Hi all,
the JOSE and COSE chairs have issued a working group last call on the two HPKE drafts. Most of the content has been aligned, as far as the structural differences between COSE and JOSE allow.
However, there are some noteworthy differences between the two drafts:
- The COSE-HPKE draft introduces a new CBOR structure called Recipient_structure, which is passed into the Additional Authenticated Data (AAD) field of the HPKE invocation. This structure contains the protected headers from the COSE_recipient (if present) as well as fixed fields, such as the algorithm used in the next layer.
- The JOSE-HPKE draft does not define an equivalent structure. It basically leaves it up to a profile of the draft (or to the developer) to define the inforrmation it wants to incorporate.
Both drafts support the inclusion of mutually known private information via the info field in HPKE. Additionally, each draft offers different extension points for passing additional data into the AAD and info fields.
I believe further alignment between the two documents would be beneficial.
Ciao
Hannes
Hannes
_______________________________________________ COSE mailing list -- cose@ietf.org To unsubscribe send an email to cose-le...@ietf.org
