          </postal>
          <email>henk.birkholz@ietf.contact</email>
        </address>
      </author>
    </section>
  </back>
</rfc>
