- From: Kari Hurtta <hurtta-ietf@elmme-mailer.org>
- Date: Sun, 30 Oct 2016 20:26:03 +0200 (EET)
- To: Julian Reschke <julian.reschke@gmx.de>
- CC: Martin Thomson <martin.thomson@gmail.com>, HTTP working group mailing list <ietf-http-wg@w3.org>
> That said, doesn't have Crypto-Key a similar problem (in that you might > not now what applied encryption content codings it applies to)? http://httpwg.org/http-extensions/encryption-preview.html#crypto-key | keyid: | The “keyid” parameter corresponds to the “keyid” parameter in the content | coding. | aes128gcm: | The “aes128gcm” parameter contains the base64url-encoded octets [RFC7515] of | the input keying material for the “aes128gcm” content coding. So there is keyid and it is also on http://httpwg.org/http-extensions/encryption-preview.html#header | +-----------+--------+-----------+------------+ | | salt (16) | rs (4) | idlen (1) | id (idlen) | | +-----------+--------+-----------+------------+ I guess that this "id" is keyid: | keyid: | The “keyid” parameter can be used to identify the keying material that is | used. When the Crypto-Key header field is used, the “keyid” identifies a | matching value in that field. The “keyid” parameter MUST be used if keying | material included in an Crypto-Key header field is needed to derive the | content encryption key. The “keyid” parameter can also be used to identify | keys in an application-specific fashion. This | rs: | The “rs” or record size parameter contains an unsigned 32-bit integer in | network byte order that describes the record size in octets. Note that it is | therefore impossible to exceed the 2^36-1 limit on plaintext input to | AEAD_AES_128_GCM. Values smaller than 3 are invalid. Is that 2^36-1 same than 2^36-31 here: http://httpwg.org/http-extensions/encryption-preview.html#limits | There are limits to the data that AEAD_AES_128_GCM can encipher. The maximum | record size is 2^36-31 [RFC5116]. / Kari Hurtta
Received on Sunday, 30 October 2016 18:26:38 UTC