Re: [jose] [COSE] Fwd: New Version Notification for draft-reddy-cose-jose-pqc-kem-00.txt
Ilari Liusvaara <ilariliusvaara@welho.com> Wed, 06 March 2024 08:55 UTC
Return-Path: <ilariliusvaara@welho.com>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4CFD0C14CE5D; Wed, 6 Mar 2024 00:55:57 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.906
X-Spam-Level:
X-Spam-Status: No, score=-6.906 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nuAXFwwUspLZ; Wed, 6 Mar 2024 00:55:51 -0800 (PST)
Received: from welho-filter4.welho.com (welho-filter4b.welho.com [83.102.41.30]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 47049C14CEED; Wed, 6 Mar 2024 00:55:50 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by welho-filter4.welho.com (Postfix) with ESMTP id 1E09F683AE; Wed, 6 Mar 2024 10:55:48 +0200 (EET)
X-Virus-Scanned: Debian amavisd-new at pp.htv.fi
Received: from welho-smtp1.welho.com ([IPv6:::ffff:83.102.41.84]) by localhost (welho-filter4.welho.com [::ffff:83.102.41.26]) (amavisd-new, port 10024) with ESMTP id OyCkld-dS87H; Wed, 6 Mar 2024 10:55:47 +0200 (EET)
Received: from LK-Perkele-VII2 (78-27-96-203.bb.dnainternet.fi [78.27.96.203]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by welho-smtp1.welho.com (Postfix) with ESMTPSA id D33BA7A; Wed, 6 Mar 2024 10:55:45 +0200 (EET)
Date: Wed, 06 Mar 2024 10:55:45 +0200
From: Ilari Liusvaara <ilariliusvaara@welho.com>
To: cose <cose@ietf.org>, JOSE WG <jose@ietf.org>
Message-ID: <ZegvkbjJVU3K5g0m@LK-Perkele-VII2.locald>
References: <170944215832.65165.15558599263256086018@ietfa.amsl.com> <CAFpG3gdGiw2wap8C1H+AOWvEn1ewSjmtBmghKKAvNBmXnDmoYg@mail.gmail.com> <CAN8C-_KZifohssn3WoZa6Qn3QMeh0YMya6c8RGa1ZieWgRY9=A@mail.gmail.com> <CAFWvErUpD+p5enboksM1QiPq1ixJnRMi2NM4oyu+_8XQo_f++Q@mail.gmail.com> <CAFpG3geYihGp_YDaqB1pP+BXjSUUXit-HPVVN0wxB9PokOXywQ@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Disposition: inline
In-Reply-To: <CAFpG3geYihGp_YDaqB1pP+BXjSUUXit-HPVVN0wxB9PokOXywQ@mail.gmail.com>
Sender: ilariliusvaara@welho.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/jose/WOoifvsQD-VIpfkIePMAnw7WGVk>
Subject: Re: [jose] [COSE] Fwd: New Version Notification for draft-reddy-cose-jose-pqc-kem-00.txt
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/jose/>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 06 Mar 2024 08:55:57 -0000
On Wed, Mar 06, 2024 at 11:45:03AM +0530, tirumal reddy wrote: > On Tue, 5 Mar 2024 at 20:12, AJITOMI Daisuke <ajitomi@gmail.com> wrote: > > > > I think we should use HPKE until there is reason not to use it. > > > > I agree. > > > > Regarding ML-KEM, I was thinking that we should add X-Wing as a PQ/T > > Hybrid KEM to the list of COSE-HPKE ciphersuites at first. > > > > X-Wing: general-purpose hybrid post-quantum KEM > > https://datatracker.ietf.org/doc/draft-connolly-cfrg-xwing-kem/ > > > > X-wing is specific to hybrid schemes and it is back-ward compatible with > X25519Kyber768Draft00. The COSE and JOSE HPKE specifications can use the > above hybrid scheme which is already registered in HPKE IANA registry. No, that does not work. That KEM will never be published as an RFC, so the main COSE and JOSE HPKE specifications can not reference it. And since all the HPKE algorithms are fully specified, the main COSE and JOSE HPKE specifications can not allow using it. One would need a separate draft and use that as reference for the needed algorithms. X-Wing or whatever replaces it in HPKE (CFRG is just about to start the project on hybrid KEMs) will be published as an RFC. However, that is currently blocked on NIST publishing FIPS 203. -Ilari
- [jose] Fwd: New Version Notification for draft-re… tirumal reddy
- Re: [jose] Fwd: New Version Notification for draf… Orie Steele
- Re: [jose] [COSE] Fwd: New Version Notification f… AJITOMI Daisuke
- Re: [jose] [COSE] Fwd: New Version Notification f… Neil Madden
- Re: [jose] Fwd: New Version Notification for draf… Ilari Liusvaara
- Re: [jose] [COSE] Fwd: New Version Notification f… Ilari Liusvaara
- Re: [jose] Fwd: New Version Notification for draf… tirumal reddy
- Re: [jose] [COSE] Fwd: New Version Notification f… tirumal reddy
- Re: [jose] [COSE] Fwd: New Version Notification f… tirumal reddy
- Re: [jose] [COSE] Fwd: New Version Notification f… Ilari Liusvaara
- Re: [jose] [COSE] Fwd: New Version Notification f… tirumal reddy
- Re: [jose] [COSE] Fwd: New Version Notification f… Ilari Liusvaara
- Re: [jose] [COSE] Fwd: New Version Notification f… tirumal reddy
- Re: [jose] [COSE] Fwd: New Version Notification f… Ilari Liusvaara
- Re: [jose] [COSE] Fwd: New Version Notification f… Neil Madden
- Re: [jose] [COSE] Fwd: New Version Notification f… tirumal reddy
- Re: [jose] [COSE] Fwd: New Version Notification f… tirumal reddy
- Re: [jose] [COSE] Fwd: New Version Notification f… Neil Madden
- Re: [jose] [COSE] Fwd: New Version Notification f… Ilari Liusvaara
- Re: [jose] [COSE] Fwd: New Version Notification f… tirumal reddy