On Thu, 11 Jul 2024 at 18:29, Ilari Liusvaara <[email protected]> wrote:
> On Thu, Jul 11, 2024 at 02:18:23PM +0530, tirumal reddy wrote: > > On Thu, 11 Jul 2024 at 13:12, Ilari Liusvaara <[email protected]> > > wrote: > > > > > On Thu, Jul 11, 2024 at 11:19:19AM +0530, tirumal reddy wrote: > > > > > > > > > > > > I would like add another option proposed below for HPKE JWE > Integrated > > > > Encryption Mode: > > > > > > > > The algorithm name SHALL be of the form "HPKE-P256-SHA256". > > > > The "enc" value SHALL be " A128GCM". > > > > The hpke-aad SHALL be of the form "protected (.aad)", as described in > > > Step > > > > 15 of RFC7516. > > > > The hpke-info SHALL be the same as is provided to concatKDF info for > > > > ECDH-ES, as described in > > > > https://datatracker.ietf.org/doc/html/rfc7518#section-4.6.2 > > > > > > JWE does not allow doing that. > > > > > > > Why does not JWE allow use of {"alg" : "HPKE-P256-SHA256", "enc": > > A128GCM"} in case of direct key agreement mode ? > > That would preclude bulk encryption using HPKE and require using HPKE > secret export (SendExport* and ReceiveExport*) for generating CEK for > performing standard JOSE bulk encryption. More complicated to implement, > but does not need JWE extensions. > I don't get the complication, HPKE secret export is already used by protocols like OHAI. -Tiru > > When it comes to JWE modes, stuff either is or is not, there is no > "similar". > > > > > -Ilari > > _______________________________________________ > jose mailing list -- [email protected] > To unsubscribe send an email to [email protected] >
_______________________________________________ jose mailing list -- [email protected] To unsubscribe send an email to [email protected]
