On Fri, Sep 1, 2023 at 11:52 AM Ilari Liusvaara <[email protected]> wrote:
> On Fri, Sep 01, 2023 at 11:13:01AM -0500, Orie Steele wrote: > > On Fri, Sep 1, 2023 at 10:59 AM Ilari Liusvaara < > [email protected]> > > wrote: > > > > > On Fri, Sep 01, 2023 at 10:52:07AM -0500, Orie Steele wrote: > > > > On Fri, Sep 1, 2023 at 10:48 AM Ilari Liusvaara < > > > [email protected]> > > > > wrote: > > > > > > > > What does AKP stand for? > > > > > > Algorithm Key Pair > > > > > > > > I like this suggestion. > > > > Is it implied that "alg" is REQUIRED for this kty? > > Yes, "alg" subtypes the key, so it is required. > > Excellent! This seems to pair well with the fully specified algorithms draft. > > (switching topics to your comment about hashing) > > > > Last I recall there was no guidance on pre-hashing / hash before signing > > for PQ signatures... We would want to make sure that if JOSE does that it > > aligns with LAMPs / COSE / and ideally also NIST, has something changed > > recently on this front? > > I don't see room for alignment. > > What would work for one will not work for any others, because the > signature frameworks are just different. > > E.g., COSE has both body and signature headers, JOSE has only signature > headers, and PKIX (LAMPS) does not have explicit headers. > > This makes it necressary to apply different approaches to all three. > > I think we are possibly agreeing, but speaking past each other. I am asserting that the "raw crypto layer" needs alignment / can be aligned... the envelopes are of course different. If we added a named alg for "hash with shake256 then sign with dilithium 5"... Are you asserting that it would be "implemented differently" for COSE / JOSE / LAMPs ? > > And the section in NIST ML-SIG draft seems to be just handwaving > (and SLH-SIG does *not* have similar section). And no wonder, given > how format-specific this stuff is. > > I don't have enough context to process this comment. > > > > -Ilari > > _______________________________________________ > jose mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/jose > -- ORIE STEELE Chief Technology Officer www.transmute.industries <https://transmute.industries>
_______________________________________________ jose mailing list [email protected] https://www.ietf.org/mailman/listinfo/jose
