hi Jim, thanks for you answer. Some note inline On May 20, 2015, at 1:13 AM, Jim Schaad <[email protected]> wrote:
> As a general rule, if you are wrapping the CEK in another layer, then a new > CEK is going to be generated every time. so, if this is the case also for [0] and the CEK is new every time is really necessary to have a different IV every time? > This would not be the case if you > were using the "direct" recipient algorithm. what do you mean with direct recipient ? Is there any pointer i can look at :) ? regards antonio > > Jim > > > -----Original Message----- > From: jose [mailto:[email protected]] On Behalf Of Antonio Sanso > Sent: Tuesday, May 19, 2015 5:59 AM > To: [email protected] > Subject: [jose] RSAES OAEP and AES GCM usage scenario > > hi *, > > in [0] there is an example of JWE with RSAES OAEP and AES GCM. > One of the first steps says "Generate a 256 bit random Content Encryption > Key (CEK)." > My question is,in a real use case scenario would you expect that a new CEK > is generated for every single JWE message? > > thanks > > antonio > > > [0] > https://tools.ietf.org/html/draft-ietf-jose-json-web-encryption-40#appendix- > A.1 > _______________________________________________ > jose mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/jose > _______________________________________________ jose mailing list [email protected] https://www.ietf.org/mailman/listinfo/jose
