Hi Illari, Thanks for the review. Please see inline
On Fri, 8 Nov 2024 at 23:11, Ilari Liusvaara <[email protected]> wrote: > On Fri, Nov 08, 2024 at 03:04:22PM +0000, Michael Jones wrote: > > Per discussions at the IETF 121 COSE working group meeting, this note > > starts a two-week call for adoption of the PQ/T Hybrid KEM: HPKE with > > JOSE/COSE specification. Please let us know whether you are in favor > > of adoption or not by Friday, November 22, 2024. > > What KEM is the draft supposed to use? > > It references something called "X25519MLKEM768 Hybrid KEM", which is > not found in HPKE KEM registry, nor seems to be pending addition to it. > > Is that supposed to be X-Wing (HPKE KEM id 0x647a)? Yes, updated draft. > That is a hybrid of > X25519 and ML-KEM 768. If so, the algorithm name should presumably > reference "xwing" instead. Agreed. > > The draft should explicitly specify the HPKE KEM/KDF/AEAD id values to > use. HPKE absolutely requires any KEM/KDF/AEAD used to be in its > registeries. > The combination of HPKE KEM/KDF/AEAD is fully specified in the registry, for example HPKE-XWING-SHA256-AES256GCM > > > Also, the draft should register the keys required, something like: > > - COSE Elliptic Curves: > > * Name: X-Wing > * Value: <TBD> > * Key type: OKP > * Description: X-Wing > * Change Controller: IESG > * Reference: <self> > * Recommended: <TBD> > I prefer "Recommended" to be "Yes" but I'd like to hear any objections. > > - JSON Web Key Elliptic Curve: > > * Curve name: XWing > * Curve description: X-Wing key pairs > * JOSE Implementation Requirements: <TBD> > I prefer "Recommended+" or "Required" but I'd like to hear any objections. > * Change Controller: IESG > * Reference: <self> > Thanks, registered keys (see https://github.com/tireddy2/Hybrid-KEM-with-COSE-JOSE/pull/3). -Tiru > > (Yes, the terminology is utterly confusing. Trying to fix it to the > extent possible is a topic for another RFC.) > > > > > -Ilari > > _______________________________________________ > COSE mailing list -- [email protected] > To unsubscribe send an email to [email protected] >
_______________________________________________ COSE mailing list -- [email protected] To unsubscribe send an email to [email protected]
