Re: [COSE] [jose] Call for Adoption: draft-ajitomi-cose-cose-key-jwk-hpke-kem
AJITOMI Daisuke <ajitomi@gmail.com> Sun, 16 April 2023 21:33 UTC
Return-Path: <ajitomi@gmail.com>
X-Original-To: cose@ietfa.amsl.com
Delivered-To: cose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AD72DC14CE22 for <cose@ietfa.amsl.com>; Sun, 16 Apr 2023 14:33:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.095
X-Spam-Level:
X-Spam-Status: No, score=-2.095 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 87YLPDrcYVet for <cose@ietfa.amsl.com>; Sun, 16 Apr 2023 14:33:32 -0700 (PDT)
Received: from mail-yb1-xb2c.google.com (mail-yb1-xb2c.google.com [IPv6:2607:f8b0:4864:20::b2c]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5DA2DC14CEF9 for <cose@ietf.org>; Sun, 16 Apr 2023 14:33:32 -0700 (PDT)
Received: by mail-yb1-xb2c.google.com with SMTP id j15so2828835ybl.10 for <cose@ietf.org>; Sun, 16 Apr 2023 14:33:32 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20221208; t=1681680811; x=1684272811; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=3kpyMUgI5LWrVv7Jezt8Hq7kJcGmpcxRC7c7M1MhDE8=; b=e9hGcmhQcqhAbwbSgu799HJL+V/Mhf4R3yyb0YMMIoPJV/PIZujgCFR9+HENOcjCO4 b1d/QNQrsgYfDA4JsGFd7C8+5B7fPyeE3f31AtrC4I+xRDZIkxmqgQU+1kbjjVlK6+gZ BHWP83XR6WOxTziIUkTripXneaaAFHVe9zgOBhcK9C7Ic4u8mF1a1MCfTmFLGoLVl3SR f8JhCGMD11v9Br3o3ogHGXXZCGonCE3w7J1bWVOb9jgkKZZgomyiwbyMZDf4Fnttfea/ QrWpoUWquV0PTcAbL+kUBGEKmeY2k9JalYWXKOGV+gQhH+jP1kgeICJKysml6fKUKmQC VOrA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1681680811; x=1684272811; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=3kpyMUgI5LWrVv7Jezt8Hq7kJcGmpcxRC7c7M1MhDE8=; b=U92zfgfBP7ik+k9h+a4NTK/i+tnjfwVdwc0RmvXIMu9KlaESslsWMdQoiYOdFH7qRd CcrzIRGa1yGG69Yg1+kXjaDIMKywgBXKI4uXxpJGOQUlziWD+QeN3NKlpJAFP0gR0rfK MN9VpF0Yt+utl+y2vsfYv1JmZwGTtDHKsxURnduwZz0KqHN5TY3Z33LqKIK0g+QpHUkx IynFQPLP+q5jrYbshlY/mR52FGX8tek4u/axO5rSg9RWdDgPv5GvM7UPbLM+qBqrAxkN QS55z79mvjbQyAJD7cUgL6Przz51/PYnrJ2wwGciRoknc2TRiQATDmLcpIVw+6w0e9FR n9Cw==
X-Gm-Message-State: AAQBX9eRbiIQkghlseZ73TXSJ2T5QwWwM41SbAs9G8Kz60TdGnicCVAE I7umjT1gfNzQFdgxcFaM7Ar08NwnSCJUD8aBzmB+e1x/8eOS
X-Google-Smtp-Source: AKy350aZBOkF7DyalyOPjB62PEUk/maIPtIIKlEmyiEdzYWM3FV9ugIXrc5QVJdIT2Yh/migr/wVg0YnU1NZKPVUHT4=
X-Received: by 2002:a25:d08d:0:b0:b7c:1144:a708 with SMTP id h135-20020a25d08d000000b00b7c1144a708mr8250955ybg.12.1681680811034; Sun, 16 Apr 2023 14:33:31 -0700 (PDT)
MIME-Version: 1.0
References: <ZDZj/boaTVkcLzhq@LK-Perkele-VII2.locald> <CAN8C-_J_A=F_K8sxpZ6YJ_FPHYxgh_pX-0AEM_kXsh_o=EJu-Q@mail.gmail.com> <E9237176-AA3D-49FF-AA80-976E196591D8@island-resort.com> <CAN8C-_LrQoeN87SFsA8XN-9GJMQZOv9A1sc3MgWOk0EFmoHxKQ@mail.gmail.com> <9639F2AF-CF80-4C46-9936-E2D267647A4F@island-resort.com> <ZDkEW716XyikW1ah@LK-Perkele-VII2.locald> <CAN8C-_Jawc9OEROYdi+QhNtXbvKPQaLtL1+veCF0zVKFnUM00g@mail.gmail.com> <ZDmdwQqw5xg4FvHY@LK-Perkele-VII2.locald> <7357D0EA-F248-4042-B4E0-111DB306E988@island-resort.com> <CAN8C-_LfJmu2Qf1hV1W4iu8V4dyxEwo-_h8RVXPgyaRFDtPTCQ@mail.gmail.com> <ZDuDv6NVJ8exaXMj@LK-Perkele-VII2.locald> <CAFWvErWkOWTT28gxd43atkjVwMUcZw9Zi=MEodL_PFDiQFpueQ@mail.gmail.com> <CAN8C-_+=mT97rownLqFvKaWRBbmBHp+JMbVpFArBrB0C3zNqeA@mail.gmail.com> <CAFWvErVT2ZUsoPyzaj-5+9K4LwwN6ioue8uZ8Z6fxmh6zk78Hg@mail.gmail.com> <CAN8C-_J8DKsfk9H+XKEJN2s61nVnMVGHjExiGMLSpcwVGJdPxA@mail.gmail.com>
In-Reply-To: <CAN8C-_J8DKsfk9H+XKEJN2s61nVnMVGHjExiGMLSpcwVGJdPxA@mail.gmail.com>
From: AJITOMI Daisuke <ajitomi@gmail.com>
Date: Mon, 17 Apr 2023 06:33:20 +0900
Message-ID: <CAFWvErXyzanCSRTuzPdO01MvGfAJBOr6Q-JEALEnUmXRAHL1ng@mail.gmail.com>
To: Orie Steele <orie@transmute.industries>
Cc: cose <cose@ietf.org>, Ilari Liusvaara <ilariliusvaara@welho.com>
Content-Type: multipart/alternative; boundary="0000000000005e0cbc05f97ad338"
Archived-At: <https://mailarchive.ietf.org/arch/msg/cose/OeefCDcgh-iUDcBcjWNr9_GGjx8>
Subject: Re: [COSE] [jose] Call for Adoption: draft-ajitomi-cose-cose-key-jwk-hpke-kem
X-BeenThere: cose@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: CBOR Object Signing and Encryption <cose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/cose>, <mailto:cose-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cose/>
List-Post: <mailto:cose@ietf.org>
List-Help: <mailto:cose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/cose>, <mailto:cose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 16 Apr 2023 21:33:37 -0000
> > Yes, I believe the JWK and COSE Key Representations for HPKE should be > defined together. So, could I understand that you agree to the adoption of this draft into the WG document? Or do you think there are things that need to be done before adoption? 2023年4月17日(月) 5:24 Orie Steele <orie@transmute.industries>: > Inline: > > On Sun, Apr 16, 2023 at 3:10 PM AJITOMI Daisuke <ajitomi@gmail.com> wrote: > >> Hi Orie, >> >> > 8812 defined an "alg" and key representations for JWK and COSE Key in >> one document. >> >> At least, I want to define both key representations and alg values in the >> same draft if possible as I mentioned in the previous mail as follows: >> >> > > If this draft is adopted as a working group document, I was thinking >> of proposing to move the definition of alg values from the COSE-HPKE spec >> to this draft. >> >> And I don't think defining alg values other than HPKE-v1-Base beforehand >> is as bad an idea as Ilari suggests. >> >> The mode-dependent processing in HPKE is all confined to the KEM step and >> all HPKE modes are clearly defined within the HPKE spec (RFC9180), and it >> is evident that this does not affect the key representation for KEM and the >> "hkc" structure. >> >> I thought you believed that JWK and COSE_Key for HPKE should be defined >> simultaneously (in the same draft), or am I mistaken? >> If you think JWK and COSE_Key should be defined together, separating the >> key representation draft from the COSE-HPKE might not be a bad idea. >> >> > Yes, I believe the JWK and COSE Key Representations for HPKE should be > defined together. > > I would have started with this part, since HPKE assumes the sender has the > recipient's key, and that they have agreed to mutually supported algorithms. > > Holding a restricted key is a natural way to capture this assumption, > although it is not the only way to achieve it. > > >> Best, >> AJITOMI Daisuke >> >> 2023年4月16日(日) 23:09 Orie Steele <orie@transmute.industries>: >> >>> >>> Inline: >>> >>> On Sun, Apr 16, 2023 at 7:06 AM AJITOMI Daisuke <ajitomi@gmail.com> >>> wrote: >>> >>>> Hi Orie, >>>> >>>> Sorry for the late reply. I think I will be able to respond more >>>> quickly starting from this week... >>>> Thank you for the feedback on my draft. >>>> >>>> I think there are several topics mixed in this thread, but first, I'd >>>> like to comment on whether this draft should be merged into the existing >>>> COSE-HPKE spec. >>>> >>>> >>> Agreed, Laurence has summarized them well. >>> >>> 1. "alg" in Headers >>> 2. "alg" & "kty" in COSE Key and JWK >>> 3. Negotiation of "alg" >>> >>> The reasons why I proposed this draft as an independent specification >>>> separate from COSE-HPKE are as follows: >>>> >>>> a) I wanted to define not only COSE_Key but also JWK representation >>>> together for HPKE. This is the biggest reason. >>>> >>> >>> 8812 defined an "alg" and key representations for JWK and COSE Key in >>> one document. >>> >>> - https://www.rfc-editor.org/rfc/rfc8812 >>> >>> >>>> >>>> b) Key representation is essentially independent of the COSE message >>>> format and can be used for various applications unrelated to COSE or JOSE. >>>> As I mentioned in the slides for IETF116, I thought it would be beneficial >>>> for applications using HPKE for end-to-end encryption over HTTP if the HPKE >>>> recipient's public key could be published at the .well-known/jwks endpoint. >>>> COSE_Key representation may also be useful for CoAP-based end-to-end >>>> encryption apps in the same way. >>>> >>>> >>> Yes, I agree that representing keys in JSON and CBOR is valuable to >>> many use cases outside of COSE and JOSE. >>> >>> c) I wanted to consolidate the definitions of all expected alg values >>>> (HPKE-v1-{Base, Auth, PSK, AuthPSK}) into one document. Although I had >>>> agreed with the opinion that the COSE-HPKE should focus only on the Base >>>> mode, I thought it would be better to have all alg values for HPKE modes >>>> consolidated into one document. If this draft is adopted as a working group >>>> document, I was thinking of proposing to move the definition of alg values >>>> from the COSE-HPKE spec to this draft. >>>> >>>> Regarding (a), for example, the key representation for secp256k1 has >>>> both JWK and COSE_Key formats defined (RFC8812), and the recent >>>> post-quantum key representation proposed by Mike Prorock also has both JWK >>>> and COSE_Key formats defined. >>>> >>> >>> Yes, I generated the current JWK / JWS test vectors for those drafts, >>> the first thing I did, was the key format... the second thing I did was the >>> envelope format for the signatures: >>> >>> >>> https://github.com/mesur-io/post-quantum-signatures/blob/main/test-vectors/suites/dilithium-pqcrypto/jwk.js >>> >>> https://github.com/mesur-io/post-quantum-signatures/blob/main/test-vectors/suites/dilithium-pqcrypto/jws.js >>> >>> When I implemented the signature interface, it took a JWK private key, >>> not a "raw dilithium 3 private key"... the thought process there was that >>> it should reject a key that had been restricted to a different algorithm... >>> >>> Meaning you can always ask for ES256K from a key restricted to EdDSA... >>> but that should error, before an expensive / sensitive operation is >>> attempted. >>> >>> Same thing on the verify side: >>> The verify interface takes a public key in JWK format, not a "raw >>> dilithium 3 public key". >>> You can try to verify ES256K with a key restricted to EdDSA... that >>> should also error, before an expensive / sensitive operation is attempted. >>> >>> It is natural to ask for an operation from a key that is restricted to a >>> single algorithm, this won't always be the case, since "alg" is optional, >>> but it should be well supported for developers who want to build safer APIs. >>> >>> If we follow recent conventions, it would be better to define both >>>> COSE_Key and JWK representations together, don't you think? As I also >>>> mentioned in the slides for IETF116, in the EUDCC (EU Digital COVID >>>> Certificate) where COSE has been adopted, the public keys for signature >>>> verification were distributed in JWK format. JWK format is also useful for >>>> COSE. >>>> >>>> >>> Yes, I agree they should be done together, see RFC 8812. >>> >>> I disagree that they should be done separate from "alg", here is a short >>> list of RFCs that define both "alg" and "kty" / "crv" together: >>> >>> - https://www.rfc-editor.org/rfc/rfc8812 >>> - https://www.rfc-editor.org/rfc/rfc8037 >>> - https://www.rfc-editor.org/rfc/rfc8152.html >>> >>> >>>> If it is concluded that JWK should not be defined together, and that >>>> the definition of key representation should be limited to the HPKE Base >>>> mode, and that other HPKE modes should not be defined at this point, then >>>> it may indeed be better to merge this draft into the COSE-HPKE spec. On the >>>> other hand, if there is room for discussion on these issues, I think it >>>> would be appropriate to consider it as an independent draft currently. We >>>> can merge it into the COSE-HPKE spec at any time. What do you think? >>>> >>>> >>> I think you should continue working on it as an I-D, find co-authors, >>> implement library support for it, confirm your representations align with >>> previous libraries, and conventions their uses will assume, and continue to >>> press COSE HPKE to integrate reasonable key representation into the same >>> document that discussed "senders" and "recipients" and assumed "they have >>> already obtained each other's keys" : ) >>> >>> I recommend reviewing the experience provided here: >>> >>> - >>> https://github.com/panva/jose/blob/a505724d72705b8bfab8026af45678b2a5534bf4/docs/classes/jwe_general_encrypt.GeneralEncrypt.md >>> - https://github.com/potatosalad/erlang-jose >>> - https://docs.authlib.org/en/latest/jose/jwe.html >>> - https://github.com/cisco/cjose/blob/master/src/jwe.c >>> - https://github.com/digitalbazaar/minimal-cipher >>> >>> You might also look at previous related drafts: >>> >>> - https://datatracker.ietf.org/doc/html/draft-madden-jose-ecdh-1pu-04 >>> >>> >>>> Best, >>>> AJITOMI Daisuke >>>> >>>> 2023年4月16日(日) 14:12 Ilari Liusvaara <ilariliusvaara@welho.com>: >>>> >>>>> On Sat, Apr 15, 2023 at 10:33:37AM -0500, Orie Steele wrote: >>>>> > Thank you for this wonderful breakdown! >>>>> > >>>>> > On Fri, Apr 14, 2023 at 4:00 PM Laurence Lundblade < >>>>> lgl@island-resort.com> >>>>> > wrote: >>>>> > >>>>> > When we say "public key" in a CRFG document, I think it is >>>>> reasonable to >>>>> > assume no specific representation (JWK, COSE Key, PGP, etc...) >>>>> > >>>>> > As a side note, HPKE requires more than just having a recipient >>>>> public key, >>>>> > it also requires knowledge of the recipient supported algorithms... >>>>> (this >>>>> > is extremely obvious per the security considerations). >>>>> > It is natural to assume this will be solved differently in COSE, PGP, >>>>> > etc... >>>>> > Maybe it is in the key representation, maybe it is via negotiation, >>>>> as you >>>>> > mentioned earlier... >>>>> > >>>>> > But it has to actually be solved for, or the sender is just guessing >>>>> that >>>>> > the recipient will be able to process their messages. >>>>> >>>>> Well, in store-and-forward system like COSE or JOSE, there are really >>>>> only two ways: >>>>> >>>>> - negotiation. >>>>> - assume based on application. >>>>> >>>>> And when it comes to COSE and JOSE, there are no usable negotation >>>>> capabilties, so it is the latter: assuming based on application. >>>>> >>>>> >>>>> > When we say "public key" in a COSE WG document, >>>>> > folks will want to be sure if we are talking about the "abstract >>>>> concept of >>>>> > a public key" >>>>> > or a concrete serialization conforming to normative requirements (JWK >>>>> > Public Key or COSE Public Key). >>>>> > >>>>> > Holding a JWK or COSE "public key" with an algorithm, 🔥 has >>>>> historically >>>>> > meant 🔥 holding a recipient's encryption preferences. >>>>> >>>>> No, this is not correct. And this has been the case since the first >>>>> RFCs for both. >>>>> >>>>> >>>>> > There is no precedent for COSE Key or JWK containing "preferences for >>>>> > parameterization" in addition to a "restriction of key use". >>>>> >>>>> However, there is precedent for parametrization. For both COSE and >>>>> JOSE, since the first RFCs. >>>>> >>>>> >>>>> > You can imagine COSE HPKE asking IANA to update the COSE registry to >>>>> > communicate that "hkc" is bound to a specific value of "alg", >>>>> similar to >>>>> > how -27 is bound to "kty". >>>>> > (! 🔥 kty and alg confusion intensifies... ) >>>>> >>>>> There is no precedent for key parameter being bound to "alg". Being >>>>> bound to "kty" yes (that is the difference between the two kinds of >>>>> key parameters in COSE). And in JOSE, analogous split exists, even if >>>>> it is not explicit in registeries. >>>>> >>>>> >>>>> > ... I prefer to imagine requesting registration of a few good >>>>> choices for >>>>> > HPKE COSE (to start), and not importing every option under the sun by >>>>> > default from the CFRG established registries here: >>>>> > >>>>> > How many other preferences would we need to register? Only the ones >>>>> people >>>>> > actually want to use, and *they* need to do *some* work to justify >>>>> why this >>>>> > is a good idea... >>>>> >>>>> With a few plausible extensions to HPKE, over 70. >>>>> >>>>> As for how many there currently would be, either 12 or *none at all*, >>>>> depending on how exactly one defines things. >>>>> >>>>> >>>>> > we don't just hand out a blank check, and leave COSE implementers on >>>>> the >>>>> > hook for an ever expanding bill of CFRG registered algorithms. >>>>> >>>>> Currently, it is not COSE-HPKE that is on the hook for HPKE algorithms, >>>>> it is HPKE itself. Just modified my test code to make the following >>>>> work (with COSE-HPKE code having absolutely no idea what is going on): >>>>> >>>>> $ target/debug/cose-hpke-keygen /tmp/mystery-key.key TYPE21 >>>>> $ echo "The crow flies at midnight" >/tmp/message >>>>> $ target/debug/cose-hpke-encrypt --algorithm=TYPE2 /tmp/message >>>>> /tmp/mystery-key.key.pub >>>>> $ target/debug/cose-hpke-decrypt /tmp/message.chpke >>>>> /tmp/mystery-key.key.priv >>>>> $ cat /tmp/message.chpke.decrypted >>>>> The crow flies at midnight >>>>> $ >>>>> >>>>> In contrast, registering explicit algs would make COSE implementers to >>>>> be on hook for the bill. >>>>> >>>>> And for JWK, explicit algs is non-starter. >>>>> >>>>> >>>>> > HPKE is not actually usable in COSE without some work from this >>>>> working >>>>> > group, >>>>> > we should not defer our responsibility to the (first ever, IIRC) CFRG >>>>> > established registry, >>>>> > it is not going to feel good for developers, if we try to start a 5 >>>>> guy >>>>> > revolution while the world is trying to upgrade to post quantum >>>>> encryption. >>>>> >>>>> HPKE and its implementation has to update anyway for post-quantum. >>>>> >>>>> But does COSE-HPKE and its implementation *also* have to update for >>>>> post-quantum? >>>>> >>>>> With updated HPKE implementation, in the example above, replacing >>>>> "TYPE21" with "TYPE30" would have enabled Post-Quantum. >>>>> >>>>> TODO: Make the code dynamically link against HPKE library. >>>>> >>>>> >>>>> > > Up until COSE_HPKE, 1) and 2) are a single integer ciphersuite. >>>>> Probably >>>>> > > anyone doing 3) up to until COSE_HPKE would also use the single >>>>> integer too. >>>>> > > >>>>> > >>>>> > Agreed. >>>>> >>>>> I don't agree. Even ignoring keys, no single integer ciphersuite ever >>>>> existed in COSE. >>>>> >>>>> >>>>> > > draft-ietf-cose-hpke has addressed 1) with the new >>>>> HPKE_sender_info header >>>>> > > parameter. Now the algorithm used is a special ciphersuite >>>>> identifier that >>>>> > > indicates further details in an additional parameter. >>>>> > > >>>>> > Agreed, there are "proposals for revolution", which I am all for, if >>>>> they >>>>> > are coming from enough reviewers / implementers. >>>>> > I am happy to withdraw my objection if overwhelmed by counter >>>>> arguments, I >>>>> > don't find the current arguments from Ilari compelling, but I >>>>> appreciate >>>>> > his consistent engagement. >>>>> >>>>> If performing asymmetric encryption with COSE or JOSE, there is already >>>>> further details in additional parameter. >>>>> >>>>> >>>>> > > - In COSE_HPKE we’re requiring algorithm identification be made up >>>>> of a >>>>> > > special ciphersuite and a triple. This will/should apply in all >>>>> contexts >>>>> > > where COSE algorithm IDs are used. Maybe we should try to unify >>>>> the >>>>> > > definition of this in draft-ietf-cose-hpke >>>>> > > and draft-ajitomi-cose-cose-key-jwk-hpke-kem? >>>>> > > >>>>> > I don't think we need another document. >>>>> > >>>>> > I think we should bend the knee to convention in COSE HPKE, even >>>>> over the >>>>> > objections of Ilari and Daisuke... (assuming they persist in >>>>> advocating for >>>>> > parameterization of alg). >>>>> > >>>>> > UNLESS, we have clear consensus on proceeding with a revolution, for >>>>> that I >>>>> > would want to see a lot more engagement :) >>>>> >>>>> Well, speaking for myself, I will continue advocating parametrization. >>>>> >>>>> Engagement seems to be very limited for COSE-HPKE. >>>>> >>>>> >>>>> > > My opinions on 3) are: >>>>> > > - The use cases are too widely varying for anyone to define an >>>>> actual >>>>> > > protocol >>>>> > > - draft-ajitomi-cose-cose-key-jwk-hpke-kem can only work for a >>>>> small >>>>> > > fraction of negotiation use cases — those that use COSE_Key for >>>>> negotiation >>>>> > > - We might generalize the HPKE COSE algorithm identifier >>>>> definition so the >>>>> > > same thing can be used for 1), 2) and 3). That is probably >>>>> splitting HPKE_sender_info >>>>> > > into two, one structure that is the algorithm ID and one is the >>>>> enc info. >>>>> > > We still wouldn’t define actual protocol for 3) but we would have >>>>> a clear >>>>> > > common method for COSE HPKE algorithm identification that anyone >>>>> could use >>>>> > > for their use-case specific negotiation protocol. >>>>> > > >>>>> > I agree with you on 3. >>>>> >>>>> I do not see how that would work. >>>>> >>>>> And I think that negotiation mechanism that would work for majority of >>>>> use cases would be straightforward extension of the key draft. No >>>>> splitting needed. >>>>> >>>>> The question is, given that we have not needed negotiation mechanism in >>>>> the past, why do we need one now? >>>>> >>>>> >>>>> >>>>> -Ilari >>>>> >>>>> _______________________________________________ >>>>> COSE mailing list >>>>> COSE@ietf.org >>>>> https://www.ietf.org/mailman/listinfo/cose >>>>> >>>> >>> >>> -- >>> *ORIE STEELE* >>> Chief Technical Officer >>> www.transmute.industries >>> >>> <https://www.transmute.industries> >>> >> > > -- > *ORIE STEELE* > Chief Technical Officer > www.transmute.industries > > <https://www.transmute.industries> >
- [COSE] Call for Adoption: draft-ajitomi-cose-cose… Ivaylo Petrov
- Re: [COSE] Call for Adoption: draft-ajitomi-cose-… Ilari Liusvaara
- Re: [COSE] Call for Adoption: draft-ajitomi-cose-… Hannes Tschofenig
- Re: [COSE] Call for Adoption: draft-ajitomi-cose-… Mike Prorock
- Re: [COSE] Call for Adoption: draft-ajitomi-cose-… Orie Steele
- Re: [COSE] Call for Adoption: draft-ajitomi-cose-… Ilari Liusvaara
- Re: [COSE] Call for Adoption: draft-ajitomi-cose-… Orie Steele
- Re: [COSE] Call for Adoption: draft-ajitomi-cose-… Ilari Liusvaara
- Re: [COSE] Call for Adoption: draft-ajitomi-cose-… Orie Steele
- Re: [COSE] Call for Adoption: draft-ajitomi-cose-… Laurence Lundblade
- Re: [COSE] Call for Adoption: draft-ajitomi-cose-… Orie Steele
- Re: [COSE] Call for Adoption: draft-ajitomi-cose-… Ilari Liusvaara
- Re: [COSE] Call for Adoption: draft-ajitomi-cose-… Ilari Liusvaara
- Re: [COSE] Call for Adoption: draft-ajitomi-cose-… Laurence Lundblade
- Re: [COSE] Call for Adoption: draft-ajitomi-cose-… Ilari Liusvaara
- Re: [COSE] Call for Adoption: draft-ajitomi-cose-… Orie Steele
- Re: [COSE] Call for Adoption: draft-ajitomi-cose-… Ilari Liusvaara
- Re: [COSE] Call for Adoption: draft-ajitomi-cose-… Laurence Lundblade
- Re: [COSE] Call for Adoption: draft-ajitomi-cose-… Orie Steele
- Re: [COSE] [jose] Call for Adoption: draft-ajitom… Ilari Liusvaara
- Re: [COSE] [jose] Call for Adoption: draft-ajitom… Ilari Liusvaara
- Re: [COSE] [jose] Call for Adoption: draft-ajitom… AJITOMI Daisuke
- Re: [COSE] [jose] Call for Adoption: draft-ajitom… Orie Steele
- Re: [COSE] [jose] Call for Adoption: draft-ajitom… Ilari Liusvaara
- Re: [COSE] [jose] Call for Adoption: draft-ajitom… Laurence Lundblade
- Re: [COSE] [jose] Call for Adoption: draft-ajitom… Orie Steele
- Re: [COSE] [jose] Call for Adoption: draft-ajitom… AJITOMI Daisuke
- Re: [COSE] [jose] Call for Adoption: draft-ajitom… AJITOMI Daisuke
- Re: [COSE] [jose] Call for Adoption: draft-ajitom… Orie Steele
- Re: [COSE] [jose] Call for Adoption: draft-ajitom… Ilari Liusvaara
- Re: [COSE] [jose] Call for Adoption: draft-ajitom… AJITOMI Daisuke
- Re: [COSE] [jose] Call for Adoption: draft-ajitom… Orie Steele
- Re: [COSE] [jose] Call for Adoption: draft-ajitom… Ilari Liusvaara
- Re: [COSE] [jose] Call for Adoption: draft-ajitom… Ilari Liusvaara
- Re: [COSE] [jose] Call for Adoption: draft-ajitom… AJITOMI Daisuke
- Re: [COSE] [jose] Call for Adoption: draft-ajitom… AJITOMI Daisuke
- Re: [COSE] [jose] Call for Adoption: draft-ajitom… Orie Steele
- Re: [COSE] [jose] Call for Adoption: draft-ajitom… AJITOMI Daisuke
- Re: [COSE] [jose] Call for Adoption: draft-ajitom… Orie Steele
- Re: [COSE] [jose] Call for Adoption: draft-ajitom… Ilari Liusvaara
- Re: [COSE] [jose] Call for Adoption: draft-ajitom… Ilari Liusvaara
- Re: [COSE] [jose] Call for Adoption: draft-ajitom… Orie Steele
- Re: [COSE] [jose] Call for Adoption: draft-ajitom… AJITOMI Daisuke
- Re: [COSE] [jose] Call for Adoption: draft-ajitom… Ilari Liusvaara
- Re: [COSE] [jose] Call for Adoption: draft-ajitom… Orie Steele
- Re: [COSE] [jose] Call for Adoption: draft-ajitom… Laurence Lundblade
- Re: [COSE] [jose] Call for Adoption: draft-ajitom… AJITOMI Daisuke
- Re: [COSE] [jose] Call for Adoption: draft-ajitom… Laurence Lundblade
- Re: [COSE] [jose] Call for Adoption: draft-ajitom… Ilari Liusvaara
- Re: [COSE] [jose] Call for Adoption: draft-ajitom… AJITOMI Daisuke
- Re: [COSE] [jose] Call for Adoption: draft-ajitom… Laurence Lundblade
- Re: [COSE] [jose] Call for Adoption: draft-ajitom… Ilari Liusvaara
- Re: [COSE] [EXT] Re: [jose] Call for Adoption: dr… Blumenthal, Uri - 0553 - MITLL
- Re: [COSE] [jose] Call for Adoption: draft-ajitom… Laurence Lundblade
- Re: [COSE] [jose] Call for Adoption: draft-ajitom… Ilari Liusvaara
- Re: [COSE] [jose] Call for Adoption: draft-ajitom… Laurence Lundblade
- Re: [COSE] [jose] Call for Adoption: draft-ajitom… Laurence Lundblade
- Re: [COSE] [jose] Call for Adoption: draft-ajitom… Hannes Tschofenig
- Re: [COSE] [jose] Call for Adoption: draft-ajitom… Ilari Liusvaara
- Re: [COSE] [jose] Call for Adoption: draft-ajitom… AJITOMI Daisuke
- Re: [COSE] [jose] Call for Adoption: draft-ajitom… AJITOMI Daisuke
- Re: [COSE] [jose] Call for Adoption: draft-ajitom… Laurence Lundblade
- Re: [COSE] [jose] Call for Adoption: draft-ajitom… AJITOMI Daisuke
- Re: [COSE] [jose] Call for Adoption: draft-ajitom… Ilari Liusvaara
- Re: [COSE] [jose] Call for Adoption: draft-ajitom… AJITOMI Daisuke
- Re: [COSE] [jose] Call for Adoption: draft-ajitom… Ilari Liusvaara
- Re: [COSE] [jose] Call for Adoption: draft-ajitom… AJITOMI Daisuke
- Re: [COSE] [jose] Call for Adoption: draft-ajitom… Laurence Lundblade
- Re: [COSE] [jose] Call for Adoption: draft-ajitom… Laurence Lundblade
- Re: [COSE] [jose] Call for Adoption: draft-ajitom… Ilari Liusvaara
- Re: [COSE] [jose] Call for Adoption: draft-ajitom… Ilari Liusvaara