COSE IETF 113

Connection details

Action Items

Minutes

Opening remarks by the chairs – Mike Jones [1:00-1:05]

Pieter Kasselman - Note taker
Ben Kaduk and Ivaylo Petrov - monitor jabber

Status of advancing the COSE bis documents to standards – Ivaylo Petrov [1:05-1:15]

Add link to slides: https://datatracker.ietf.org/doc/slides-113-cose-cose-113-draft-status/
Discussion points: Comments to be followed up on mailing list

draft-ietf-cose-hpke – Hannes Tschofenig [1:15-1:25]

Link to slides: https://datatracker.ietf.org/meeting/113/materials/slides-113-cose-draft-ietf-cose-hpke-00
Defined a new structure
HPKE Algorithm Registry in COSE
- 3 possible approaches (first one no longer possible)
- Ben Kaduk - suggests that Hannes should follow-up with IANA (use office hours, or registration policy for COSE registered experts)
- Ben Kaduk recommends option 2
Compressed Points
- Russ Housley - pointed out that desirable in small devices as it causes larger code footprint.
- Milois - There are options that does not require square root implementations. See RFC 6090
Info Structure
- Follow-up on removing option on mailing list.

draft-looker-cose-bls-key-representations – Mike Jones [1:25-1:32]

Link to slides: https://datatracker.ietf.org/meeting/113/materials/slides-113-cose-draft-looker-cose-bls-key-representations-00
Supports zero-kowledge and aggregate signature schemes
Russ Housley: Not opposed, just wan to make charter is aligned.
Chairs will take this up with area diectoror
Request for following up on mailing list

draft-looker-cose-cwt-claims-in-headers – Mike Jones [1:32-1:40]

Link to slides: https://datatracker.ietf.org/meeting/113/materials/slides-113-cose-draft-looker-cose-cwt-claims-in-headers-00
Request for following up on mailing list

draft-prorock-cose-post-quantum-signatures – Mike Prorock [1:40-1:50]

Link to slides: https://datatracker.ietf.org/doc/slides-113-cose-draft-prorock-cose-post-quantum-signatures/
Focused on hash based and lattice based scheems
NIST Process is still ongoing (round 3)
Ask on group: Read draft and comment/feedback
Brendan Moran: Already a place COSE for one of the algorithms. See RFC8778 (HSS-LMS already has a code point)
Jonathan Hammel: If algorithms are not standardised by NIST, needs to go through CFRG for evaluation.
Andrew Freglt: Are all the algorithms NIST approved post quantum (There was a mention here that HSS-LMS and XMSS are already NIST approved via Special Pub 800-208 even though they weren't in the "competition".)
Benjamin Kaduk: Support reducing fuctionality, it simplifies choices
Emmanuell Baccelli: Suggests consideration for constrained devices. We have this experimental evaluation of post-quantum signatures for constrained devices in the context of COSE/SUIT software udpates on RIOT devices https://eprint.iacr.org/2021/781.pdf (to appear at ACNS 22)
Mike Prorock - there are related specs (https://csrc.nist.gov/Projects/stateful-hash-based-signatures)
Mike Jones - COSE is chartered to register new algorithm identifiers, not new algorithms. Recommends focus on identifiers to remain within charter.

draft-selander-cose-kid-int – Göran Selander [1:50-2:00]

Link to slides: https://datatracker.ietf.org/meeting/113/materials/slides-113-cose-extending-kid-to-int-01
Benjamin Kaduk: Agrees that using kid as basis is good, but needs section on how to use it to retain interoperability. Goran: Not currently in the draft. Ben: recommends to include text in future updates
Mike Jones: In current form it is a breaking change. No RFC8152 can support it as is.

Open Microphone

Relationship of point format to the curve: how to signal new formats on same curves can create interop problems. May need to define new curves to disambiguiate between implementations.
John Preuß Mattsson: I think "compression" should be optional not mandatory. I think it makes more sense to specify optional "Compact representation" rather then "point compression". I see no benefits of point compression over compact representation.
Benjamin Kaduk: Appears reasonable that BLS work it is in charter.
Mike Jones: Thanks Benjamin Kaduk for contribution as securtity area director