On Thu, 11 Jul 2024 at 13:12, Ilari Liusvaara <[email protected]> wrote:
> On Thu, Jul 11, 2024 at 11:19:19AM +0530, tirumal reddy wrote: > > > > > > I would like add another option proposed below for HPKE JWE Integrated > > Encryption Mode: > > > > The algorithm name SHALL be of the form "HPKE-P256-SHA256". > > The "enc" value SHALL be " A128GCM". > > The hpke-aad SHALL be of the form "protected (.aad)", as described in > Step > > 15 of RFC7516. > > The hpke-info SHALL be the same as is provided to concatKDF info for > > ECDH-ES, as described in > > https://datatracker.ietf.org/doc/html/rfc7518#section-4.6.2 > > JWE does not allow doing that. > Why does not JWE allow use of {"alg" : "HPKE-P256-SHA256", "enc": A128GCM"} in case of direct key agreement mode ? > > "A128GCM" is valid AEAD algorithm, and JWE is very clear on how such > thing is processed. And that processing is flat out incompatible with > Integrated Encryption or using HPKE for bulk encryption. > > > > > -Ilari > > > _______________________________________________ > jose mailing list -- [email protected] > To unsubscribe send an email to [email protected] >
_______________________________________________ jose mailing list -- [email protected] To unsubscribe send an email to [email protected]
