-
The ECH version is negotiated as follows: the server indicates which versions of ECH it supports by advertising a configuration for each supported version, and the client selects the version by select…
-
HPKE has it's own cipher suite code points, as well as the KEM id. I don't see why we're using TLS codepoints (ECHOConfigContents.suites and ClientEncryptedCH.suite) and yet also use one HPKE code poi…
sftcd updated
4 years ago
-
Please make sure that this is a build/installation issue. As per our [GitHub Policy](https://github.com/tensorflow/tensorflow/blob/master/ISSUES.md), wuie only address code/doc bugs, performance issue…
-
Following the instructions [here](https://docs.aws.amazon.com/iot/latest/developerguide/connecting-to-existing-device.html), I get errors trying to install aws-crt
Pre reqs:
cmake is already the n…
-
In section 5.1, might be useful to have return KeySchedule/Context take in the AEAD, to make it clear that a Context is bound to a particular AEAD.
In section 6, Seal calls SetupI instead of SetupS.
…
-
The HPKE draft refers to "Curve25519" and "DHKEM(Curve25519, HKDF-SHA256)" throughout the draft, but then section 8.8 mentions DHKEM-X25519.
I believe X25519 is correct here. RFC7748 defines "curve…
-
Solution options:
1. verify the cryptographic implementation against the canonical spec/implementation --perhaps using angr.io or manticore
2. migrate to something more robust... not sure of perform…
-
We previously decided not to bind the outer ClientHello to the ECH decryption, because doing so is rather a hassle. We'd need something similar to the TLS 1.3 PSK binder mess, with the added complexit…
-
The F* normalizer loops when typchecking the following code:
```
module Impl.Noise.Bug1
open FStar.All
#set-options "--z3rlimit 15 --fuel 0 --ifuel 1"
[@(strict_on_arguments [0])]
let ty (p : un…
-
This is just an editorial comment. The spec doesn't seem to define the contents of a "context" very clearly. Section 5 says:
> A "context" encodes the AEAD algorithm and key in use, and manages the n…