Need to clarify how to handle the HPKE version #279
Comments
|
(Don't apologize for good feedback.) Any incompatible HPKE revision would not be usable until a revised version of this document is published. That update would need to define new media type and whatnot. I don't know whether this needs to be explicit in the draft. I think that the "v1" in HPKE is less of a commitment to the idea that HPKE might be revised than it is reflection on the process of its authorship. The unadorned string "HPKE" could have turned into "HPKE-v2" just as easily as "HPKE-v1" can, but "HPKE-v1" is the same length as the "HPKE-08" string used in draft versions. None of that really implies that there is any need to revise HPKE. Also, a revision to HPKE would be very disruptive, so I don't think we need to spend too much time contemplating the possibility, other than to have the above answer handy. |
|
Thanks. I understand the reason why HPKE has the version label. It's unfortunate that "-v1" wasn't removed in the final stage of specification development, but
It makes sense. |
|
Marking this as resolved. |
This is the last comment on draft-06.
Although HPKE seems to be designed with an emphasis on ciphersuite agility, the HPKE spec defines a version label ("HPKE-v1") somehow. While it's unclear to me what is the trigger of defining v2 and what v2 will look like, I think some mention of how versions are handled in this OHTTP spec would be necessary.
Also, it's clear that OHTTP only uses the HPKE Base mode, but that fact is only implied by the pseudo-function name. I think it would be better to state this explicitly in the spec.
Again, I am very sorry for the feedback on the spec, which is almost finished.
The text was updated successfully, but these errors were encountered: