On Thu, 9 Oct 2025 at 20:51, Matt Chanda <[email protected]> wrote:
> Hello, > > I did a review of the latest draft and the integrated encryption examples > and proposed format will work for my existing implementation with minor > changes on my side. > > However there is still one major blocker for my use of it. I still need > an algorithm for "HPKE-P256-SHA256-A256GCM" that used today, otherwise I > cant use the new standard when approved. While I dont think the format > should determine if the HPKE cipher suite is valid (HPKE should do that), > or if the algorithm strength is sufficient for the intended use (this is > sender/receiver policy), we are already past that. If we add another > "HPKE-X" algorithm or a way to handle adhoc combinations then it would work > for me. > For the P-256, the equivalent symmetric security level is 128 bits, it should be paired with the AES-128 algorithm for a matching security strength. Cheers, -Tiru > > Regards, > -matt > > > > On Oct 2, 2025, at 12:05 PM, [email protected] wrote: > > > > Internet-Draft draft-ietf-jose-hpke-encrypt-12.txt is now available. It > is a > > work item of the Javascript Object Signing and Encryption (JOSE) WG of > the > > IETF. > > > > Title: Use of Hybrid Public Key Encryption (HPKE) with JSON Object > Signing and Encryption (JOSE) > > Authors: Tirumaleswar Reddy > > Hannes Tschofenig > > Aritra Banerjee > > Orie Steele > > Michael B. Jones > > Name: draft-ietf-jose-hpke-encrypt-12.txt > > Pages: 21 > > Dates: 2025-10-02 > > > > Abstract: > > > > This specification defines Hybrid Public Key Encryption (HPKE) for > > use with JSON Object Signing and Encryption (JOSE). HPKE offers a > > variant of public key encryption of arbitrary-sized plaintexts for a > > recipient public key. > > > > HPKE is a general encryption framework utilizing an asymmetric key > > encapsulation mechanism (KEM), a key derivation function (KDF), and > > an Authenticated Encryption with Associated Data (AEAD) algorithm. > > > > This document defines the use of HPKE with JOSE. The specification > > chooses a specific subset of the HPKE features to use with JOSE. > > > > The IETF datatracker status page for this Internet-Draft is: > > https://datatracker.ietf.org/doc/draft-ietf-jose-hpke-encrypt/ > > > > There is also an HTML version available at: > > https://www.ietf.org/archive/id/draft-ietf-jose-hpke-encrypt-12.html > > > > A diff from the previous version is available at: > > > https://author-tools.ietf.org/iddiff?url2=draft-ietf-jose-hpke-encrypt-12 > > > > Internet-Drafts are also available by rsync at: > > rsync.ietf.org::internet-drafts > > > > > > _______________________________________________ > > jose mailing list -- [email protected] > > To unsubscribe send an email to [email protected] > > _______________________________________________ > jose mailing list -- [email protected] > To unsubscribe send an email to [email protected] >
_______________________________________________ jose mailing list -- [email protected] To unsubscribe send an email to [email protected]
