On Tue, Apr 11, 2023 at 02:31:14PM -0500, Orie Steele wrote: > On Tue, Apr 11, 2023 at 2:11 PM Ilari Liusvaara <[email protected]> > wrote: > > > I think things should be split as follows: > > > > - This document will be definition of HPKE kty for COSE and JOSE. > > > > Seems like just adding the "kty" for HPKE to the HPKE COSE draft would be > better.
What would define how HPKE keys are represented in JWK (there apparently are usecases even if there is no HPKE in JOSE)? > Especially since the "kty" and "hkc" are not useful by themselves. "hkc" is part of "other aspects". And I think the "kty" would be useful on its own. Then as pointed out by L. Lundblade in IETF116 discussion, there is no precedent for anything like "hkc" in either JOSE or COSE. And that is not because there is no precedent for the issue: The very same issue does pop up in ECDH, and seems the approach taken by both COSE and JOSE is to not do anything about it in keys, but leave that to the application profile. > > - Any other aspects of keys in COSE (if any) go to COSE-HPKE document. > > > > The main thing I see in the current hpke key draft is the "hkc" parameter, > which maps directly to the IANA registries for HPKE and is also directly > coupled to the "alg" registry and "kty"... > hence my comment about just putting them in the same document. The present document mixes the kty and other aspects a lot. I think those should be separated. > I don't understand how you can use the key draft without reading HPKE COSE > at this point. That's because it goes much farther than just defining the kty. > And I also don't understand how to use the "alg" parameter in HPKE COSE, > without defining where it goes in keys. Standard COSE rules apply. > > - All work on other aspects of keys in JOSE is blocked on adopting > > JOSE-HPKE, and would go to that document. > > > > Yes, I agree that JOSE should not delay things, > but it seems that defining JWK representation that supports the "alg", > "kty" and "hpc" > parameters in a way similar to COSE Key, is a reasonable place to stop. Here be dragons. The major problem is that "alg" depends on how JOSE-HPKE works. I do not think anybody has any idea about that, other than that it certainly can not work similarly to COSE-HPKE. -Ilari _______________________________________________ COSE mailing list [email protected] https://www.ietf.org/mailman/listinfo/cose
