Re: [CFRG] Compact NIST curves in HPKE
Ilari Liusvaara <ilariliusvaara@welho.com> Fri, 16 September 2022 16:10 UTC
Return-Path: <ilariliusvaara@welho.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 50234C14F749 for <cfrg@ietfa.amsl.com>; Fri, 16 Sep 2022 09:10:45 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.909
X-Spam-Level:
X-Spam-Status: No, score=-1.909 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Thu1JS12ol52 for <cfrg@ietfa.amsl.com>; Fri, 16 Sep 2022 09:10:39 -0700 (PDT)
Received: from welho-filter4.welho.com (welho-filter4b.welho.com [83.102.41.30]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 05EBEC14F743 for <cfrg@irtf.org>; Fri, 16 Sep 2022 09:10:38 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by welho-filter4.welho.com (Postfix) with ESMTP id 09E2367B47 for <cfrg@irtf.org>; Fri, 16 Sep 2022 19:10:36 +0300 (EEST)
X-Virus-Scanned: Debian amavisd-new at pp.htv.fi
Received: from welho-smtp1.welho.com ([IPv6:::ffff:83.102.41.84]) by localhost (welho-filter4.welho.com [::ffff:83.102.41.26]) (amavisd-new, port 10024) with ESMTP id vsX3tvyQA9Zu for <cfrg@irtf.org>; Fri, 16 Sep 2022 19:10:35 +0300 (EEST)
Received: from LK-Perkele-VII2 (87-92-216-160.rev.dnainternet.fi [87.92.216.160]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by welho-smtp1.welho.com (Postfix) with ESMTPSA id C74857A for <cfrg@irtf.org>; Fri, 16 Sep 2022 19:10:34 +0300 (EEST)
Date: Fri, 16 Sep 2022 19:10:34 +0300
From: Ilari Liusvaara <ilariliusvaara@welho.com>
To: cfrg@irtf.org
Message-ID: <YySf+uuc39Ijq5jN@LK-Perkele-VII2.locald>
References: <YyNQURvVgdxNJo0x@LK-Perkele-VII2.locald> <b0ba78bc-cdd0-e52a-0c0a-c87f7e61880d@gmail.com> <fef0a1be-2589-3a48-8214-7c2426ada26e@lounge.org>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <fef0a1be-2589-3a48-8214-7c2426ada26e@lounge.org>
Sender: ilariliusvaara@welho.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/Bh1JAF7iH-Wwpwi7XxE7a_mor1s>
Subject: Re: [CFRG] Compact NIST curves in HPKE
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Fri, 16 Sep 2022 16:10:45 -0000
On Thu, Sep 15, 2022 at 12:34:30PM -0700, Dan Harkins wrote: > > > BTW - I always thought CFRG was supposedly a research group (and would > > not deal with code-point assignments, which are an IETF issue). > > Well HPKE is a product of the CFRG and it created a registry so I guess > research groups can deal with code-point assignments. > > To answer Ilari, I think the CFRG Crypto Panel is looking at my draft > as a precursor to a possible adoption call. So things are progressing, > albeit very slowly. Looking at the IANA registry for the HPKE KEMs, it is listed to be "Specification Required". From RFC8126 / BCP26, here is what that entails: "For the Specification Required policy, review and approval by a designated expert (see Section 5) is required, and the values and their meanings must be documented in a permanent and readily available public specification, in sufficient detail so that interoperability between independent implementations is possible." And: "The intention behind "permanent and readily available" is that a document can reasonably be expected to be findable and retrievable long after IANA assignment of the requested value. Publication of an RFC is an ideal means of achieving this requirement, but Specification Required is intended to also cover the case of a document published outside of the RFC path, including informal documentation." So: 1) The designated experts listed in IANA registry are Christopher Wood and Richard Barnes. 2) Do I-Ds count as permanent? Those are available (from the IETF itself) even after expiry. 3) IMO, the specification in draft-harkins-cfrg-dnhpke-02 section 4.1 is sufficiently detailed for interop. The other changes in the draft look to be much more involved, and do not look to be relevant for COSE, at least not at the current time. > > On 2022-09-15 12:18 p.m., Ilari Liusvaara wrote: > > > During IETF 113 (about half a year ago), there was presentation of > > > additions to HPKE. Especially, adding compact versions of NIST curves. > > > I think having compact NIST curves in HPKE would be useful for the COSE > > > WG, which is working on integrating HPKE to COSE (CBOR Object Signing > > > and Encryption). > > > > > > > > > What's the current status? I see that during IETF 113, the issue seemed > > > to be that there were no designated experts assigned, but this has been > > > fixed since. Is the current issue that nobody has formally asked to > > > assign the codepoints as described by draft-harkins-cfrg-dnhpke-02 > > > section 4.1? Or something else? -Ilari
- [CFRG] Compact NIST curves in HPKE Ilari Liusvaara
- Re: [CFRG] Compact NIST curves in HPKE Rene Struik
- Re: [CFRG] Compact NIST curves in HPKE Dan Harkins
- Re: [CFRG] Compact NIST curves in HPKE John Mattsson
- Re: [CFRG] Compact NIST curves in HPKE Orie Steele
- Re: [CFRG] Compact NIST curves in HPKE Ilari Liusvaara
- Re: [CFRG] Compact NIST curves in HPKE Ilari Liusvaara