RFC Errata


Errata Search

 
Source of RFC  
Summary Table Full Records

RFC 8152, "CBOR Object Signing and Encryption (COSE)", July 2017

Note: This RFC has been obsoleted by RFC 9052, RFC 9053

Source of RFC: cose (sec)

Errata ID: 6597
Status: Reported
Type: Technical
Publication Format(s) : TEXT

Reported By: Anders Rundgren
Date Reported: 2021-06-03

Section 12.5.1. says:

The RFC is unclear to whether Concat KDF or HKDF is to be used:

In table 20 there is an entry:
ECDH-ES +  -31   | HKDF -  | yes        | A256KW | ECDH ES w/    |
   | A256KW    |       | SHA-256 |            |        | Concat KDF    |
   |           |       |         |            |        | and AES Key   |
   |           |       |         |            |        | Wrap w/       |
   |           |       |         |            |        | 256-bit key  

That is, the table talks both about Concat and HKDF.

The IANA registry for this algorithm says Concat KDF

Jim's sample code for algorithm -31 says HKDF.

It should say:

I have no corrected text to offer since I don't have the answer to the question raised.

Concat is referred to once and without any external references.  In JOSE, Concat denotes a NIST standard which is quite different to HKDF.

Notes:

It is pretty vital for interoperability knowing if Concat KDF or HKDF is to be used.

Report New Errata



Advanced Search