[jose] Re: Call for adoption: https://datatracker.ietf.org/doc/draft-reddy-cose-jose-pqc-kem/
Ilari Liusvaara <ilariliusvaara@welho.com> Wed, 18 September 2024 07:40 UTC
Return-Path: <ilariliusvaara@welho.com>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 35EF4C15171B for <jose@ietfa.amsl.com>; Wed, 18 Sep 2024 00:40:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.907
X-Spam-Level:
X-Spam-Status: No, score=-1.907 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4J4bpERFqNs5 for <jose@ietfa.amsl.com>; Wed, 18 Sep 2024 00:40:54 -0700 (PDT)
Received: from welho-filter4.welho.com (welho-filter4b.welho.com [83.102.41.30]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 47480C151093 for <jose@ietf.org>; Wed, 18 Sep 2024 00:40:52 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by welho-filter4.welho.com (Postfix) with ESMTP id 47C146310F for <jose@ietf.org>; Wed, 18 Sep 2024 10:40:51 +0300 (EEST)
X-Virus-Scanned: Debian amavisd-new at pp.htv.fi
Received: from welho-smtp1.welho.com ([IPv6:::ffff:83.102.41.84]) by localhost (welho-filter4.welho.com [::ffff:83.102.41.26]) (amavisd-new, port 10024) with ESMTP id x2djS-8ISM5R for <jose@ietf.org>; Wed, 18 Sep 2024 10:40:50 +0300 (EEST)
Received: from LK-Perkele-VII2 (87-92-153-79.rev.dnainternet.fi [87.92.153.79]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by welho-smtp1.welho.com (Postfix) with ESMTPSA id D5F5528B for <jose@ietf.org>; Wed, 18 Sep 2024 10:40:49 +0300 (EEST)
Date: Wed, 18 Sep 2024 10:40:49 +0300
From: Ilari Liusvaara <ilariliusvaara@welho.com>
To: JOSE WG <jose@ietf.org>
Message-ID: <ZuqEAVsaAOXs-9BL@LK-Perkele-VII2.locald>
References: <CA+mgmiN9t6mV=Anqc_kyzuyP__3C+FRSw2KF9jvDXOXPXB-c+Q@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Disposition: inline
In-Reply-To: <CA+mgmiN9t6mV=Anqc_kyzuyP__3C+FRSw2KF9jvDXOXPXB-c+Q@mail.gmail.com>
Sender: ilariliusvaara@welho.com
Message-ID-Hash: AU4LMMOEP5N353RLERXZROXZLQTFMZ2E
X-Message-ID-Hash: AU4LMMOEP5N353RLERXZROXZLQTFMZ2E
X-MailFrom: ilariliusvaara@welho.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-jose.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [jose] Re: Call for adoption: https://datatracker.ietf.org/doc/draft-reddy-cose-jose-pqc-kem/
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/jose/GzJLcsMHCzZj-2L3R52qt1p2lKQ>
List-Archive: <https://mailarchive.ietf.org/arch/browse/jose>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Owner: <mailto:jose-owner@ietf.org>
List-Post: <mailto:jose@ietf.org>
List-Subscribe: <mailto:jose-join@ietf.org>
List-Unsubscribe: <mailto:jose-leave@ietf.org>
On Sat, Sep 14, 2024 at 05:50:18PM -0300, Karen ODonoghue wrote: > JOSE and COSE working group members, > > The following draft has been submitted for consideration by the JOSE > working group. The chairs agreed, at IETF 120, to issue a call for > adoption. > > https://datatracker.ietf.org/doc/draft-reddy-cose-jose-pqc-kem/ > > Please review the document and indicate (by responding to this email > and keeping the subject line intact) whether or not you think this is > a good place to start the development of this document. Please provide > comments. Seems like reasonable starting point (even with flaws), adapt. Some stuff I noticed in quick review: - ML-KEM is intended to be used directly. - The KDF is not FIPS-compliant. - Encoding of context structure in COSE needs to be canonical. - Ways to use public-key cryptography with JWE are defined by JWE itself. And there are three, not two. - JWE does not require "enc"/"alg" to be in JWE protected header. - JWE does not allow using JWE Encrypted Key with DKA (no way to avoid double-encoding in compact serialization). - DKA in COSE does not use ciphertext (but I don't think it is explicitly forbidden). - If DKA in COSE produces CEK or KEK depends on layer it is on. - AES-192 is poorly supported and usually replaced by AES-256. -Ilari
- [jose] Re: Call for adoption: https://datatracker… Michael Prorock
- [jose] Call for adoption: https://datatracker.iet… Karen ODonoghue
- [jose] Re: Call for adoption: https://datatracker… Vladimir Dzhuvinov / Connect2id
- [jose] Re: Call for adoption: https://datatracker… Neil Madden
- [jose] Re: [EXTERNAL] Re: Call for adoption: http… Mike Ounsworth
- [jose] Re: Call for adoption: https://datatracker… Ilari Liusvaara
- [jose] Re: [EXTERNAL] Re: Call for adoption: http… tirumal reddy
- [jose] Re: Call for adoption: https://datatracker… tirumal reddy
- [jose] Re: Call for adoption: https://datatracker… tirumal reddy
- [jose] Re: Call for adoption: https://datatracker… Brian Campbell
- [jose] Re: Call for adoption: https://datatracker… Karen ODonoghue