On Sat, Oct 11, 2025 at 02:08:58PM +0100, Neil Madden wrote: > > > > On 11 Oct 2025, at 13:24, Ilari Liusvaara <[email protected]> wrote: > > > > On Sat, Oct 11, 2025 at 10:29:59AM +0100, Neil Madden wrote: > >> https://neilmadden.blog/2018/09/30/key-driven-cryptographic-agility/ > > > > AKP is incompatible with key driven cryptographic agility. > > > > The idea of key driven cryptographic agility is to specify some > > cryptographic service (e.g., signature, mac, KEM) at protocol level and > > then have key specify how exactly that is implemented. And since this > > is polymorphic by definition, KDCA is also incompatible with fully > > specified algorithms. > > None of these things is true.
More fundamental issue is that the closest approximation JOSE has to KDCA is polymorphic algorithms (and folks seem to dislike those). And even that would not do in this case. (COSE would have other tricks, but I would imagine folks would be rather hesitant with those, given how weird and "not aligned with JOSE" that stuff is.) -Ilari _______________________________________________ jose mailing list -- [email protected] To unsubscribe send an email to [email protected]
