On Sat, Feb 10, 2024 at 11:14:20AM +0100, Filip Skokan wrote:
> General JWE JSON Serialization using direct encryption is indeed rather
> awkward given it's always only for a single recipient.
>
> I interpret that as saying that when Direct Encryption mode is used with
> > General JWE JSON Serialization, then there should be "recipients" field,
> > where value is [{}] (array of 1 empty object).
> >
>
> Not necessarily, it depends on which of the JOSE header locations is used
> to indicate the JWE alg and enc. A JWE Per-Recipient Unprotected Header can
> be used which would mean it's not an empty object in that array. Although
> with a single recipient there's no point in using anything but the JWE
> Protected Header.
>
> I've composed a quick demonstration of the different results here
> <https://gist.github.com/panva/a5e3cd3b1dca7a73b9f73fda3caed167>.
Ugh. Apparently JWE does indeed allow sticking parameters like "enc" or
"zip" in per-recipient headers, as long as the values are the same for
all recipients. *vomit*. Of course, doing that is crazy, and and it is
completely reasonable for implementations to just categorically reject
such JWEs.
-Ilari
_______________________________________________
jose mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/jose
