[jose] Strawperson consensus call for changes to draft-ietf-jose-hpke-encrypt-01
Orie Steele <orie@transmute.industries> Wed, 10 July 2024 15:45 UTC
Return-Path: <orie@transmute.industries>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B8BFCC14CE40 for <jose@ietfa.amsl.com>; Wed, 10 Jul 2024 08:45:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.095
X-Spam-Level:
X-Spam-Status: No, score=-7.095 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_KAM_HTML_FONT_INVALID=0.01, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=transmute.industries
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Q8t8EQo477mK for <jose@ietfa.amsl.com>; Wed, 10 Jul 2024 08:45:23 -0700 (PDT)
Received: from mail-pl1-x632.google.com (mail-pl1-x632.google.com [IPv6:2607:f8b0:4864:20::632]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 85790C14F5F9 for <jose@ietf.org>; Wed, 10 Jul 2024 08:45:23 -0700 (PDT)
Received: by mail-pl1-x632.google.com with SMTP id d9443c01a7336-1fb64d627b0so22602175ad.0 for <jose@ietf.org>; Wed, 10 Jul 2024 08:45:23 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=transmute.industries; s=google; t=1720626322; x=1721231122; darn=ietf.org; h=cc:to:subject:message-id:date:from:mime-version:from:to:cc:subject :date:message-id:reply-to; bh=NrU+m2NH1NK0A7OeWRocecSQFeFK/mRp2JHUnrdNdRM=; b=ezZ10KeZ4wLP1EK3Gm2lRso/l2OE/6yEIfNPE9FshhcpBq1+kpYsaWxZOAaTXw87YA TOv/vEjq8gnJfMftq7+2GrU7r+vnuI4sRkLwpP6THArxk5DfgCo/SB/or9vHhME7z/Ya VdARoKkU1kxtcrIb1mmePg0OEh2pk2FnQq4VHcPq0uPoxdXqUX8Wjb0zOkBv2pa2VaNk JAcrJy1Yndjto/fXDr6FONcWyPHTKrkaY21X8tna39LlBJ+/ztG2wz0AWEKukRC1OmHy +lEUdV5JpXdCbJSIrcjbbUyXVMmcTSxoQnvbupMgBDdRhBiKdwcdauPahwOxq4iYnSyC nQwA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1720626322; x=1721231122; h=cc:to:subject:message-id:date:from:mime-version:x-gm-message-state :from:to:cc:subject:date:message-id:reply-to; bh=NrU+m2NH1NK0A7OeWRocecSQFeFK/mRp2JHUnrdNdRM=; b=OuBCFUPoHF+E50wvjAm7+FAD1lUOJED4oz4FQ42xcyJQ4oQeqS5M41z7yAGXuOz/+k JTP/6J6XnzSS+ZM2ewPg/vEnzqeiNP1qFKxNoFITn9WZ9S3ump77//xNfinS2FQDcMeO 9Qtixk2SVLrgjnUGzBuiusObNEvB6N66PacRpSczhXGsU1L42TYdAlxmqm4Vm0/86Ftd LioC1k5v/foUR57/XBxusey4IbnhgYsqab4nzeobW+t4kfMMEwwhwGJoEurPeIuDGyRx 3nwTR7G6Mg5D5JewlvgWwAmfpTu4JkQdTigynC4v53zmqm928xgEh3KaCz1B53gtIIwb Gsjg==
X-Gm-Message-State: AOJu0YyKVizoEsVDVTgG+Kj+QjIPB2hQ2XEoEO1HBstW2K+quozLy75e jxZDP9EicxibwxIB9L0QpNf8SJrg2S5nK9iv1Rw7DxxIj1UX62nfszxvKk72uuTSCm0cCQJ/BcR lQjKhqCL1mNc2jlJH9viMl5PA+N203qZjemTSbkdOQ70F2wHAnpo=
X-Google-Smtp-Source: AGHT+IHuTptIOJaSXqeLdQoDGuupoD+vs+wkrTuiPIiVNRE1EgYoWlZOjR5MjpXfJwBvzLoGfxwqBRspcbiDhWEpXOQ=
X-Received: by 2002:a17:90a:ff11:b0:2c9:7cb6:38b0 with SMTP id 98e67ed59e1d1-2ca35c2aa9dmr4476528a91.19.1720626322435; Wed, 10 Jul 2024 08:45:22 -0700 (PDT)
MIME-Version: 1.0
From: Orie Steele <orie@transmute.industries>
Date: Wed, 10 Jul 2024 10:45:11 -0500
Message-ID: <CAN8C-_KEv4s2SHBYi9ZeCi+Jjxk08r9tg+sqt1wtcgnyswCBgQ@mail.gmail.com>
To: JOSE WG <jose@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000bd9500061ce68848"
Message-ID-Hash: CXB74W2B3GQEYNAXHYID2RWRTPVXLSAA
X-Message-ID-Hash: CXB74W2B3GQEYNAXHYID2RWRTPVXLSAA
X-MailFrom: orie@transmute.industries
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-jose.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: jose-chairs@ietf.org
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [jose] Strawperson consensus call for changes to draft-ietf-jose-hpke-encrypt-01
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/jose/EhqaEwDIe_PtXjHPSSISMlJ0XYY>
List-Archive: <https://mailarchive.ietf.org/arch/browse/jose>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Owner: <mailto:jose-owner@ietf.org>
List-Post: <mailto:jose@ietf.org>
List-Subscribe: <mailto:jose-join@ietf.org>
List-Unsubscribe: <mailto:jose-leave@ietf.org>
Thanks to Ilari for capturing suggested changes to draft-ietf-jose-hpke-encrypt-01 for "alg" and "enc". See: https://mailarchive.ietf.org/arch/msg/jose/AQPIjws_5cjnCb_3S7UR688W4uM/ We've discussed versions of this proposal for several months now, and I feel we probably need more formal consensus calls to identify a path forward. @jose-chairs@ietf.org <jose-chairs@ietf.org> please consider a formal consensus call for each of these topics, after applying any changes suggested on this thread as you see fit. I hope we can poll the room in person at IETF 120 as well. ## draft-ietf-jose-hpke-encrypt-01 call topic number 1 (Yes / No): ### For HPKE JWE Integrated Encryption Mode: The algorithm name SHALL be of the form "HPKE-P256-SHA256-A128GCM". The "enc" value SHALL be "dir". The working group SHALL draft text explaining what "enc:dir" means, and how it related to "alg". The algorithm name SHALL be of the form "HPKE-P256-SHA256-A128GCM". The hpke-aad SHALL be of the form "protected (.aad)", as described in Step 15 of RFC7516. The hpke-info SHALL be the same as is provided to concatKDF info for ECDH-ES, as described in https://datatracker.ietf.org/doc/html/rfc7518#section-4.6.2 ## draft-ietf-jose-hpke-encrypt-01 call topic number 2 (Yes / No): ### For HPKE JWE Key Encryption Mode: The algorithm name SHALL be of the form "HPKE-P256-SHA256-A128GCM". The "enc" value SHALL be any registered AEAD here - https://www.iana.org/assignments/jose/jose.xhtml, per section of RFC7518. The hpke-info SHALL be the same as is provided to concatKDF info for ECDH-ES, as described in https://datatracker.ietf.org/doc/html/rfc7518#section-4.6.2 The hpke-aad shall be empty. If either of these fails (rough consensus no), let's run through each statement in a formal consensus call, this way we can eliminate ambiguity for authors, and authors can propose solutions to only the problems where there is working group disagreement on the proposed solution in the current draft. This will end much faster if we can establish consensus to eliminate some variables. Regards, OS -- ORIE STEELE Chief Technology Officer www.transmute.industries <https://transmute.industries>
- [jose] Re: Strawperson consensus call for changes… tirumal reddy
- [jose] Strawperson consensus call for changes to … Orie Steele
- [jose] Re: Strawperson consensus call for changes… tirumal reddy
- [jose] Re: Strawperson consensus call for changes… Ilari Liusvaara
- [jose] Re: Strawperson consensus call for changes… tirumal reddy
- [jose] Re: Strawperson consensus call for changes… Ilari Liusvaara
- [jose] Re: Strawperson consensus call for changes… Ilari Liusvaara
- [jose] Re: Strawperson consensus call for changes… Orie Steele
- [jose] Re: Strawperson consensus call for changes… Orie Steele
- [jose] Re: Strawperson consensus call for changes… Orie Steele
- [jose] Re: Strawperson consensus call for changes… Brian Campbell
- [jose] Re: Strawperson consensus call for changes… Orie Steele
- [jose] Re: Strawperson consensus call for changes… Ilari Liusvaara
- [jose] Re: Strawperson consensus call for changes… Michael Jones
- [jose] Re: Strawperson consensus call for changes… Brian Campbell