Hi Daisuke, Let me give you a very quick response on one item. I will read through your proposal.
➢ One point of concern during the IETF 114 meeting was there were several erroneous comments that the fact that enc is an octet string is implementation-dependent. We had discussed this earlier on the list and there are two data points: First, the HPKE RFC says that it does not specify a wire-format. In fact, Section 10 of RFC 9180 is very explicit about this fact by saying “This document does not specify a wire format encoding for HPKE messages.” Second, since Ilari did not believe me I reached out to Chris Wood, one of the authors, and ask him personally. He confirmed my observation. The pseudo-programming language API defined in the HPKE RFC is not mandatory to implement by an HPKE library. In fact, there are implementations that do not implement that API and they are still compliant to the HPKE RFC. An example is the HappyKey implementation by Stephen Farrell. I used his implementation and used the PSA Crypto API rather than OpenSSL. Ciao Hannes IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you. _______________________________________________ COSE mailing list [email protected] https://www.ietf.org/mailman/listinfo/cose
