On Mon, Jul 22, 2024 at 07:02:26PM +0000, lgl island-resort.com wrote: > > On Jul 22, 2024, at 5:35 AM, Ken Takayama <[email protected]> wrote: > > Also, in some ways Recipient_structure is not that different from > Context Info Structure. They both have an algorithm ID and cover the > protected headers. They are both input into the processing at the same > place. The main difference is that all the extra stuff to address weak > keys, bind to context and such goes in COSE headers in > Recipient_structure rather than an arcane inherited structure half of > which doesn’t make sense, is ill-defined and such.
Yeah, Context Information Structure is pretty full of arcane stuff that is nontrivial to use securely. And then it is also missing some important stuff. One issue with Recipient_structure is that it is not completely clear when it is used as opposed to Enc_structure. I presume if COSE-HPKE is at layer 1+, then use Recipient_structure, else use Enc_structure. I think it would be simpler to have Enc_structure2 that extends Enc_structure to bind the algorithm information (with a way to indicate that there is no next algorithm for layer0). -Ilari _______________________________________________ COSE mailing list -- [email protected] To unsubscribe send an email to [email protected]
