All I think that is important right now is that we know how we’re going to label mode_auth separate from mode_base.
I think registering two COSE algorithm IDs, HPKE_BASE and HPKE_AUTH is workable and probably preferable to an HPKE mode parameter. I think this is what Ilari suggested, but I’m not sure. I think the general case for mode_auth is quite strong independent of a use case like firmware encryption because there are so many use cases for signing+encryption in COSE, but we can work on that in another draft. One question below. LL > On Nov 28, 2022, at 10:28 AM, Hannes Tschofenig <[email protected]> > wrote: > > Laurence, > > I would prefer not to design the HPKE auth mode without a scenario to > motivate it. > > Ciao > Hannes > > -----Original Message----- > From: COSE <[email protected]> On Behalf Of Ilari Liusvaara > Sent: Monday, November 28, 2022 7:22 PM > To: [email protected] > Subject: Re: [COSE] HPKE Proposals: Something for the group to decide > > On Mon, Nov 28, 2022 at 09:54:51AM -0800, Laurence Lundblade wrote: > > <about HPKE auth mode> > >> This could be in a separate draft, but we should at least anticipate >> how mode_auth is distinguished from mode_base. > > I would say use another alg, since you wind up with nontrivial spec work > anyway. And just substituting the mode leads to flawed results. > > AFAICT, Neither PR9 and PR10 preclude reusing the HSI codepoint for this sort > of extension in another draft. What’s an HSI code point? > > > > -Ilari > > _______________________________________________ > COSE mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/cose > IMPORTANT NOTICE: The contents of this email and any attachments are > confidential and may also be privileged. If you are not the intended > recipient, please notify the sender immediately and do not disclose the > contents to any other person, use it for any purpose, or store or copy the > information in any medium. Thank you. > > _______________________________________________ > COSE mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/cose _______________________________________________ COSE mailing list [email protected] https://www.ietf.org/mailman/listinfo/cose
