Section 4.1.6 of the JWE draft describes the “kid” attribute of the JWE header as a "hint [that] references the public key to which the JWE was encrypted”. If the JWE were encrypted in direct key agreement mode, would it be incorrect for the “kid” attribute to reference the CEK used in the JWE?
Thanks, Andrew
_______________________________________________ jose mailing list [email protected] https://www.ietf.org/mailman/listinfo/jose
