> > Which combinations of public key mechanism, key derivation/expansion, > and aead are of main interest?
The required combinations for the encrypted client hello [0] in TLS will be the main focus, then continuous implementation of the others. Do you expect the specification to be finalized soon? > I do not know when the specification will be finalized, however implementations of HPKE already exist [1]. The analysis can be found here [2]. [0] https://tools.ietf.org/html/draft-ietf-tls-esni-09#section-9 [1] https://github.com/cfrg/draft-irtf-cfrg-hpke/ [2] https://eprint.iacr.org/2020/1499 Regards Norbert Pócs On Thu, Feb 25, 2021 at 8:02 PM Niels Möller <ni...@lysator.liu.se> wrote: > Norbert Pocs <np...@redhat.com> writes: > > > My current project is the implementation of HPKE draft [0]. The first > goal > > is to implement mode_base. > > Hi, I was not aware of this work. It could make sense to support in > Nettle, in particular if GnuTLS wants to use it. > > Which combinations of public key mechanism, key derivation/expansion, > and aead are of main interest? > > Do you expect the specification to be finalized soon? > > Regards, > /Niels > > -- > Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677. > Internet email is subject to wholesale government surveillance. > > _______________________________________________ nettle-bugs mailing list nettle-bugs@lists.lysator.liu.se http://lists.lysator.liu.se/mailman/listinfo/nettle-bugs
