Hi Ken,
in the example we have selected a dummy kid value but in a real-world example it must be set to something meaningful. Nevertheless, your example makes sense to me. What I do not want is to mandate the symmetric key thumbprint in the SUIT firmware encryption document because I am certain that deployments want the option to use a different key naming scheme. Ciao Hannes Von: COSE <[email protected]> Im Auftrag von Ken Takayama Gesendet: Freitag, 28. Juli 2023 03:03 An: Tschofenig, Hannes <[email protected]> Cc: [email protected]; Michael Jones <[email protected]>; cose <[email protected]>; [email protected] Betreff: Re: [COSE] draft-ietf-cose-key-thumbprint-00.txt Hi Hannes, <https://datatracker.ietf.org/doc/html/draft-ietf-suit-firmware-encryption-13#name-example> This could be a use case. Currently we set the fixed value 'kid-1' to one recipients as an example, but there could be multiple recipients and multiple symmetric KEKs. A recipient Device may easily select the appropriate key and inner recipient structre to decrypt the payload. Best, Ken
_______________________________________________ COSE mailing list [email protected] https://www.ietf.org/mailman/listinfo/cose
