Orie Steele <[email protected]> wrote: > It needs to express an HPKE suite, which is a combination of details > which become irrelevant once named properly.
Those names could be allowed to be more abstract.
> It's not that these details don't matter, it's that the average
> developer doesn't need to know them to use HPKE.
+1
Effectively both IPsec and TLS have ciphersuites. We tried the other way,
and it just was a bad idea. (In IKEv2, we still express things with many
parameters, but we effectively have "UI" ciphersuites)
Nobody wants to test all the combinations. It's just not practical.
Vendors that want to accelerate things into hardware want a very small number
of common choices.
(Entities that need/want vanity crypto can pay for that
directly, and anyway, they probably don't want all the combinations either.)
--
Michael Richardson <[email protected]> . o O ( IPv6 IøT consulting )
Sandelman Software Works Inc, Ottawa and Worldwide
signature.asc
Description: PGP signature
_______________________________________________ COSE mailing list [email protected] https://www.ietf.org/mailman/listinfo/cose
