Ilari, Thanks for confirming this. It does appear that the section on AES-KW in RFC 9053 [2] includes the statement "The protected header bucket MUST be empty." and two families defined in RFC 9459 [3] have similar statements. But the direct (-6) algorithm makes no such statement nor does the RSAES-OAEP family [4]. So it seems desirable but inconsistent.
Does this rise to the level of an errata for the general discussion of protected header in RFC 9052? I think having specific guidance there would help understanding for those who don't have a huge background in this ecosystem. Brian S. [2] https://www.rfc-editor.org/rfc/rfc9053.html#section-6.2.1 [3] https://www.rfc-editor.org/rfc/rfc9459.html [4] https://www.rfc-editor.org/rfc/rfc8230.html#section-3 > -----Original Message----- > From: [email protected] <[email protected]> > Sent: Thursday, July 3, 2025 3:17 PM > To: [email protected] > Subject: [EXT] [COSE] Re: Requirement for protected header to actually be > protected > > APL external email warning: Verify sender [email protected] before > clicking links or attachments > > On Thu, Jul 03, 2025 at 05:48:21PM +0000, Sipos, Brian J. wrote: > > WG, > > > > I was looking for, and have failed to find, any requirement in the > > base COSE specification [1] that if the protected header map is > > non-empty the associated algorithm must support additional > > authenticated data (AAD). The non-normative text and examples seem to > > support this but I don't see anything normative around this. Am I just > > missing something? Or does this seem like something that deserves a > constraint? > > > > I guess this was what was intended — like intending to only have authenticated > symmetric encryption so to not need algorithm binding — but it wasn't > explicitly > written anywhere. The section on AE certainly forbids protected headers. > > > > > -Ilari > > _______________________________________________ > COSE mailing list -- [email protected] > To unsubscribe send an email to [email protected]
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ COSE mailing list -- [email protected] To unsubscribe send an email to [email protected]
