https://datatracker.ietf.org/doc/slides-119-cose-cose-chair-slides/
https://datatracker.ietf.org/doc/slides-119-cose-cose-hpke/
HT is presenting the slides.
Explains the improvements in therminology.
p4 - Explains context setting and why that is important to prevent
attacks. We will get a look by a real cryptographer, who worked on a
~recently announced attack.
MO: There was a recently presented attack
Tirumaleswar Reddy.K: It should not affect this draft
OS: There is time to figure this out
HT: Maybe it's for the draft that will be presented after this.
HT: Hopes to have this stable by next IETF.
https://datatracker.ietf.org/doc/slides-119-cose-cose-key-thumbprint/
There was been some feedback, there will be probably more feedback to
come (please get your feedback before april fool's day).
https://datatracker.ietf.org/doc/slides-119-cose-cwt-chain/
Originally was in SUIT document (you think some CWT like a certificate,
but was not able to present a chain). Extracted it from the SUIT
document to allow using it outside of SUIT.
They didn't need the whole x509 terminology for what they needed.
Explains relation to RFC 9360.
CB: I see a pattern - can we find a more generic solution.
?: I would expect only one of the options (1-2 header parameter) to be
used at a time.
OS: There would be security implications if multiple header parameters
are present at the same time.
MJ: Anyone for and against doing a call for adoption on the list? (a few
people nod in support, no one reacts to speak against)
Talks about the federation meta-data trust chain.
Mike+Hannes pointing out that there is a possiblity to collaborate on a
common document.
Orie suggests to talk to STIR for chaining.
Casten: Do you need to know that it is an OIDC document?
John: Yes, if you want to do something more complex.
Hannes+John: Need to find out what level of application logic is needed
in the specification for parsing the trust chain.
https://datatracker.ietf.org/doc/slides-119-cose-pq-signatures/
Mike talked about the draft update.
Question for the group: At what point should we register the algorithms?
MikeJ: Pre-registrations could be done (for interop-testing)
MikeO: Don't register something in IANA prior to NIST completing the
work so that you do not have non-interoperable implementations
Carsten: In COSE we have several ways to use values that do not require
a final registration (e.g. private key range)
https://datatracker.ietf.org/doc/slides-119-cose-cose-receipts/
Generic scheme for creating receipts for logs
Mike: Who can liaison with the SCITT group?
Orie: I can.
Support from the SCITT people in the receipt field.
https://datatracker.ietf.org/doc/slides-119-cose-c509-certificates/
Would like to get the document to WGLC before the next meeting.
John starts his presentation.
Monty will requirew the document. Steve will also take a look
MikeO: If we make a breaking verification, you better make the changes
now.
Carsten: How will those who have deployed the specification already be
dealing with the proposed change with the signature algorithm?
Mike: what is the reason for moving the field?
John: Performance improvement
Mike: Is there a pre-allocation of assigned numbers?
John: No.
Mike: If it is not final, it is not final.
It is up to you what you request.
Carsten: Change the number and mark the old number as reserved.
Goran: Could we ask this question to the group?
Poll by Mike: Should we change numbers?
Mike: Support for suggestion for Carsten.
Goran: Should we reserve the old number?
John: There is no suggestion to Carsten's suggestion.
Orie: Don't do the compressed curve representation of the curve. It is
similar to the ECC compression. The compressed versions are not useful.
https://datatracker.ietf.org/doc/slides-119-cose-pq-kems-for-cose-and-jose/
Tiru: ML-KEM does not seem to have the same security properties than the
HPKE draft.
Orie: In the COSE registry there are lots of algorithms. Does the COSE
working group wants this KEM constructions without the wrappers? Let's
not have a bunch of algorithms mostly doing the same thing.
MikeP.: A lot of feedback was alerady provided yesterday at JOSE.
Vote on moving the alg? in c509 (outcome definite yes - 9? for, no
against).
~Should we mark as reserved the old numbers (outcome probably yes - 4-5
yes, 4-5 I don't know)