COSE Virtual Interim
====================

## Connection details

* Date: January 26, 2022
* Time: 08:00-09:00 Pacific, 17:00 CEST:
  https://www.worldtimebuddy.com/?qm=1&lid=8,12,100&h=8&date=2022-01-26&sln=8-9&hf=0
* Meeting recording:
  https://youtu.be/82Yso4ls54k
* Slides link:
  https://datatracker.ietf.org/meeting/interim-2022-cose-01/session/cose
  

# Attendees

* Ivaylo Petrov, Google
* Mike Jones, Microsoft
* Christian Amsüss
* Göran Selander, Ericsson 
* Carsten Bormann, TZI
* Rikard Höglund, RISE
* Marco Tiloca, RISE
* Russ Housley, Vigil Security
* Hannes Tschofenig, Arm
* Jonathan Hammell, Canadian Centre for Cyber Security
* Michael Richardson

# Action Items

- Chairs and AD will perform a consistency check between draft-ietf-cose-rfc8152bis-algs and draft-ietf-cose-rfc8152bis-struct, both in AUTH48
- Ivalyo will post an update to the x509 draft
- Hannes will post a request on CFRG mailing list to add in their IANA HPKE registry a request to inform COSE experts when updates are made
- Hannes will post draft-ietf-cose-hpke-01 before IETF 113

# Minutes

## Administrivia (Chairs) - 5 min

Minute takers: Hannes Tschofenig and Jonathan Hammell

## Document Status (Chairs) - 10 min
Ivaylo presented the document status based on the chair slides. 


## x509 (Chairs) - 10 min
https://github.com/cose-wg/X509/issues

Russ: Are these issues from WGLC?
Ivalyo: Some are from earlier, but yes these are being handled as WGLC issues.

issue #31: https://github.com/cose-wg/X509/issues/31 
Unfortunately none of the persons raising & discussing the issue where in the meeting.

No comment from meeting participants on issue #31.

Göran: Should a new version of the draft be published once the issues are resolved and closed.
Ivalyo: Yes, publishing a new version is a good idea once we reach consensus.
Göran: The draft says it is expired. So it would be great if we can have an updated version.

Ivalyo will update the draft. 

## draft-ietf-cbor-encoded-cert - 5 min

Göran: a couple of todos.
Some revocation information, such as OCSP, will be included but not everything. Will be in the next draft version. 

* Example of using devid cert

Requests for other implementations. There is one implementation converting X.509 certs to the compressed version by John (in Rust). 
There are requests for C-based implementations. The co-authors from the RISE group will implement the C-based library.

Looking for a full review of the draft from the working group.

## HPKE for COSE - Hannes - 20 min

https://github.com/cose-wg/HPKE

Hybrid public key encryption specification developed within the CFRG.

Call for adoption on including HPKE in COSE held before Christmas, but it has finished after delays over the holidays. Accepted as a work item and submitted as draft-ietf-cose-hpke-00.

Question as to whether to re-use the IANA HPKE registry or to create a new registry for COSE. Proposal to create a mapping such that when a new algorithm is added to the IANA HPKE registry, it will become available for COSE HPKE use as automatically. Göran, John and Ilari had requested this and Russ had expressed that he was in favour. No objections raised by meeting participants.

Carsten pointed out that an automatic process for this mapping is not available in IANA at this time, so it may require some administrative work to synchronize.
Mike suggested putting instructions for experts to do this. Russ pointed out that COSE is not in charge of the main HPKE registry, so it is not as clean.

Jonathan asked if there is an issue to selecting values for algorithms since COSE reserves low values for high-use parameters. Hannes said this can be handled for the initial case, but there will need to be rules going forward. Carsten said it should be the job for the COSE expert to select the values in the registry, and we should request adding instructions to the CFRG registry to inform the COSE experts when new algorithms are added. Hannes will post a request for such instructions to the CFRG mailing list.

Currently there is a three layer structure. Ilari had proposed collapsing to a two layer structure to have smaller size and match the AES-KW structure. Disadvantage in that it does not match other semi-static techniques in COSE. Russ said he likes it because it aligns well for COSE use case in SUIT. Carsten encouraged pursuing this, but needs to look at it further. Later, Göran expressed support for the two layer structure, but headers may need to be protected whereas it is not required in the AES-KW structure. Russ said we need to think through the structure for multiple recipients. Hannes said that the first layer would be unchanged for multiple recipients, but the second layer would need to be repeated. Russ clarified that the wrapped content encryption key will be different for each recipient. Hannes will move the -01 revision of the draft to use the two-layer structure.

Ilari had suggested to define a new KTY structure for use in HPKE since it would work with new post-quantum algorithms. One suggestion was to use elliptic curve compressed points. Carsten that compressed points were not used earlier due to patents, but these patents may now have expired. Russ informed the group that Wikipedia says the patent was enforceable until end of 2020. Second suggestion is to allow the COSE_Key structure to carry private keys. This could be useful for configuration and keys in DNS. It is also in-line with Encrypted Client Hello approach in TLS WG. New key type structure could just be a new value in an existing COSE registry. 

Revision of draft (-01) planned to be submitted in time for IETF 113. Will require update to the corresponding SUIT firmware encryption draft.

Reference implementation is being worked on in order to generate examples. This reference implementation may be worked on at the IETF 113 hackathon.

## AOB - 10 min

No other business raised.