Re: [COSE] COSE Support for AES-CTR and AES-CBC
"Arciszewski, Scott" <scottarc@amazon.com> Thu, 27 October 2022 17:52 UTC
Return-Path: <prvs=292251758=scottarc@amazon.com>
X-Original-To: cose@ietfa.amsl.com
Delivered-To: cose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6B1E0C14F74C for <cose@ietfa.amsl.com>; Thu, 27 Oct 2022 10:52:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.18
X-Spam-Level:
X-Spam-Status: No, score=-10.18 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.571, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, USER_IN_DEF_SPF_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=amazon.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id y8NeF0GWr57p for <cose@ietfa.amsl.com>; Thu, 27 Oct 2022 10:52:31 -0700 (PDT)
Received: from smtp-fw-80006.amazon.com (smtp-fw-80006.amazon.com [99.78.197.217]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 465F0C14F693 for <cose@ietf.org>; Thu, 27 Oct 2022 10:52:31 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amazon.com; i=@amazon.com; q=dns/txt; s=amazon201209; t=1666893152; x=1698429152; h=from:to:date:message-id:references:in-reply-to: mime-version:subject; bh=PeNermf+B2Gisqr8ztUC/2+vktiRU92j5UuAqBuO8JU=; b=LEaw5iF8b0gr435wQIeT8gX51bQYDQ5fN4f5SApv5MRVqUu7Q10Tl+O8 x+jgMksTHiLMTHcOzh/co1Hap0NHwts1GZOLEgFC5w6k4eYv3U2ZtXKi8 aAky5dNEOseVkZxlA4kn6QJ4wSlCnzswPtEMeg0+KrMrXcnJcY1hn9QFD I=;
X-IronPort-AV: E=Sophos;i="5.95,218,1661817600"; d="scan'208,217";a="145080829"
Thread-Topic: [COSE] COSE Support for AES-CTR and AES-CBC
Received: from pdx4-co-svc-p1-lb2-vlan2.amazon.com (HELO email-inbound-relay-iad-1a-m6i4x-366646a6.us-east-1.amazon.com) ([10.25.36.210]) by smtp-border-fw-80006.pdx80.corp.amazon.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 27 Oct 2022 17:52:29 +0000
Received: from EX13D45EUC002.ant.amazon.com (iad12-ws-svc-p26-lb9-vlan2.iad.amazon.com [10.40.163.34]) by email-inbound-relay-iad-1a-m6i4x-366646a6.us-east-1.amazon.com (Postfix) with ESMTPS id 17ECDA3D99; Thu, 27 Oct 2022 17:52:26 +0000 (UTC)
Received: from EX19D016EUC002.ant.amazon.com (10.252.51.183) by EX13D45EUC002.ant.amazon.com (10.43.164.25) with Microsoft SMTP Server (TLS) id 15.0.1497.42; Thu, 27 Oct 2022 17:52:25 +0000
Received: from EX19D016EUC003.ant.amazon.com (10.252.51.244) by EX19D016EUC002.ant.amazon.com (10.252.51.183) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1118.15; Thu, 27 Oct 2022 17:52:25 +0000
Received: from EX19D016EUC003.ant.amazon.com ([fe80::9d05:20d9:966f:795c]) by EX19D016EUC003.ant.amazon.com ([fe80::9d05:20d9:966f:795c%3]) with mapi id 15.02.1118.015; Thu, 27 Oct 2022 17:52:25 +0000
From: "Arciszewski, Scott" <scottarc@amazon.com>
To: "Zundel, Brent" <brent.zundel=40avast.com@dmarc.ietf.org>, "cose@ietf.org" <cose@ietf.org>
Thread-Index: AQHY6hrmxhpNxb2w10SzArOT2vCIgq4ihVD/
Date: Thu, 27 Oct 2022 17:52:25 +0000
Message-ID: <a69db82e96374a36b1f7164da3c5556e@amazon.com>
References: <CAGi82uNOmJJdO2HKcE8M491Vv_PLgk8J8vvfsEE88CMZkmALmw@mail.gmail.com>
In-Reply-To: <CAGi82uNOmJJdO2HKcE8M491Vv_PLgk8J8vvfsEE88CMZkmALmw@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.43.62.229]
Content-Type: multipart/alternative; boundary="_000_a69db82e96374a36b1f7164da3c5556eamazoncom_"
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/cose/gHOYCIkgwytr-VvgH9a0DPBdMYU>
Subject: Re: [COSE] COSE Support for AES-CTR and AES-CBC
X-BeenThere: cose@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: CBOR Object Signing and Encryption <cose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/cose>, <mailto:cose-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cose/>
List-Post: <mailto:cose@ietf.org>
List-Help: <mailto:cose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/cose>, <mailto:cose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 27 Oct 2022 17:52:32 -0000
Thank you for this additional context about IANA and JOSE. I find it very helpful. ________________________________ From: COSE <cose-bounces@ietf.org> on behalf of Zundel, Brent <brent.zundel=40avast.com@dmarc.ietf.org> Sent: Thursday, October 27, 2022 8:43:46 AM To: cose@ietf.org Subject: RE: [EXTERNAL][COSE] COSE Support for AES-CTR and AES-CBC CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you can confirm the sender and know the content is safe. Having only recently become aware of this thread, I apologize for the lateness of this, but feel compelled to share my concerns as well. While it is true that AES-CTR and AES-CBC have been included in RFCs for years, I would like to direct the attention of folks to the IANA registry for JOSE, where AES-CBC and AES-CTR are marked as 'Prohibited' for JOSE Implementations. I don't understand going to the effort of defining AES-CTR and AES-CBC for CBOR when these modes are already recognized elsewhere as bad enough to prohibit. -- Brent Zundel Principle Crypto Engineer - Avast
- [COSE] Call for adoption of CBOR Object Signing a… Mike Jones
- Re: [COSE] Call for adoption of CBOR Object Signi… Hannes Tschofenig
- Re: [COSE] Call for adoption of CBOR Object Signi… Russ Housley
- Re: [COSE] Call for adoption of CBOR Object Signi… Ken Takayama
- Re: [COSE] Call for adoption of CBOR Object Signi… Brendan Moran
- Re: [COSE] Call for adoption of CBOR Object Signi… Emmanuel Baccelli
- [COSE] Call for adoption of CBOR Object Signing a… David Brown
- [COSE] Call for adoption of CBOR Object Signing a… Russ Housley
- Re: [COSE] Call for adoption of CBOR Object Signi… Mike Prorock
- Re: [COSE] Call for adoption of CBOR Object Signi… Orie Steele
- Re: [COSE] Call for adoption of CBOR Object Signi… Blumenthal, Uri - 0553 - MITLL
- Re: [COSE] Call for adoption of CBOR Object Signi… Mike Jones
- [COSE] COSE Support for AES-CTR and AES-CBC Russ Housley
- Re: [COSE] COSE Support for AES-CTR and AES-CBC Arciszewski, Scott
- Re: [COSE] COSE Support for AES-CTR and AES-CBC Russ Housley
- Re: [COSE] COSE Support for AES-CTR and AES-CBC Zundel, Brent
- Re: [COSE] COSE Support for AES-CTR and AES-CBC Russ Housley
- Re: [COSE] COSE Support for AES-CTR and AES-CBC Arciszewski, Scott
- Re: [COSE] COSE Support for AES-CTR and AES-CBC Sophie Schmieg
- Re: [COSE] COSE Support for AES-CTR and AES-CBC Russ Housley
- Re: [COSE] COSE Support for AES-CTR and AES-CBC Hannes Tschofenig
- Re: [COSE] COSE Support for AES-CTR and AES-CBC Stephen Farrell
- Re: [COSE] COSE Support for AES-CTR and AES-CBC Russ Housley
- Re: [COSE] COSE Support for AES-CTR and AES-CBC David Brown
- Re: [COSE] COSE Support for AES-CTR and AES-CBC Sophie Schmieg
- Re: [COSE] COSE Support for AES-CTR and AES-CBC Russ Housley
- Re: [COSE] COSE Support for AES-CTR and AES-CBC Carsten Bormann
- Re: [COSE] COSE Support for AES-CTR and AES-CBC Sophie Schmieg
- Re: [COSE] COSE Support for AES-CTR and AES-CBC Hannes Tschofenig
- Re: [COSE] COSE Support for AES-CTR and AES-CBC Carsten Bormann
- Re: [COSE] COSE Support for AES-CTR and AES-CBC Russ Housley
- Re: [COSE] COSE Support for AES-CTR and AES-CBC Russ Housley
- Re: [COSE] COSE Support for AES-CTR and AES-CBC Carsten Bormann
- Re: [COSE] COSE Support for AES-CTR and AES-CBC Carsten Bormann
- Re: [COSE] COSE Support for AES-CTR and AES-CBC Russ Housley
- Re: [COSE] COSE Support for AES-CTR and AES-CBC Brendan Moran
- Re: [COSE] COSE Support for AES-CTR and AES-CBC Brendan Moran
- Re: [COSE] COSE Support for AES-CTR and AES-CBC Ilari Liusvaara
- Re: [COSE] COSE Support for AES-CTR and AES-CBC Scott Fluhrer (sfluhrer)
- Re: [COSE] COSE Support for AES-CTR and AES-CBC Russ Housley
- Re: [COSE] COSE Support for AES-CTR and AES-CBC Russ Housley
- Re: [COSE] COSE Support for AES-CTR and AES-CBC Brendan Moran
- Re: [COSE] COSE Support for AES-CTR and AES-CBC Carsten Bormann
- Re: [COSE] COSE Support for AES-CTR and AES-CBC Russ Housley
- Re: [COSE] COSE Support for AES-CTR and AES-CBC Sophie Schmieg
- Re: [COSE] COSE Support for AES-CTR and AES-CBC Russ Housley
- Re: [COSE] COSE Support for AES-CTR and AES-CBC Russ Housley
- Re: [COSE] COSE Support for AES-CTR and AES-CBC David Brown
- Re: [COSE] COSE Support for AES-CTR and AES-CBC Brendan Moran