On Thu, 24 Apr 2025 22:10:35 GMT, Weijun Wang <wei...@openjdk.org> wrote:
>> I can add a sentence saying if an implementation does not provide default >> numeric algorithm identifiers then an exception will be thrown if `of()` is >> used by the sender. >> >> I still think it's useful to provide defaults. Now that the recipient >> requires the numeric algorithm identifiers to be provided, at least this >> will no longer be an interop issue between implementations. As for future >> new KEM or KDF algorithms for EC/XDH keys, I believe they will have >> different numeric algorithm identifiers and users can just specify them so >> there will be need for "HPKE2". >> >> In fact, suppose the current `kem_id` for XDH is found insecure one day and >> a new one is defined, we can update the `@implNote` to make the new one the >> default. Those using `of()` will automatically switch to the safer one and >> there is no need to update the code. That said, this does need both sides >> supporting the new `kem_id`. > > I’d prefer requiring callers to explicitly specify the three algorithm > identifiers rather than introducing profile names. There are several reasons > for this: > > 1. Clarity and consistency: These identifiers are standardized and maintained > by IANA in a single registry, making them familiar and unambiguous for all > HPKE implementers. > 2. Profiles are not precise enough: RFC 9180 allows multiple combinations of > algorithm identifiers for a single key type. We'd still need to define what > the default is within this profile, which defeats the purpose of using the > profile name as a shortcut. > 3. Profiles are mainly for new key types: Future profiles will most likely be > introduced for new key algorithms (e.g., "RFC9180" for EC/XDH, > "draft-connolly-cfrg-xwing-kem" for X-Wing, and > "draft-connolly-cfrg-hpke-mlkem" for ML-KEM). Unless a profile defines new > combinations for existing key types, it’s not necessary to require users to > select among profile names at all. On the other hand, I assume we don’t want > to introduce default profiles for key algorithms. I'm ok with this now that you removed the no parameter `of()`. ------------- PR Review Comment: https://git.openjdk.org/jdk/pull/18411#discussion_r2298989133
