You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The draft does not specify how the HPKE context (cipher suite, exporter secret, key, nonce, sequence number, etc.) is represented on the wire. There are use cases for HPKE in which it is desirable to transmit the context over a secure channel. For example, Cloudflare's prototype implementation of the Encrypted ClientHello (ECH) extension for TLS will offload KEM operations to an RPC server (cloudflare/go#30).
I'm not requesting a change to the spec at this point ... I just wanted to bring up the use case and ask what people think. I'm not sure, but it might make sense to standardize the encoding. One proposal is here: https://github.com/cisco/go-hpke/blob/master/hpke.go#L197. In addition to the above parameters, this format encodes the "role" of the context's user, i.e., whether they are the sender or receiver.
The text was updated successfully, but these errors were encountered:
There are many serialization formats possible (protobuf, DER, JSON, TLS syntax, ...). The "Context" type seems to refer to an implementation detail rather than an interchange format. If that is the case, then I don't think that a specific format has to be dicatated.
The draft does not specify how the HPKE context (cipher suite, exporter secret, key, nonce, sequence number, etc.) is represented on the wire. There are use cases for HPKE in which it is desirable to transmit the context over a secure channel. For example, Cloudflare's prototype implementation of the Encrypted ClientHello (ECH) extension for TLS will offload KEM operations to an RPC server (cloudflare/go#30).
I'm not requesting a change to the spec at this point ... I just wanted to bring up the use case and ask what people think. I'm not sure, but it might make sense to standardize the encoding. One proposal is here: https://github.com/cisco/go-hpke/blob/master/hpke.go#L197. In addition to the above parameters, this format encodes the "role" of the context's user, i.e., whether they are the sender or receiver.
The text was updated successfully, but these errors were encountered: