Sipos, Brian J. <[email protected]> wrote: > Ilari, Thanks for confirming this. It does appear that the section on > AES-KW in RFC 9053 [2] includes the statement "The protected header > bucket MUST be empty." and two families defined in RFC 9459 [3] have > similar statements. But the direct (-6) algorithm makes no such > statement nor does the RSAES-OAEP family [4]. So it seems desirable but > inconsistent.
> Does this rise to the level of an errata for the general discussion of
> protected header in RFC 9052? I think having specific guidance there
> would help understanding for those who don't have a huge background in
> this ecosystem.
I definitely think it rises to the level of an errata.
{Whether this helps out implementers in the end depends upon how well the RPC
and RSWG is able to up-level errata}
Given that 9052/9053 is already IS, as STD 96, I think we are unlikely to
revise it soon.
I wonder if this confusion is large enough to merit and Updates document.
I think some of the confusion might be a gap between the two documents?
--
Michael Richardson <[email protected]> . o O ( IPv6 IøT consulting )
Sandelman Software Works Inc, Ottawa and Worldwide
signature.asc
Description: PGP signature
_______________________________________________ COSE mailing list -- [email protected] To unsubscribe send an email to [email protected]
