[COSE] Re: WGLC for draft-ietf-cose-hpke-13
Thomas Fossati <thomas.fossati@linaro.org> Tue, 17 June 2025 11:32 UTC
Return-Path: <thomas.fossati@linaro.org>
X-Original-To: cose@mail2.ietf.org
Delivered-To: cose@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id 3410835E2060 for <cose@mail2.ietf.org>; Tue, 17 Jun 2025 04:32:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -2.1
X-Spam-Level:
X-Spam-Status: No, score=-2.1 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (2048-bit key) header.d=linaro.org
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7zbXjel38BF0 for <cose@mail2.ietf.org>; Tue, 17 Jun 2025 04:32:58 -0700 (PDT)
Received: from mail-ed1-x52c.google.com (mail-ed1-x52c.google.com [IPv6:2a00:1450:4864:20::52c]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id B235C35E205B for <cose@ietf.org>; Tue, 17 Jun 2025 04:32:58 -0700 (PDT)
Received: by mail-ed1-x52c.google.com with SMTP id 4fb4d7f45d1cf-60780d74c8cso10139007a12.2 for <cose@ietf.org>; Tue, 17 Jun 2025 04:32:58 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1750159978; x=1750764778; darn=ietf.org; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:from:to:cc:subject:date:message-id:reply-to; bh=HhiCjuajwihTm8VsZeEFSyCG80XGl1yU30hnsO2Ses4=; b=NZMF/dR5zR76j4hofibPq2etM4fC5S2Vmsb5mkSGbAT52PwZ2X1OLbBY68/QfDi3Cf BYw5XUuOKWXCCxW/QkSulDYmZ7Cj6IMl5/W5ErHeBKqZzuyeRJhLVk09ziTaFxLiZxal rvrZM0WnPoiyOWCNnbJu6Zh6TGg0ghMWdBzLyyrSxB/QM9aMKeSmu2/Uj58SK9Nr02+Y G2c1eqxFDYKAHzg2E/p58xtnvk9hSrU0j33Fop78FoWLjuMvrwhBQJ0SFizjnwEQ5Bdi XCSu8/DO2N8RE+ubaV7FI6H2llbOZydJxath50KAonh3SccjqSZVTpMr2pTo7KO6ntJ1 GbDA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1750159978; x=1750764778; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=HhiCjuajwihTm8VsZeEFSyCG80XGl1yU30hnsO2Ses4=; b=SLpnR5Mq6FONourBUrJBkP1ST/AbUJp4odGhs6DUmyf1gqtfD1+wqZNepBFvC65MGF Pc0k3As0OWumaWU1wQKGHfCwaTxErC9lyTy9VQU/mIZPTe29JJqDRGOrDPlcFeLkWFS1 2lxj8W7WKUpbRdvD/nWTfPwnk+BQGgdnPx507xWMs9Oj7lLvK8+/DxL7wZBBEWaxxdbO nPbPFbB77Ssdxv/aD1PF82T33CaV7KzCui99pdLLzejwPDa2xDNKImNGHiAdztWx/Y4z iSIvZXRJx+Kep52+W8MuhwCbLJ6M1AaPLplW6dkJq75eMmDoHyrnTcEBFrqFxPkjr6ZP G3ew==
X-Gm-Message-State: AOJu0YxHi0ppq1MGj9hBclQ6Z0C/OhXTVc5DdIRCqf3GE4tIfO4BwmmG +HfeQzM26TRF+14r2v4sLp5ZeGgbohmUXIyWz1RIPN+TcnZ78BHCaAtCMRNIcNBJ+VvBJOn5wnl eN91Q
X-Gm-Gg: ASbGnctIdOQXuIPrPqiS9BXaS4fXl87bynmfSkIDJARgOXxUfLy90i+TEmdWH/m4Kko 2eTpB8HCl4FRLG19OqRgQ86Ia7LnohMzI05/4uIFpzBM9SSrbmE7kpN6JdIOSzqHUhAvjQkp+ZL hAklcYR+W4aNjxC+wAIY4m6VVmqVdunfEG1mQ7FIH+H3FMto8NmoH3CCS57p1XvMaj+BhqUPa5b VRbat4OjwHofB5FqBFRP5eRrA+DCiVeDtQ+057G76rQDsL+KxL1tVE8BJPnUTP7HV5opKcLR1gY R4UsjvULtZDN+unxvlruiX6Mgxi2DJzPxGDgcajazoGrpPnOhTVqQFJZe48F8CbMIpWEMhk5WDe gct5OucDax3uKkkMk4SNe/JC3E74=
X-Google-Smtp-Source: AGHT+IHIUTeWCl4sZpxAP8pkZolL6n2gR2LYrix2DeTSVQuUGH1BOaPTgpJvwdKVzMai0Fw146RE8w==
X-Received: by 2002:a17:907:d23:b0:add:fc26:c1c4 with SMTP id a640c23a62f3a-adfad534e86mr1185368466b.59.1750159977589; Tue, 17 Jun 2025 04:32:57 -0700 (PDT)
Received: from tho-mbp.home ([2a02:1210:6ac5:f500:1cfe:a85d:3d40:7c53]) by smtp.gmail.com with ESMTPSA id 4fb4d7f45d1cf-608b4a93b47sm7826285a12.64.2025.06.17.04.32.55 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 17 Jun 2025 04:32:57 -0700 (PDT)
Date: Tue, 17 Jun 2025 13:32:54 +0200
From: Thomas Fossati <thomas.fossati@linaro.org>
To: Michael Jones <michael_b_jones@hotmail.com>
Message-ID: <z27n5dj254sctwsfxj2jd2e4txla6skceu5hzi4egr57cng7td@svesf2k227rr>
References: <PH7PR02MB9292EAE69687BA443627B95BB76CA@PH7PR02MB9292.namprd02.prod.outlook.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Content-Disposition: inline
In-Reply-To: <PH7PR02MB9292EAE69687BA443627B95BB76CA@PH7PR02MB9292.namprd02.prod.outlook.com>
Message-ID-Hash: XPF5R5YL6URAHHH3KUJWCCMTOLP3XXLN
X-Message-ID-Hash: XPF5R5YL6URAHHH3KUJWCCMTOLP3XXLN
X-MailFrom: thomas.fossati@linaro.org
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-cose.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: "cose@ietf.org" <cose@ietf.org>
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [COSE] Re: WGLC for draft-ietf-cose-hpke-13
List-Id: CBOR Object Signing and Encryption <cose.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/cose/VdLZL-a_NE22e_HWjgRnCSuknUQ>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cose>
List-Help: <mailto:cose-request@ietf.org?subject=help>
List-Owner: <mailto:cose-owner@ietf.org>
List-Post: <mailto:cose@ietf.org>
List-Subscribe: <mailto:cose-join@ietf.org>
List-Unsubscribe: <mailto:cose-leave@ietf.org>
On Wed, Jun 04, 2025 at 08:28:52PM +0100, Michael Jones wrote: > This note starts a two-week Working Group Last Call (WGLC) for the Use > of Hybrid Public-Key Encryption (HPKE) with CBOR Object Signing and > Encryption (COSE) specification > https://www.ietf.org/archive/id/draft-ietf-cose-hpke-13.html. The > WGLC will run for two weeks, ending on Friday, June 20, 2025. > > Please review and send any comments or feedback to the COSE working > group at cose@ietf.org<mailto:cose@ietf.org>. Even if your feedback > is "this is ready for publication", please let us know. I hadn't read this draft before. At first glance, the mechanics look fine, but I may be missing some important details. Here are a few editorial comments from a quick scan of the document. ---- s/this documents/this document/ s/public key the sender/public key that the sender/ s/recipient protected/recipient-protected/ s/the whole COSE encrypt/the whole COSE_Encrypt0/ (or COSE_Encrypt???) s/public key the sender/public key that the sender/ I was unable to parse: "It also mitigates attacks where a person-in-the-middle changes the following layer algorithm from an AEAD algorithm to one that is not foiling the protection of the following layer headers)". Could this be simplified? Grammar: OLD When encrypting the content at layer 0 then the instructions in Section 5.3 of [RFC9052] MUST to be followed, which includes the calculation of the authenticated data strcture. NEW When encrypting the content at layer 0, the instructions in Section 5.3 of [RFC9052] MUST be followed, including the calculation of the authenticated data structure. Straighten a backwards sentence: OLD For the algorithms defined in this document, the valid combinations of the KEM, "kty" and "crv" are shown in Figure 1. NEW The valid combinations of KEM, "kty" and "crv" for the algorithms defined in this document are shown in Figure 1. s/to some extend/to some extent/ s/maintain the tradeoff between/strike a balance between/ s/consitute/constitute/ s/examples that shows/examples that show/ some mildly invalid EDN: * Figure 2: extra commas * Figure 3: extra commas s/COSE_MAC/COSE_Mac/ s/COSE_MAC0/COSE_Mac0/ s/random number generations/random number generation/ De-clunkify paragraph: OLD HPKE assumes the sender is in possession of the public key of the recipient and HPKE COSE makes the same assumptions. Hence, some form of public key distribution mechanism is assumed to exist but outside the scope of this document. NEW Both HPKE and HPKE COSE assume that the sender possesses the recipient's public key. Therefore, some form of public key distribution mechanism is assumed to exist, but this is outside the scope of this document. The IANA registration requests appear as an inextricable cluster . I suggest adding an NL to separate the blocks logically. ----- cheers, t > Note that this WGLC is intentionally running concurrently with a JOSE > WGLC for > https://www.ietf.org/archive/id/draft-ietf-jose-hpke-encrypt-08.html > because the drafts are closely related and their functionality is > intended to be aligned. Please reply to the JOSE WGLC on the > jose@ietf.org<mailto:jose@ietf.org> mailing list. > > Thank you, > -- Mike and Ivaylo, COSE Chairs >
- [COSE] WGLC for draft-ietf-cose-hpke-13 Michael Jones
- [COSE] Re: WGLC for draft-ietf-cose-hpke-13 Aritra Banerjee (Nokia)
- [COSE] Re: WGLC for draft-ietf-cose-hpke-13 Thomas Fossati
- [COSE] Re: WGLC for draft-ietf-cose-hpke-13 Michael Prorock
- [COSE] Re: WGLC for draft-ietf-cose-hpke-13 Laurence Lundblade
- [COSE] Re: WGLC for draft-ietf-cose-hpke-13 Akira Tsukamoto gmail
- [COSE] Re: WGLC for draft-ietf-cose-hpke-13 Sophie Schmieg
- [COSE] Re: WGLC for draft-ietf-cose-hpke-13 Ilari Liusvaara
- [COSE] Re: WGLC for draft-ietf-cose-hpke-13 Hannes Tschofenig
- [COSE] Re: WGLC for draft-ietf-cose-hpke-13 Renzo Navas
- [COSE] Re: WGLC for draft-ietf-cose-hpke-13 Ilari Liusvaara
- [COSE] Re: WGLC for draft-ietf-cose-hpke-13 Ilari Liusvaara
- [COSE] Re: WGLC for draft-ietf-cose-hpke-13 Laurence Lundblade
- [COSE] Re: WGLC for draft-ietf-cose-hpke-13 Liuchunchi(Peter)
- [COSE] Re: WGLC for draft-ietf-cose-hpke-13 Hannes Tschofenig
- [COSE] Re: WGLC for draft-ietf-cose-hpke-13 Marco Tiloca
- [COSE] Re: WGLC for draft-ietf-cose-hpke-13 AJITOMI Daisuke
- [COSE] Re: WGLC for draft-ietf-cose-hpke-13 Michael Jones
- [COSE] Re: WGLC for draft-ietf-cose-hpke-13 Ilari Liusvaara