Hi all, the Ephemeral-Static Diffie-Hellman (ES-DH) is specified in Section 8.5.5 "Key Agreement with Key Wrap" of RFC 9052 and an example is provided in Appendix B of RFC 9052.
Section 5.2 of RFC 9053 specifies the "Context Information Structure" (COSE_KDF_Context), which "is used to ensure that the derived keying material is bound to the context of the transaction". RFC 9052/9053 do not mandate how the fields in the COSE_KDF_Context are populated and leave it to the application context. In a discussion with David Brown, who has implemented ES-DH for a project, we have been wondering how to populate the fields in a meaningful way. Our two use cases are SUIT (for use of firmware encryption) and TEEP (with trusted app provisioning). Have others used the COSE_KDF_Context for ES-DH or for related COSE content key distribution mechanisms? If so, how did you populate the structure? Ciao Hannes _______________________________________________ COSE mailing list [email protected] https://www.ietf.org/mailman/listinfo/cose
