[SIOP] Add missing enc/alg algorithms to IANA #6
Comments
|
For reference, the Chacha20-poly1305/XChacha20-poly1305 has been described in an internet draft. We just need to get it officially registered in IANA. https://tools.ietf.org/html/draft-amringer-jose-chacha-00 Also, X25519/ed25519 are defined in RFC 8037, so we should be good on that. The only thing left to spec out would be the description of XSalsa20/Salsa20 similar to how it's done in RFC 7539 and the to register it in IANA. |
|
Update: XSalsa20/Salsa20 couldn't be added because it's only an Authenticated Encryption (AE) algorithm not an Authenticated Encryption Additional Data (AEAD) algorithm. |
|
Yes, that is unfortunate. Because this means we cannot use TweetNacl which offers browser-friendly libraries (around 20KB). TweetNacl does not have support for XChacha or any other AEAD defined AEAD construction, only AE (XSalsa20Poly1305) which is a requirement of JWEs. My understanding is that we are currently looking into three different options:
@kdenhartog @pelle In all cases, we will have to provide the code/binary in DIF. Is this correct? |
|
@pelle @kdenhartog The TweetNacl author mentions that stablelib might not be |
|
Came across this, not sure if its useful. https://bcoin.io/docs/net_bip151.js.html There is also the original RFC for ECDH-ES with x25519 https://tools.ietf.org/html/rfc8037 IMO, the signature suites, key exchanges, or other protocol stuff that is not currently supported should be tracked one a case by case bases, with a single ticket linking to all available documentation. These things don't seem to be blocking for SIOP. |
|
Locking this discussion. Copied issue to new repository: decentralized-identity/did-siop#6 |
Add support for ECDH-ES (+ X25519) / XSalsa20-Poly1305 and ChaCha20-Poly1305 to JOSE/ IANA registry.
The text was updated successfully, but these errors were encountered: