[jose] Re: draft-ietf-jose-hpke-encrypt-01
Ilari Liusvaara <ilariliusvaara@welho.com> Tue, 09 July 2024 06:21 UTC
Return-Path: <ilariliusvaara@welho.com>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E114AC1519A0 for <jose@ietfa.amsl.com>; Mon, 8 Jul 2024 23:21:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.907
X-Spam-Level:
X-Spam-Status: No, score=-1.907 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ElBjlb0euZcL for <jose@ietfa.amsl.com>; Mon, 8 Jul 2024 23:21:49 -0700 (PDT)
Received: from welho-filter3.welho.com (welho-filter3b.welho.com [83.102.41.29]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EA977C18DBA4 for <jose@ietf.org>; Mon, 8 Jul 2024 23:21:45 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by welho-filter3.welho.com (Postfix) with ESMTP id 42F4812F89 for <jose@ietf.org>; Tue, 9 Jul 2024 09:21:42 +0300 (EEST)
X-Virus-Scanned: Debian amavisd-new at pp.htv.fi
Received: from welho-smtp3.welho.com ([IPv6:::ffff:83.102.41.86]) by localhost (welho-filter3.welho.com [::ffff:83.102.41.25]) (amavisd-new, port 10024) with ESMTP id EM4aa9y-Uzgp for <jose@ietf.org>; Tue, 9 Jul 2024 09:21:41 +0300 (EEST)
Received: from LK-Perkele-VII2 (78-27-96-203.bb.dnainternet.fi [78.27.96.203]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by welho-smtp3.welho.com (Postfix) with ESMTPSA id 9BD8F2309 for <jose@ietf.org>; Tue, 9 Jul 2024 09:21:40 +0300 (EEST)
Date: Tue, 09 Jul 2024 09:21:40 +0300
From: Ilari Liusvaara <ilariliusvaara@welho.com>
To: JOSE WG <jose@ietf.org>
Message-ID: <ZozW9NQOEj_vhMto@LK-Perkele-VII2.locald>
References: <CAN8C-_KMx_M9vL3kwoohkiVrndU_MohxdGC_vLkBo7R_+-6T2g@mail.gmail.com> <CACVbtYOsf7MkHPOzFgE14JhKrSzAd8EkZ0Sr4X0XRMzdCUtbkA@mail.gmail.com> <CACVbtYOOpwTKZt7dH7JV983SmU7gRbsaXY8ru4Ty-+S081oTEQ@mail.gmail.com> <CAN8C-_Kb9ZOec8SXUkqqd3P7VnEYSDukVm56kpdx+fVEw4KHag@mail.gmail.com> <CACVbtYPauBzeSmXPr8Fyb7Jh3u7ydJgX632B0Fwdn4UPgAfQBg@mail.gmail.com> <CACVbtYOKCrqs_tf2QUqJ1P-WWd7WeKw_VMzqgCyCvaaXmqTppA@mail.gmail.com> <CAN8C-_JrUM_uiVAprfFf_-ZnZcy86-hm6t5KWp5_2qavn0+zUQ@mail.gmail.com> <CACVbtYNeo6m9wnuE3utgG5+j63EiUjHV96QFcdzp6-sVsCmuVQ@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Disposition: inline
In-Reply-To: <CACVbtYNeo6m9wnuE3utgG5+j63EiUjHV96QFcdzp6-sVsCmuVQ@mail.gmail.com>
Sender: ilariliusvaara@welho.com
Message-ID-Hash: UP7H5IND5FX65ENZKUTOFTC6EEUPDF3J
X-Message-ID-Hash: UP7H5IND5FX65ENZKUTOFTC6EEUPDF3J
X-MailFrom: ilariliusvaara@welho.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-jose.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [jose] Re: draft-ietf-jose-hpke-encrypt-01
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/jose/7AVWzaBi5bk1DYUdjjKD5ydiukQ>
List-Archive: <https://mailarchive.ietf.org/arch/browse/jose>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Owner: <mailto:jose-owner@ietf.org>
List-Post: <mailto:jose@ietf.org>
List-Subscribe: <mailto:jose-join@ietf.org>
List-Unsubscribe: <mailto:jose-leave@ietf.org>
On Mon, Jul 08, 2024 at 08:11:51PM -0700, Les Hazlewood wrote: > Thank you Orie, your last two replies are really helpful! > > If flexibility and some degree of future proofing are desired, without an > explosion of registration permutations, would it make sense to support the > KEM and HKDF identifiers as separate header parameters? For example: > > "alg": "HPKE" > "kem": "P256" > "kdf": "HKDFS256" > "enc": "A256GCM" > > Then these would be pluggable as desired, so long as strength requirements > are maintained between inputs/outputs. > And the number of registrations for each respective header would be easily > constrained to have a 1:1 correlation with the 3 functions in RFC 9180 > (KEM, KDF, AEAD triplet), as well as those in > https://www.iana.org/assignments/hpke/hpke.xhtml > > I'm not sure if this opens a can of worms or not, but it seems relatively > elegant on the surface. Thoughts? There was an explicit decision to use ciphersuites instead of doing that kind of thing (old versions of HPKE in COSE essentially did work like that). As far as I can see, that decision was driven by interop and "strength matching" concerns. My view of "strength matching" is strictly about efficiency: Using resources to fortify something that is not the bottleneck wastes those resources. However: - It is not acceptable to artificially weaken things to "match" security of others. - "X bits of security" arguments can be extremely misleading, especially if comparing confidentiality and authentication. -Ilari
- [jose] draft-ietf-jose-hpke-encrypt-01 Orie Steele
- [jose] Re: draft-ietf-jose-hpke-encrypt-01 Ilari Liusvaara
- [jose] Re: draft-ietf-jose-hpke-encrypt-01 Michael Jones
- [jose] Re: draft-ietf-jose-hpke-encrypt-01 Ilari Liusvaara
- [jose] Re: draft-ietf-jose-hpke-encrypt-01 tirumal reddy
- [jose] Re: draft-ietf-jose-hpke-encrypt-01 Orie Steele
- [jose] Re: draft-ietf-jose-hpke-encrypt-01 Ilari Liusvaara
- [jose] Re: draft-ietf-jose-hpke-encrypt-01 Les Hazlewood
- [jose] Re: draft-ietf-jose-hpke-encrypt-01 Les Hazlewood
- [jose] Re: draft-ietf-jose-hpke-encrypt-01 Orie Steele
- [jose] Re: draft-ietf-jose-hpke-encrypt-01 Simo Sorce
- [jose] Re: draft-ietf-jose-hpke-encrypt-01 Les Hazlewood
- [jose] Re: draft-ietf-jose-hpke-encrypt-01 Orie Steele
- [jose] Re: draft-ietf-jose-hpke-encrypt-01 Les Hazlewood
- [jose] Re: draft-ietf-jose-hpke-encrypt-01 Orie Steele
- [jose] Re: draft-ietf-jose-hpke-encrypt-01 Ilari Liusvaara
- [jose] Re: draft-ietf-jose-hpke-encrypt-01 Ilari Liusvaara
- [jose] Re: draft-ietf-jose-hpke-encrypt-01 Orie Steele
- [jose] Re: draft-ietf-jose-hpke-encrypt-01 Les Hazlewood
- [jose] Re: draft-ietf-jose-hpke-encrypt-01 Ilari Liusvaara
- [jose] Re: draft-ietf-jose-hpke-encrypt-01 - Setu… Matt Chanda
- [jose] Re: draft-ietf-jose-hpke-encrypt-01 Ilari Liusvaara
- [jose] Re: draft-ietf-jose-hpke-encrypt-01 Les Hazlewood
- [jose] Re: draft-ietf-jose-hpke-encrypt-01 Ilari Liusvaara
- [jose] Re: draft-ietf-jose-hpke-encrypt-01 Ilari Liusvaara
- [jose] Re: draft-ietf-jose-hpke-encrypt-01 Les Hazlewood
- [jose] Re: draft-ietf-jose-hpke-encrypt-01 Les Hazlewood
- [jose] Re: draft-ietf-jose-hpke-encrypt-01 Les Hazlewood
- [jose] Re: draft-ietf-jose-hpke-encrypt-01 Ilari Liusvaara
- [jose] Re: draft-ietf-jose-hpke-encrypt-01 - Setu… Matt Chanda
- [jose] Re: draft-ietf-jose-hpke-encrypt-01 - Setu… Orie Steele
- [jose] Re: draft-ietf-jose-hpke-encrypt-01 - Setu… Matt Chanda
- [jose] Re: draft-ietf-jose-hpke-encrypt-01 - Setu… Ilari Liusvaara
- [jose] Re: draft-ietf-jose-hpke-encrypt-01 - Setu… Matt Chanda
- [jose] Re: draft-ietf-jose-hpke-encrypt-01 Les Hazlewood
- [jose] Re: draft-ietf-jose-hpke-encrypt-01 - Setu… Orie Steele
- [jose] Re: draft-ietf-jose-hpke-encrypt-01 - Setu… Orie Steele
- [jose] Re: draft-ietf-jose-hpke-encrypt-01 Brian Campbell
- [jose] Re: draft-ietf-jose-hpke-encrypt-01 Brian Campbell
- [jose] Re: draft-ietf-jose-hpke-encrypt-01 Ilari Liusvaara
- [jose] Re: draft-ietf-jose-hpke-encrypt-01 - Setu… Matt Chanda