Any comments from your side, Ilari? From: COSE <[email protected]> On Behalf Of Hannes Tschofenig Sent: Wednesday, January 11, 2023 12:52 PM To: [email protected] Subject: [COSE] COSE-HPKE: Moving Forward
Hi all, To move forward with the COSE-HPKE draft two open issues need to be addressed. I posted a mail in December, see https://mailarchive.ietf.org/arch/msg/cose/Cv-UumRRmmXWzrDHAhOAk0iV6fI/ The two open issues (IMHO) are: 1. Should we make the kem_id in the encapsulated_key structure mandatory, as Laurence suggested. 2. Should we avoiding the polymorphic approach for the encapsulated_key registration, as Daisuke suggested. To make it easier to understand these two issues, let me point you the current version of the PR: https://github.com/cose-wg/HPKE/blob/9914fa6f84b28046ee29762551798760dbaa3b7f/draft-ietf-cose-hpke.md Regarding issue#1, we are talking about changing the encapsulated_key structure from encapsulated_key = [ kdf_id : uint, ; kdf id aead_id : uint, ; aead id enc : bstr, ; enc ? kem_id : uint, ; kem id ] to: encapsulated_key = [ kdf_id : uint, ; kdf id aead_id : uint, ; aead id kem_id : uint, ; kem id enc : bstr, ; enc ] Regarding issue#2, the change relates to how the encapsulated_key structure is registered in the COSE IANA registry (under COSE header parameters). Change from: * Name: encapsulated_key * Label: TBD2 (Assumed: -4) * Value type: bstr / [any] / { any => any } * Value Registry: N/A * Description: Encapsulated key for KEM-like algorithms To: * Name: encapsulated_key * Label: TBD2 (Assumed: -4) * Value type: Array * Value Registry: N/A * Description: Encapsulated key for KEM-like algorithms In a future, if the HPKE gets extended to algorithms that are not compatible with the encapsulated_key structure then a new one has to be defined due to the lack of extensibility of the array and its fixed set of fields. Your feedback will be valuable and allows me to resubmit a new draft version. Ciao Hannes IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you. IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.
_______________________________________________ COSE mailing list [email protected] https://www.ietf.org/mailman/listinfo/cose
