On Wed, Jul 10, 2024 at 10:19 AM Les Hazlewood <[email protected]> wrote:
> > > Any new specification that defines a single string cipher suite >> definition >> > should be *additive*, not regressive. A new header could be defined >> (e.g. >> > `csuite`) and that can have that string for the times when it may be >> needed. >> >> Or have "enc":"dir" and have that call into new algorithm operations. >> > > This fundamentally changes the semantics of the existing headers. In > JOSE, for 10+ years: > > "alg" has always meant "algorithms used for producing the content > encryption key" > "enc" means "AEAD algorithm used to encrypt the content with the content > encryption key" > > Changing these semantics has *significant* implications to existing > libraries, especially typesafe ones that codify these concepts in type-safe > APIs used by application developers (Key types, Interface definitions, etc). > And I would respectfully ask that draft-ietf-jose-hpke-encrypt not attempt to redefine, change, or update the JWE semantics. -- _CONFIDENTIALITY NOTICE: This email may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited. If you have received this communication in error, please notify the sender immediately by e-mail and delete the message and any file attachments from your computer. Thank you._
_______________________________________________ jose mailing list -- [email protected] To unsubscribe send an email to [email protected]
