Re: [COSE] Wire-format ... was RE: Next steps with COSE-HPKE .... was RE: HPKE: Ephemeral public key encoding

Hannes Tschofenig <Hannes.Tschofenig@arm.com> Thu, 15 September 2022 15:02 UTC

Return-Path: <Hannes.Tschofenig@arm.com>
X-Original-To: cose@ietfa.amsl.com
Delivered-To: cose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6BD39C15259F for <cose@ietfa.amsl.com>; Thu, 15 Sep 2022 08:02:04 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.906
X-Spam-Level:
X-Spam-Status: No, score=-1.906 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, UNPARSEABLE_RELAY=0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=armh.onmicrosoft.com header.b=PkbT/IyY; dkim=pass (1024-bit key) header.d=armh.onmicrosoft.com header.b=PkbT/IyY
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id P2MknigLjFWc for <cose@ietfa.amsl.com>; Thu, 15 Sep 2022 08:02:00 -0700 (PDT)
Received: from EUR04-DB3-obe.outbound.protection.outlook.com (mail-eopbgr60049.outbound.protection.outlook.com [40.107.6.49]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CB147C152580 for <cose@ietf.org>; Thu, 15 Sep 2022 08:01:59 -0700 (PDT)
ARC-Seal: i=2; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=pass; b=SsiDZrw2BbfrimyfYxg4x3lutlFZTeEcKNYC0xv2Ro/MMU3dkigPTGAKdsBgU+WCb9qxexwjGMOUnPsNu37Msm8FNU5JugJfuu8CRdHEosWy/H9gY1Fbazs7+XnesyKZ4RorzTiJeDFxcf3fzazFc2EFG4VJMYinoduYK7fZuFfzj3JqJ0VWYXJPxrRbobN9vAHbtiSJNDqI3K2HKIc4fSv5HzaojoyQwItG+s1RHvuCKDv2QWz1XdL0gcfGUa2hI56RVrsffPeIIJhHtpqooOVax961efX7Eoaiy/qtXN5MjlTqrAoWlX55efUsbS9Ws9c+vGfN9Ck26nAhIPaDUQ==
ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=I65pigto38DmUlH0UYph46LaHdrwjt5pJm774pl0CTE=; b=TQRR9l2O8zk+ECNwPuMNzPmD7LUQ3kNVS2AhEQKILRUjZ2gsQfjVvAH8gGXkjJauGrMGQBdThnCYHoI31moYOME2URpgMtKzFetJ+zVOhwfAkpG6vqKkTC6w7QUv72qz4QhmIfXYKH/IPAIvDIShqAUe5f9k3wYD6rGLI168wxhrPcfabnSLdi4XsCztv1jjUT/CquhUybtovhyr3ysb2Ei9VPe5tPVEIDlzuVIo+tSYj6e7/urq3666tBI3HbWcEIjM0Y72Q9eslpsCMJv1bbNIErfOAM5IB+30Ptd7qfOfZF5djyPiGqXtX/0BDcea0BNXGVSr1M+CmSwgozpxYg==
ARC-Authentication-Results: i=2; mx.microsoft.com 1; spf=pass (sender ip is 63.35.35.123) smtp.rcpttodomain=ietf.org smtp.mailfrom=arm.com; dmarc=pass (p=none sp=none pct=100) action=none header.from=arm.com; dkim=pass (signature was verified) header.d=armh.onmicrosoft.com; arc=pass (0 oda=1 ltdi=1 spf=[1,1,smtp.mailfrom=arm.com] dkim=[1,1,header.d=arm.com] dmarc=[1,1,header.from=arm.com])
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=I65pigto38DmUlH0UYph46LaHdrwjt5pJm774pl0CTE=; b=PkbT/IyY8FBatKIadQyhrj8Er6vvPZA97DpUjIDwaap/wyNlnlRlSqjZbajQ6S+eJZWdauZSedjaNzVkJ02dldqSGpo8j7wNIim95szEb2FFzT4YcjMZsb01G+1Z19imTpS6oEUwfW/+v/39YQopayceTVNl8FEhlgnxpo6O5Lo=
Received: from AS9PR06CA0111.eurprd06.prod.outlook.com (2603:10a6:20b:465::17) by PR3PR08MB5611.eurprd08.prod.outlook.com (2603:10a6:102:85::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5632.15; Thu, 15 Sep 2022 15:01:55 +0000
Received: from VE1EUR03FT032.eop-EUR03.prod.protection.outlook.com (2603:10a6:20b:465:cafe::c9) by AS9PR06CA0111.outlook.office365.com (2603:10a6:20b:465::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5632.15 via Frontend Transport; Thu, 15 Sep 2022 15:01:55 +0000
X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 63.35.35.123) smtp.mailfrom=arm.com; dkim=pass (signature was verified) header.d=armh.onmicrosoft.com;dmarc=pass action=none header.from=arm.com;
Received-SPF: Pass (protection.outlook.com: domain of arm.com designates 63.35.35.123 as permitted sender) receiver=protection.outlook.com; client-ip=63.35.35.123; helo=64aa7808-outbound-1.mta.getcheckrecipient.com; pr=C
Received: from 64aa7808-outbound-1.mta.getcheckrecipient.com (63.35.35.123) by VE1EUR03FT032.mail.protection.outlook.com (10.152.18.121) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5632.12 via Frontend Transport; Thu, 15 Sep 2022 15:01:55 +0000
Received: ("Tessian outbound 8ec96648b960:v124"); Thu, 15 Sep 2022 15:01:55 +0000
X-CR-MTA-TID: 64aa7808
Received: from ba3edfb4c798.1 by 64aa7808-outbound-1.mta.getcheckrecipient.com id 7E35931C-320A-4886-903B-914A0511A6DC.1; Thu, 15 Sep 2022 15:01:49 +0000
Received: from EUR04-DB3-obe.outbound.protection.outlook.com by 64aa7808-outbound-1.mta.getcheckrecipient.com with ESMTPS id ba3edfb4c798.1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384); Thu, 15 Sep 2022 15:01:49 +0000
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=LZ/GSldaykBt37Fl8bCT149mS98G2GiLXnUxKRKtmiXKRobHaaO+pH3F39Yx+xmcB6CLWJ0afO+sG7ImRSdb0FpCa6DA1bv7+I5ggeY+yuAXccfSJU75CK8sdx7WhefvWdetWsmTaFXyXJUDG3b68BHezqtwVa6OKtQnJYO+DGuRUfooSitprxBmm4n2U4FR7E1qxx+//+x8mv9m6RwE7aFh/+WAnxCGaso4OGVh+cqGJ/nTR9lGsAl+tCJx+V39RxZlHe/+wo57vzy7X6B1inUMXvXWrN9ekjLVJDUUTZisZ+YO8kR+lIGrZGn3MgV9iBIVNx1KnM3Y2asYStvCXA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=I65pigto38DmUlH0UYph46LaHdrwjt5pJm774pl0CTE=; b=c6YGtYnfMJRpODduy2WlJwiIzvvNKeUGXks+3RYNIFqhQK/F7jVGB1ukCtPm8x3WER/e7BFTFyELy4hDi8+lFk+C/eq1TL4+6wcIOU/e8Xhf/B2ww4I1sefvN1emrlbrN2Od+gT06d0XI0x1X/xgv2Phoz0r5w9Y9xhzVSRlPU8VbdCadKHeCmYjBjDeDMcI4jrQO43vp8teVrQVlFP899QO3fgbrAvZ7w9A4NLc2nsySGW7shJUyJg2QuFApobAt3bAOS8prfDG+tWxHAWAx2U61W+ujSefoT4MvL72lZ+MRVgNy8SCLl8aO7CJnF2VE8p7FpDjM3ZwYDptQ5Mwaw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=arm.com; dmarc=pass action=none header.from=arm.com; dkim=pass header.d=arm.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=I65pigto38DmUlH0UYph46LaHdrwjt5pJm774pl0CTE=; b=PkbT/IyY8FBatKIadQyhrj8Er6vvPZA97DpUjIDwaap/wyNlnlRlSqjZbajQ6S+eJZWdauZSedjaNzVkJ02dldqSGpo8j7wNIim95szEb2FFzT4YcjMZsb01G+1Z19imTpS6oEUwfW/+v/39YQopayceTVNl8FEhlgnxpo6O5Lo=
Received: from DBBPR08MB5915.eurprd08.prod.outlook.com (2603:10a6:10:20d::17) by PR3PR08MB5563.eurprd08.prod.outlook.com (2603:10a6:102:89::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5612.19; Thu, 15 Sep 2022 15:01:48 +0000
Received: from DBBPR08MB5915.eurprd08.prod.outlook.com ([fe80::175:5593:658:8352]) by DBBPR08MB5915.eurprd08.prod.outlook.com ([fe80::175:5593:658:8352%5]) with mapi id 15.20.5632.015; Thu, 15 Sep 2022 15:01:48 +0000
From: Hannes Tschofenig <Hannes.Tschofenig@arm.com>
To: AJITOMI Daisuke <ajitomi@gmail.com>
CC: Ilari Liusvaara <ilariliusvaara@welho.com>, "cose@ietf.org" <cose@ietf.org>
Thread-Topic: [COSE] Wire-format ... was RE: Next steps with COSE-HPKE .... was RE: HPKE: Ephemeral public key encoding
Thread-Index: AQHYv7gr0NulNnmP/U2RI6aMXKIhJK3gpLJg
Date: Thu, 15 Sep 2022 15:01:48 +0000
Message-ID: <DBBPR08MB5915772F9FC22182C4050029FA499@DBBPR08MB5915.eurprd08.prod.outlook.com>
References: <AS8PR08MB5911655134AA35BC708058EBFA7D9@AS8PR08MB5911.eurprd08.prod.outlook.com> <CAFWvErWfAYnxYCUMRCOq_w507zS2bB1eQdMXoRkPkwM8q_Pfyg@mail.gmail.com>
In-Reply-To: <CAFWvErWfAYnxYCUMRCOq_w507zS2bB1eQdMXoRkPkwM8q_Pfyg@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ts-tracking-id: 461A883F13061845BB765DEF8B275DFC.0
x-checkrecipientchecked: true
Authentication-Results-Original: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=arm.com;
x-ms-traffictypediagnostic: DBBPR08MB5915:EE_|PR3PR08MB5563:EE_|VE1EUR03FT032:EE_|PR3PR08MB5611:EE_
X-MS-Office365-Filtering-Correlation-Id: 61cfaeb8-2f28-40f5-42ce-08da972b3b14
x-checkrecipientrouted: true
nodisclaimer: true
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam-Untrusted: BCL:0;
X-Microsoft-Antispam-Message-Info-Original: fCBDaTswZzOV7bMbk4LbvYfCfKpC7JGPUN98qqAt8cQ6aMRtLfHNFKB5A9Ylq2xNeJd6/HYNYNZApZpx4Kxawz2ZL1pNh8xxnNROjY4Y3qUOmQRVk7pvZNysCk94Wilcc//RMK5LxZvRBFVlnzMIAV2uTRw0xcW41OB5G4efdArP5EjQwQKi/dSsuhvxU0B4G6uqDms/6+vykKA6NnGTR/IfqHFeGInAqNZprcWFjySwd2Mozp50Or6jdEeKguuhgkUJsbC4UM+FwBYXwW+XgjXpiTIVF4+6LJnxVrfN4CF6W8HKMJo6fkHjXUxvJ7MjeO+m4chNnPVz2B8iCDSfrZBekDqDBKq4lQKqwYRMY6oZik3mtPLSx7ifPmNXatFtfAHM5Y+peVyttwbY6LTZf1FP1649til6rFJ5J+22QMo+n8iCLfqusOgerVqI+eLFXQpbyD91jbZ5l3qF50f/aMlNIK9mz4N9GTeKIQFl3pXRwZ2ww9NDu6rpKzV5WnbQXJFToMuURvd6ZiR+8ngg7soK4hgtRbqiTsRE83KBtEl6fbqiwYoIe2s8kizcM+8DPaBL4n7yYojgLnR3/KGGV/OAVgla4zSYaZA6uYrr8JUBn0heIl1Wz6j1NizRzcLZVMP3nx0ywrHRNH9hNm05byxWsu/h2UixrRoHnqj5dGW7BbSxC0Zb1OI70OVqFbm319ClAHDtsqjw9JvDnWnU5t0nX2XypGqIGHxHUkKbsXgfINKsdj/iBmmV8SYXcnzJIder2EmRsFQNNGTPwC6vL9hCkWzeZTYRru+x74ol9nM=
X-Forefront-Antispam-Report-Untrusted: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DBBPR08MB5915.eurprd08.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230022)(4636009)(396003)(366004)(136003)(346002)(39860400002)(376002)(451199015)(7696005)(478600001)(41300700001)(55016003)(5660300002)(966005)(38070700005)(26005)(186003)(66946007)(9686003)(316002)(33656002)(66476007)(53546011)(6506007)(66446008)(83380400001)(2906002)(71200400001)(8676002)(86362001)(166002)(8936002)(66556008)(38100700002)(52536014)(54906003)(76116006)(64756008)(4326008)(122000001)(6916009); DIR:OUT; SFP:1101;
Content-Type: multipart/alternative; boundary="_000_DBBPR08MB5915772F9FC22182C4050029FA499DBBPR08MB5915eurp_"
MIME-Version: 1.0
X-MS-Exchange-Transport-CrossTenantHeadersStamped: PR3PR08MB5563
Original-Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=arm.com;
X-EOPAttributedMessage: 0
X-MS-Exchange-Transport-CrossTenantHeadersStripped: VE1EUR03FT032.eop-EUR03.prod.protection.outlook.com
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id-Prvs: 7e8f021b-490d-48d5-35a4-08da972b36b4
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: /42lgSjpgWY/sqcddK5RMDbrGkT4b0j4dpvSwF8vYJ8BjVjKXEqBDByqgGHzHLSMAwVGghL81uGSxmTiDAYTvPnRYMCy3GM4+F2wHN3MQ2BtVeWS8fJCpmvOkhnnQ1gTY8JqE/z0jKJ0X73PSFID2Q0n6ah3a9xXPVOEZZ/Dydg4QqO3rAIS0Re3XBrcVM3hruyVVrgw6l5wN7UKE1sOBeytvJd6VOdEuvDJnnegBkoN3jto7DtQE0RAaMXf7r1HtSnshnIbBp0LWaQgAgBZW/gyq8hhttcTerzGuBFhAR9E7O/71UVHTiI/UushWztVlFPQb64GHkjeEfq+bNUKOBT+s+Q1WoHzN8n+k2M1vLX/R2ORwrF61t90ve6UT4fNReDFTkWkdLfXX+LoxO9UlU69LOmGR+PQpVzsU4aMguwwqYe7NbBYowsxCNMXCy2D6GM1PhFU9FIqvdghKZwxvkSgj4jfBHdTxYO4WJCv+rnfaFvxP6Rnf3Y0WJhwuQs8+7XXBVtTRLkkSYp0Y1vLK83XY7Ada1xmqvWLI5VNYAB/5sF1UP/rsBh9rFditAAEC/VU+1q/i/OTvTrGddzkzyDg7ACB0+cfs2W00Ml/oh/Egf+IGWNJJf4nfpNiUsUH8eOCkJu5UIAU67nvCXN1FoMq96fadd276pVXPnBx8E9hPdVbFhmBoXq8/YxNHfVeDJ/NT1ALKmbsGkaZ2+IyruxaxorbA4kN7vUkcGH65EXFnHEhgD4rmfrdEI0aNYcFNm2U2BvwBxB9YwUlZmClHr6SYW6O51UpY1LMgK6L8fQ=
X-Forefront-Antispam-Report: CIP:63.35.35.123; CTRY:IE; LANG:en; SCL:1; SRV:; IPV:CAL; SFV:NSPM; H:64aa7808-outbound-1.mta.getcheckrecipient.com; PTR:ec2-63-35-35-123.eu-west-1.compute.amazonaws.com; CAT:NONE; SFS:(13230022)(4636009)(136003)(346002)(39860400002)(376002)(396003)(451199015)(46966006)(40470700004)(36840700001)(47076005)(83380400001)(36860700001)(336012)(81166007)(966005)(82310400005)(41300700001)(40460700003)(478600001)(6862004)(8936002)(186003)(82740400003)(2906002)(55016003)(54906003)(7696005)(52536014)(5660300002)(6506007)(40480700001)(8676002)(166002)(356005)(70206006)(70586007)(4326008)(26005)(33656002)(9686003)(316002)(86362001)(53546011)(33964004); DIR:OUT; SFP:1101;
X-OriginatorOrg: arm.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 15 Sep 2022 15:01:55.5395 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 61cfaeb8-2f28-40f5-42ce-08da972b3b14
X-MS-Exchange-CrossTenant-Id: f34e5979-57d9-4aaa-ad4d-b122a662184d
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=f34e5979-57d9-4aaa-ad4d-b122a662184d; Ip=[63.35.35.123]; Helo=[64aa7808-outbound-1.mta.getcheckrecipient.com]
X-MS-Exchange-CrossTenant-AuthSource: VE1EUR03FT032.eop-EUR03.prod.protection.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Anonymous
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: PR3PR08MB5611
Archived-At: <https://mailarchive.ietf.org/arch/msg/cose/oWMnwXBZHy70G6ECC7Epf6hwWhs>
Subject: Re: [COSE] Wire-format ... was RE: Next steps with COSE-HPKE .... was RE: HPKE: Ephemeral public key encoding
X-BeenThere: cose@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: CBOR Object Signing and Encryption <cose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/cose>, <mailto:cose-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cose/>
List-Post: <mailto:cose@ietf.org>
List-Help: <mailto:cose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/cose>, <mailto:cose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 15 Sep 2022 15:02:04 -0000

Hi Daisuke

your design goal is to avoid changes to your COSE code when adding new HPKE algorithms. The drawback is the definition of a 'HPKE sender information' structure, which carries all the information HPKE exposes.

I understand that design goal.

It is up to the group to decide whether they share this goal.

My main interest is to reach a decision as soon as possible so that we can make progress with the spec. I will ask the chairs to run a consensus call on the design goal.

Ciao
Hannes

From: AJITOMI Daisuke <ajitomi@gmail.com>
Sent: Saturday, September 3, 2022 7:11 PM
To: Hannes Tschofenig <Hannes.Tschofenig@arm.com>
Cc: Ilari Liusvaara <ilariliusvaara@welho.com>; cose@ietf.org
Subject: Re: [COSE] Wire-format ... was RE: Next steps with COSE-HPKE .... was RE: HPKE: Ephemeral public key encoding

Hi Hannes,




> First, the HPKE RFC says that it does not specify a wire-format. In fact, Section 10 of RFC 9180 is very explicit about this fact by saying “This document does not specify a wire format encoding for HPKE messages.”

Yes, you are correct. There is not any wire format definition in the HPKE spec.
The wire format should be defined by a higher-level protocol, and indeed I know ECH, ODoH, and OHTTP define it.

However, the encapsulated key (sender's ephemeral public key) output by KEM is a byte string and it is evident in the definition of Nenc in the HPKE RFC as follows.
> Nenc: The length in bytes of an encoded encapsulated key produced by the algorithm

All HPKE implementations output enc as a sequence of bytes. How this is transmitted is left to the higher-level protocol, but it would normally be put directly into the wire format. Indeed, ECH, ODoH and OHTTP do just that.
I think the problem is that there is little necessity to convert enc as a byte string to COSE_Key structure. There are many disadvantages as I mentioned, but the reason to convert is just because there is already a field (ephemeral key) defined, right?
In my opinion, the ephemeral key (COSE_Key) is inadequate to represent HPKE sender information including enc, and in addition, there is no assurance that it can be converted to COSE_Key in the future.

I believe it is very important that when new HPKE cipher suites are defined in the future, this specification and existing COSE library implementations need not be changed. This is easily achievable as described in my proposal.
> I will read through your proposal.

Thanks for taking your time.

Regards,
Daisuke



2022年9月4日(日) 0:47 Hannes Tschofenig <Hannes.Tschofenig@arm.com<mailto:Hannes.Tschofenig@arm.com>>:
Hi Daisuke,

Let me give you a very quick response on one item. I will read through your proposal.

➢ One point of concern during the IETF 114 meeting was there were several erroneous comments that the fact that enc is an octet string is implementation-dependent.

We had discussed this earlier on the list and there are two data points:

First, the HPKE RFC says that it does not specify a wire-format. In fact, Section 10 of RFC 9180 is very explicit about this fact by saying “This document does not specify a wire format encoding for HPKE messages.”

Second, since Ilari did not believe me I reached out to Chris Wood, one of the authors, and ask him personally. He confirmed my observation.

The pseudo-programming language API defined in the HPKE RFC is not mandatory to implement by an HPKE library. In fact, there are implementations that do not implement that API and they are still compliant to the HPKE RFC. An example is the HappyKey implementation by Stephen Farrell. I used his implementation and used the PSA Crypto API rather than OpenSSL.

Ciao
Hannes
IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.
_______________________________________________
COSE mailing list
COSE@ietf.org<mailto:COSE@ietf.org>
https://www.ietf.org/mailman/listinfo/cose
IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.