> > Why they should not? > Because the working group was polled and agreed that we are not going to be using OKP. But at this point I am repeating myself, again. I wish for a published draft to reflect the recorded outcome from the WG meeting.
S pozdravem, *Filip Skokan* On Thu, 7 Aug 2025 at 15:51, Ilari Liusvaara <ilariliusva...@welho.com> wrote: > On Thu, Aug 07, 2025 at 02:00:49PM +0200, Filip Skokan wrote: > > > > Please publish a revision that reverts back to using AKP. There was no > > consensus on switching away from AKP in the first place, and the vote > that > > was requested on whether to use OKP resulted in a clear "No". I ask that > > you publish with AKP again because the longer a latest draft shows the > use > > of OKP the more likely it is that implementations will pick up on it, > which > > they shouldn't. > > Why they should not? OKP is the correct key type for ML-KEM key — despite > looking odd, which I suspect is behind many of those "no". > > > Furthermore: > > - alg=MLKEM* keys are a footgun, similarly as alg=ECDH is a footgun, > and almost always what you actually wanted was use=enc, which ML-KEM > keys implicitly have anyway. > - It is impossible for an implementation to confuse ML-KEM and > ML-KEM+AESKW in security-relevant ways due to cryptographic > separation and both using the same keys. > - When using AKP for keys it should not be used for — e.g., anything > for DKA — it is possible for an implementation to confuse AKP keys in > nasty — for interoperability — ways. Worse, there might even be an > incentive to do so. > - JOSE does not guarantee that recipient uses JWK for keys. If the > recipient has non-JWK ML-KEM key, interoperability requires generic > ML-KEM keys, including public keys. > * Similarly for COSE and COSE_Key. > > > > > -Ilari > > _______________________________________________ > jose mailing list -- jose@ietf.org > To unsubscribe send an email to jose-le...@ietf.org >
_______________________________________________ jose mailing list -- jose@ietf.org To unsubscribe send an email to jose-le...@ietf.org
