On Thu, Jul 11, 2024 at 02:18:23PM +0530, tirumal reddy wrote: > On Thu, 11 Jul 2024 at 13:12, Ilari Liusvaara <[email protected]> > wrote: > > > On Thu, Jul 11, 2024 at 11:19:19AM +0530, tirumal reddy wrote: > > > > > > > > > I would like add another option proposed below for HPKE JWE Integrated > > > Encryption Mode: > > > > > > The algorithm name SHALL be of the form "HPKE-P256-SHA256". > > > The "enc" value SHALL be " A128GCM". > > > The hpke-aad SHALL be of the form "protected (.aad)", as described in > > Step > > > 15 of RFC7516. > > > The hpke-info SHALL be the same as is provided to concatKDF info for > > > ECDH-ES, as described in > > > https://datatracker.ietf.org/doc/html/rfc7518#section-4.6.2 > > > > JWE does not allow doing that. > > > > Why does not JWE allow use of {"alg" : "HPKE-P256-SHA256", "enc": > A128GCM"} in case of direct key agreement mode ?
That would preclude bulk encryption using HPKE and require using HPKE secret export (SendExport* and ReceiveExport*) for generating CEK for performing standard JOSE bulk encryption. More complicated to implement, but does not need JWE extensions. When it comes to JWE modes, stuff either is or is not, there is no "similar". -Ilari _______________________________________________ jose mailing list -- [email protected] To unsubscribe send an email to [email protected]
