CBOR Object Signing and Encryption (COSE, RFC 9052) describes how to
create and process signatures, message authentication codes, and
encryption using Concise Binary Object Representation (CBOR, RFC 8949)
for serialization. COSE additionally describes a representation for
cryptographic keys.

COSE has been picked up and is being used both by a number of groups
with which it will coordinate its progress. This includes groups within
the IETF (e.g., ACE, CORE, JOSE, LAMPS, ANIMA, and SUIT) and outside the
IETF (e.g., W3C and FIDO). There are a number of implementations, both
open source and private, now in existence.

The COSE working group handles four types of documents:

1.  Documents that describe the use of cryptographic algorithms in COSE.
2.  Documents that describe additional attributes for COSE.
3.  Documents that define header parameters to be used in COSE objects.
4.  Documents that define COSE key representations.

The WG will evaluate, and potentially adopt, documents dealing with algorithms
that would fit the criteria of being IETF consensus algorithms.
Potential candidates would include those algorithms that have been evaluated by
the CFRG and algorithms which have gone through a public review and evaluation
process such as was done for the NIST SHA-3 algorithms.

Key management and binding of keys to identities are out of scope for
the working group. The COSE WG will not innovate in terms of
cryptography. The specification of algorithms in COSE is limited to
those in RFCs, active CFRG or IETF WG documents, or algorithms which
have been positively reviewed by the CFRG.