On Tue, Oct 24, 2023 at 07:19:59AM +0200, [email protected] wrote: > Hi all, > > Les and I have put together a draft that starts to capture guidance > for JOSE (and COSE) following the recent list discussion about key > ids (see > https://mailarchive.ietf.org/arch/msg/jose/Ziu1dqu9p19U-n1bhR4A5yof5ec/). > > Here is the link to the draft: > > https://datatracker.ietf.org/doc/draft-tschofenig-jose-cose-guidance/ One topic I would like to see covered is API design guidance for libraries.
For example, offer separate functions for verifying signatures and MACs, both rejecting anything that is not of correct type (implying that both reject alg=none). Mixing algorithms with different properties is very dangerous for security. Or that normal decryption functions need to insta-reject CBC and CTR algorithms. Another topic is how to use 'jwk' header. I have seen correct and incorrect uses of similar headers. And another is why Direct Encryption REALLY SHOULD NOT be used. And there are plenty of other landmines to mark... -Ilari _______________________________________________ jose mailing list [email protected] https://www.ietf.org/mailman/listinfo/jose
