> On Jul 10, 2024, at 2:45 PM, Benjamin W. Portner via Cryptography-dev
> <cryptography-dev@python.org> wrote:
>
> Hi Glyph,
>
> thanks for chiming in and for the interesting insights from the
> implementation side. I wasn't aware of the difficulties involved in providing
> the recipient side of OpenPGP. It totally makes sense though.
>
> Personally, I am kind of happy with your recipe short list. The only thing
> that is missing for my personal use case is how to encapsulate the parameters
> that were used for the key derivation alogirhtm together with the cipher text
> so that they can be recovered by the recipient. The only reason why I
> suggested OpenPGP is because I assume that the standard prescribes a way to
> do that. Is there any chance that you will add steps for this in the Fernet
> recipe?
I am just a Cryptography user who happens to know the maintainers reasonably
well, so it's unlikely that I will do this :). I don't think I understand your
request though. Fernet is an implementation of a standard, it doesn't have a
facility for storing KDF parameters. You can read about it here:
<https://github.com/fernet/spec/blob/master/Spec.md>. Their repo also has an
issues list, so you could file the request, if you thought it was useful.
What would you do with metadata about KDF parameters, if you had them?
-g
_______________________________________________
Cryptography-dev mailing list
Cryptography-dev@python.org
https://mail.python.org/mailman/listinfo/cryptography-dev
