Thanks to Ilari for capturing suggested changes to draft-ietf-jose-hpke-encrypt-01 for "alg" and "enc".
See: https://mailarchive.ietf.org/arch/msg/jose/AQPIjws_5cjnCb_3S7UR688W4uM/ We've discussed versions of this proposal for several months now, and I feel we probably need more formal consensus calls to identify a path forward. @[email protected] <[email protected]> please consider a formal consensus call for each of these topics, after applying any changes suggested on this thread as you see fit. I hope we can poll the room in person at IETF 120 as well. ## draft-ietf-jose-hpke-encrypt-01 call topic number 1 (Yes / No): ### For HPKE JWE Integrated Encryption Mode: The algorithm name SHALL be of the form "HPKE-P256-SHA256-A128GCM". The "enc" value SHALL be "dir". The working group SHALL draft text explaining what "enc:dir" means, and how it related to "alg". The algorithm name SHALL be of the form "HPKE-P256-SHA256-A128GCM". The hpke-aad SHALL be of the form "protected (.aad)", as described in Step 15 of RFC7516. The hpke-info SHALL be the same as is provided to concatKDF info for ECDH-ES, as described in https://datatracker.ietf.org/doc/html/rfc7518#section-4.6.2 ## draft-ietf-jose-hpke-encrypt-01 call topic number 2 (Yes / No): ### For HPKE JWE Key Encryption Mode: The algorithm name SHALL be of the form "HPKE-P256-SHA256-A128GCM". The "enc" value SHALL be any registered AEAD here - https://www.iana.org/assignments/jose/jose.xhtml, per section of RFC7518. The hpke-info SHALL be the same as is provided to concatKDF info for ECDH-ES, as described in https://datatracker.ietf.org/doc/html/rfc7518#section-4.6.2 The hpke-aad shall be empty. If either of these fails (rough consensus no), let's run through each statement in a formal consensus call, this way we can eliminate ambiguity for authors, and authors can propose solutions to only the problems where there is working group disagreement on the proposed solution in the current draft. This will end much faster if we can establish consensus to eliminate some variables. Regards, OS -- ORIE STEELE Chief Technology Officer www.transmute.industries <https://transmute.industries>
_______________________________________________ jose mailing list -- [email protected] To unsubscribe send an email to [email protected]
