Re: [Suit] draft-ietf-suit-firmware-encryption: HPKE for COSE
Russ Housley <housley@vigilsec.com> Mon, 02 August 2021 15:20 UTC
Return-Path: <housley@vigilsec.com>
X-Original-To: suit@ietfa.amsl.com
Delivered-To: suit@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1])
by ietfa.amsl.com (Postfix) with ESMTP id F10F73A0953
for <suit@ietfa.amsl.com>; Mon, 2 Aug 2021 08:20:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.895
X-Spam-Level:
X-Spam-Status: No, score=-1.895 tagged_above=-999 required=5
tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001,
SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001]
autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44])
by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id Pg7wRKPT6omS for <suit@ietfa.amsl.com>;
Mon, 2 Aug 2021 08:20:11 -0700 (PDT)
Received: from mail.smeinc.net (mail.smeinc.net [209.135.209.11])
(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
(No client certificate requested)
by ietfa.amsl.com (Postfix) with ESMTPS id 5905A3A0958
for <suit@ietf.org>; Mon, 2 Aug 2021 08:20:11 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1])
by mail.smeinc.net (Postfix) with ESMTP id 3D54D300BF6
for <suit@ietf.org>; Mon, 2 Aug 2021 11:20:10 -0400 (EDT)
X-Virus-Scanned: amavisd-new at mail.smeinc.net
Received: from mail.smeinc.net ([127.0.0.1])
by localhost (mail.smeinc.net [127.0.0.1]) (amavisd-new, port 10026)
with ESMTP id K-uwTfPCoEuK for <suit@ietf.org>;
Mon, 2 Aug 2021 11:20:06 -0400 (EDT)
Received: from a860b60074bd.fios-router.home
(pool-141-156-161-153.washdc.fios.verizon.net [141.156.161.153])
by mail.smeinc.net (Postfix) with ESMTPSA id 9DCAF300AEB;
Mon, 2 Aug 2021 11:20:06 -0400 (EDT)
From: Russ Housley <housley@vigilsec.com>
Message-Id: <0338486B-7015-4A04-9D58-D5841D582F8D@vigilsec.com>
Content-Type: multipart/alternative;
boundary="Apple-Mail=_65F2B6A3-D5B2-404E-BFD1-2B59005950AA"
Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.21\))
Date: Mon, 2 Aug 2021 11:20:05 -0400
In-Reply-To: <DBBPR08MB5915A2D3ED245147B68AF7ABFAEF9@DBBPR08MB5915.eurprd08.prod.outlook.com>
Cc: "suit@ietf.org" <suit@ietf.org>
To: Hannes Tschofenig <Hannes.Tschofenig@arm.com>
References: <DBBPR08MB5915A2D3ED245147B68AF7ABFAEF9@DBBPR08MB5915.eurprd08.prod.outlook.com>
X-Mailer: Apple Mail (2.3445.104.21)
Archived-At: <https://mailarchive.ietf.org/arch/msg/suit/P4yfE3ARb-LE8C6jNkptdp1lrig>
Subject: Re: [Suit] draft-ietf-suit-firmware-encryption: HPKE for COSE
X-BeenThere: suit@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Software Updates for Internet of Things <suit.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/suit>,
<mailto:suit-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/suit/>
List-Post: <mailto:suit@ietf.org>
List-Help: <mailto:suit-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/suit>,
<mailto:suit-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 02 Aug 2021 15:20:17 -0000
I strongly suspect that HPKE will be useful in non-SUIT applications, so I would like to approach COSE about the best way to move forward. Russ > On Aug 2, 2021, at 11:08 AM, Hannes Tschofenig <Hannes.Tschofenig@arm.com> wrote: > > Hi all, > > Currently we have newly introduced the use of HPKE for COSE in the firmware encryption draft. > > HPKE could, however, be useful for other applications using COSE as well. > > So, the question is: Should the HPKE functionality be defined separately for use with COSE or be defined specifically for use with firmware encryption only? > > The answer to this question is a bit speculative because we have to guess whether HPKE will be useful for other applications using COSE. Currently, HPKE is used in various IETF protocols (MLS, TLS Encrypted ClientHello, Privacypass) but none of those applications utilize COSE. > > Thoughts? > > Ciao > Hannes > > IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you. _______________________________________________ > Suit mailing list > Suit@ietf.org <mailto:Suit@ietf.org> > https://www.ietf.org/mailman/listinfo/suit <https://www.ietf.org/mailman/listinfo/suit>
- [Suit] draft-ietf-suit-firmware-encryption: HPKE … Hannes Tschofenig
- Re: [Suit] draft-ietf-suit-firmware-encryption: H… Russ Housley
- Re: [Suit] draft-ietf-suit-firmware-encryption: H… Benjamin Kaduk
- Re: [Suit] draft-ietf-suit-firmware-encryption: H… Hannes Tschofenig