Re: [COSE] Draft IETF 117 COSE agenda

["Tschofenig, Hannes" <hannes.tschofenig@siemens.com>]

Hi Mike,

Here is the question the working group is facing.

Should there

  1.  be a single value associated with the combination of KEM, KDF, and AEAD, or
  2.  individual values for each of them.

The former design is often called ciphersuite.

We used (a) in earlier versions of the COSE-HPKE draft (see, for example, draft-ietf-cose-hpke-01<https://datatracker.ietf.org/doc/html/draft-ietf-cose-hpke-01#name-iana-considerations-6> ) and (b) in later versions of the draft (see, for example, draft-ietf-cose-hpke-05<https://datatracker.ietf.org/doc/html/draft-ietf-cose-hpke-05#section-3.1>).

Based on my assessment of the feedback from the group, there is a preference to switch back to the ciphersuite approach.

Ciao
Hannes

Von: Michael Jones <michael_b_jones@hotmail.com>
Gesendet: Mittwoch, 19. Juli 2023 18:52
An: Tschofenig, Hannes (T CST SEA-DE) <hannes.tschofenig@siemens.com>; cose <cose@ietf.org>
Betreff: RE: Draft IETF 117 COSE agenda

As a chair, I'd like clarity on what you mean by "the single algorithm design".  Do you mean that each algorithm identifier fully specifies all the cryptographic parameters being used?  Or do you mean that a single algorithm identifier is used for all the HPKE possibilities?

Speaking as an individual contributor, I fully support the first (fully specified) choice.  Whereas the second possibility will cause endless interoperability problems.

                                                       -- Mike

From: Tschofenig, Hannes <hannes.tschofenig@siemens.com<mailto:hannes.tschofenig@siemens.com>>
Sent: Tuesday, July 18, 2023 10:51 PM
To: Michael Jones <michael_b_jones@hotmail.com<mailto:michael_b_jones@hotmail.com>>; cose <cose@ietf.org<mailto:cose@ietf.org>>
Subject: AW: Draft IETF 117 COSE agenda

Hi Mike,

the content issue with HPKE is the single algorithm design. I have posted a summary about it to the list, see [COSE] COSE-HPKE and the Single Algorithm Discussion (ietf.org)<https://mailarchive.ietf.org/arch/msg/cose/_GQXXpltAgXNozXIFC9z1yY1CCM/>

It needs a consensus call from the chairs to finalize it.

You could start this call today and be done with it by the time of the meeting.

Ciao
Hannes

Von: COSE <cose-bounces@ietf.org<mailto:cose-bounces@ietf.org>> Im Auftrag von Michael Jones
Gesendet: Dienstag, 18. Juli 2023 19:33
An: cose@ietf.org<mailto:cose@ietf.org>
Betreff: [COSE] Draft IETF 117 COSE agenda

Ivo and I propose the following agenda for our meeting in San Francisco.  We have a two-hour timeslot.  Please provide any feedback by tomorrow, at which point I'll revise and post the agenda to the meeting materials.

                                                       -- Mike

CBOR Object Signing and Encryption (COSE)

13:00-13:05 Opening remarks - the chairs (5 minutes)
13:05-13:25 Post-Quantum Signatures draft-ietf-cose-{dilithium,sphincs,falcon} (20 minutes) - Mike Prorock and Orie Steele
13:25-13:35 draft-birkholz-cose-tsa-tst-header-parameter (10 minutes) - Henk Birkholz
13:35-13:45 draft-ietf-cose-cbor-encoded-cert (10 minutes) - Göran Selander or John Mattsson
13:45-13:55 draft-steele-cose-merkle-tree-proofs (10 minutes) - Orie Steele
13:55-14:05 draft-birkholz-cose-cometre-ccf-profile (10 minutes) - Henk Birkholz
14:05-14:15 draft-isobe-cose-key-thumbprint (10 minutes) - Hannes Tschofenig
14:15-14:25 draft-jones-cose-typ-header-parameter (10 minutes) - Orie Steele and Mike Jones
14:25-14:40 Summary of contentious issues in HPKE (15 minutes) - Orie Steele
14:40-14:55 draft-ietf-cose-hpke (15 minutes) - Hannes Tschofenig
14:55-15:00 AOB (5 minutes)