Skip to content

DIP: Self-Describing Hash Format for Intel DCAP reportdata #330

Description

@h4x3rotab

We propose a new standard format for encoding hashes in Intel DCAP attestation reportdata, which is limited to 64 bytes. The format is:

<purpose>:<algo>:<base64url-hash>
  • Purpose: short human-readable identifier (≤10 chars).
  • Algo: algorithm name (e.g., sha-256).
  • Digest: Base64url-encoded hash, without padding.

This format is inspired by existing practices (ni://, SRI, Docker digests), but tailored for the strict 64-byte size constraint. It is primarily intended for SHA-256, since longer digests would overflow.

Advantages:

  • Self-describing (algorithm embedded).
  • Compact (Base64url shorter than hex).
  • Domain separation via purpose prefix.
  • Reusable tooling: can leverage existing ni:// and SRI libraries for serialization/parsing.

PR: #331

Metadata

Metadata

Assignees

No one assigned

    Labels

    Fields

    No fields configured for Feature.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions