As background, if there was a version of this spec that did not assume that the
parameters would be concatenated together in a specific way, but left them as
independent inputs and outputs, as AES GCM and AES CTR do, it would be a better
match for JOSE's use case.
-- Mike
From: [email protected] [mailto:[email protected]] On Behalf Of David
McGrew (mcgrew)
Sent: Monday, November 12, 2012 10:21 AM
To: [email protected]; [email protected]
Subject: [Cfrg] Authenticated Encryption with AES-CBC and HMAC-SHA, version 01
Hi,
There is a new version of "Authenticated Encryption with AES-CBC and HMAC-SHA",
and I would appreciate your review. It is online at
<https://datatracker.ietf.org/doc/draft-mcgrew-aead-aes-cbc-hmac-sha2/?include_text=1><https://datatracker.ietf.org/doc/draft-mcgrew-aead-aes-cbc-hmac-sha2/?include_text=1%3e>
The diff between the current and the previous version is available at
<http://www.ietf.org/rfcdiff?url2=draft-mcgrew-aead-aes-cbc-hmac-sha2-01><http://www.ietf.org/rfcdiff?url2=draft-mcgrew-aead-aes-cbc-hmac-sha2-01%3e>
This draft has been proposed for use in the JOSE WG
<http://datatracker.ietf.org/wg/jose/><http://datatracker.ietf.org/wg/jose/%3e>
, where its adoption would allow the working group to omit "raw"
unauthenticated encryption, e.g. AES-CBC, and only include authenticated
encryption. Thus I am asking for your help in making
John Foley generated test cases that correspond to the current version of the
draft, but I didn't include these in the draft because I did not yet get
confirmation from a second independent implementation. With hope, there will
not be any need for any normative changes, and I will include these after I get
confirmation.
Thanks,
David
_______________________________________________
jose mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/jose
