On Mon, Nov 28, 2022 at 10:39:19AM -0800, Laurence Lundblade wrote: > All I think that is important right now is that we know how we’re > going to label mode_auth separate from mode_base. > > I think registering two COSE algorithm IDs, HPKE_BASE and HPKE_AUTH > is workable and probably preferable to an HPKE mode parameter. I > think this is what Ilari suggested, but I’m not sure.
Right. > I think the general case for mode_auth is quite strong independent > of a use case like firmware encryption because there are so many > use cases for signing+encryption in COSE, but we can work on that > in another draft. Yes, do it in another draft if you are to do it at all. (The security considerations stuff is very much nontrivial.) > One question below. > > > On Nov 28, 2022, at 10:28 AM, Hannes Tschofenig <[email protected]> > > wrote: > > > > Laurence, > > > > I would prefer not to design the HPKE auth mode without a scenario to > > motivate it. > > > > Ciao > > Hannes > > > > -----Original Message----- > > From: COSE <[email protected]> On Behalf Of Ilari Liusvaara > > > > AFAICT, Neither PR9 and PR10 preclude reusing the HSI codepoint > > for this sort of extension in another draft. > > What’s an HSI code point? HPKE Sender Info. That is, the algorithm parameter all the HPKE stuff goes into. -Ilari _______________________________________________ COSE mailing list [email protected] https://www.ietf.org/mailman/listinfo/cose
